auth

package

v0.0.15 Latest Latest Go to latest Published: Feb 11, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/xraph/authsome

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type AuthResponse
type ChangePasswordRequest
type Config
type ConfirmEmailChangeRequest
type HookExecutor
type PasswordResetRepository
type PasswordResetResult
type RequestEmailChangeRequest
type RequestPasswordResetRequest
type ResetPasswordRequest
type Service
- func NewService(users user.ServiceInterface, session session.ServiceInterface, cfg Config, ...) *Service
type ServiceInterface
type SignInRequest
type SignOutRequest
type SignUpRequest

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrInvalidChangeToken     = errs.InvalidToken()
	ErrChangeTokenExpired     = errs.TokenExpired()
	ErrChangeTokenAlreadyUsed = errs.BadRequest("email change token has already been used")
)

Email change specific errors.

View Source

var (
	ErrInvalidResetToken     = errs.InvalidToken()
	ErrResetTokenExpired     = errs.TokenExpired()
	ErrResetTokenAlreadyUsed = errs.BadRequest("reset token has already been used")
)

Password reset specific errors.

Functions ¶

This section is empty.

Types ¶

type AuthResponse ¶

type AuthResponse = responses.AuthResponse

AuthResponse represents an authentication response.

type ChangePasswordRequest ¶ added in v0.0.6

type ChangePasswordRequest struct {
	OldPassword string `json:"oldPassword" validate:"required"`
	NewPassword string `json:"newPassword" validate:"required,min=8"`
}

ChangePasswordRequest represents a password change request.

type Config ¶

type Config struct {
	RequireEmailVerification bool `json:"requireEmailVerification"`
}

Config represents authentication configuration.

type ConfirmEmailChangeRequest ¶ added in v0.0.6

type ConfirmEmailChangeRequest struct {
	Token string `json:"token" validate:"required"`
}

ConfirmEmailChangeRequest represents an email change confirmation.

type HookExecutor ¶ added in v0.0.3

type HookExecutor interface {
	ExecuteBeforeSignUp(ctx context.Context, req *SignUpRequest) error
	ExecuteAfterSignUp(ctx context.Context, response *responses.AuthResponse) error
	ExecuteBeforeSignIn(ctx context.Context, req *SignInRequest) error
	ExecuteAfterSignIn(ctx context.Context, response *responses.AuthResponse) error
	ExecuteBeforeSignOut(ctx context.Context, token string) error
	ExecuteAfterSignOut(ctx context.Context, token string) error
}

HookExecutor defines the interface for executing auth-related hooks This interface allows the auth service to execute hooks without importing the hooks package, avoiding circular dependencies (hooks package imports auth for request types).

type PasswordResetRepository ¶ added in v0.0.6

type PasswordResetRepository interface {
	CreateVerification(ctx context.Context, verification *schema.Verification) error
	FindVerificationByToken(ctx context.Context, token string) (*schema.Verification, error)
	FindVerificationByCode(ctx context.Context, code string, verificationType string) (*schema.Verification, error)
	MarkVerificationAsUsed(ctx context.Context, id xid.ID) error
	DeleteExpiredVerifications(ctx context.Context) error
}

PasswordResetRepository defines verification token operations.

type PasswordResetResult ¶ added in v0.0.8

type PasswordResetResult struct {
	Token string // URL-safe token for email links
	Code  string // 6-digit numeric code for mobile entry
}

PasswordResetResult contains both token and code for password reset.

type RequestEmailChangeRequest ¶ added in v0.0.6

type RequestEmailChangeRequest struct {
	NewEmail string `json:"newEmail" validate:"required,email"`
}

RequestEmailChangeRequest represents an email change request.

type RequestPasswordResetRequest ¶ added in v0.0.6

type RequestPasswordResetRequest struct {
	Email string `json:"email" validate:"required,email"`
}

RequestPasswordResetRequest represents a password reset request.

type ResetPasswordRequest ¶ added in v0.0.6

type ResetPasswordRequest struct {
	Token       string `json:"token,omitempty"` // URL token for link-based reset
	Code        string `json:"code,omitempty"`  // 6-digit code for manual entry
	NewPassword string `json:"newPassword"     validate:"required,min=8"`
}

ResetPasswordRequest represents a password reset confirmation.

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service provides authentication operations.

func NewService ¶

func NewService(users user.ServiceInterface, session session.ServiceInterface, cfg Config, hookExecutor HookExecutor) *Service

NewService creates a new auth service.

func (*Service) ChangePassword ¶ added in v0.0.6

func (s *Service) ChangePassword(ctx context.Context, userID xid.ID, oldPassword, newPassword string) error

ChangePassword changes a user's password after verifying the old password.

func (*Service) CheckCredentials ¶

func (s *Service) CheckCredentials(ctx context.Context, email, password string) (*user.User, error)

CheckCredentials validates a user's credentials and returns the user without creating a session.

func (*Service) ConfirmEmailChange ¶ added in v0.0.6

func (s *Service) ConfirmEmailChange(ctx context.Context, token string) error

ConfirmEmailChange completes the email change flow.

func (*Service) CreateSessionForUser ¶

func (s *Service) CreateSessionForUser(ctx context.Context, u *user.User, remember bool, ip, ua string) (*responses.AuthResponse, error)

CreateSessionForUser creates a session for a given user and returns auth response This is typically used after credentials are already validated (e.g., after 2FA verification).

func (*Service) GetSession ¶

func (s *Service) GetSession(ctx context.Context, token string) (*responses.AuthResponse, error)

GetSession validates and returns session details.

func (*Service) RefreshSession ¶ added in v0.0.3

func (s *Service) RefreshSession(ctx context.Context, refreshToken string) (*responses.RefreshSessionResponse, error)

RefreshSession refreshes an access token using a refresh token.

func (*Service) RequestEmailChange ¶ added in v0.0.6

func (s *Service) RequestEmailChange(ctx context.Context, userID xid.ID, newEmail string) (string, error)

RequestEmailChange initiates an email change flow.

func (*Service) RequestPasswordReset ¶ added in v0.0.6

func (s *Service) RequestPasswordReset(ctx context.Context, email string) (string, string, error)

RequestPasswordReset initiates a password reset flow Returns token (for URL links) and code (for mobile entry).

func (*Service) ResetPassword ¶ added in v0.0.6

func (s *Service) ResetPassword(ctx context.Context, token, newPassword string) error

ResetPassword completes the password reset flow using token.

func (*Service) ResetPasswordWithCode ¶ added in v0.0.8

func (s *Service) ResetPasswordWithCode(ctx context.Context, code, newPassword string) error

ResetPasswordWithCode completes the password reset flow using 6-digit code.

func (s *Service) SignIn(ctx context.Context, req *SignInRequest) (*responses.AuthResponse, error)

SignIn authenticates a user and returns a session.

func (*Service) SignOut ¶

func (s *Service) SignOut(ctx context.Context, req *SignOutRequest) error

SignOut revokes a session.

func (s *Service) SignUp(ctx context.Context, req *SignUpRequest) (*responses.AuthResponse, error)

SignUp registers a new user and returns a session.

func (*Service) UpdateUser ¶

func (s *Service) UpdateUser(ctx context.Context, userID xid.ID, req *user.UpdateUserRequest) (*user.User, error)

UpdateUser updates the current user's fields via user service.

func (*Service) ValidateEmailChangeToken ¶ added in v0.0.6

func (s *Service) ValidateEmailChangeToken(ctx context.Context, token string) (bool, error)

ValidateEmailChangeToken checks if an email change token is valid.

func (*Service) ValidateResetToken ¶ added in v0.0.6

func (s *Service) ValidateResetToken(ctx context.Context, token string) (bool, error)

ValidateResetToken checks if a reset token is valid.

type ServiceInterface ¶

type ServiceInterface interface {
	SignUp(ctx context.Context, req *SignUpRequest) (*responses.AuthResponse, error)
	SignIn(ctx context.Context, req *SignInRequest) (*responses.AuthResponse, error)
	SignOut(ctx context.Context, req *SignOutRequest) error
	CheckCredentials(ctx context.Context, email, password string) (*user.User, error)
	CreateSessionForUser(ctx context.Context, u *user.User, remember bool, ipAddress, userAgent string) (*responses.AuthResponse, error)
	GetSession(ctx context.Context, token string) (*responses.AuthResponse, error)
	UpdateUser(ctx context.Context, id xid.ID, req *user.UpdateUserRequest) (*user.User, error)
	RefreshSession(ctx context.Context, refreshToken string) (*responses.RefreshSessionResponse, error)

	// Password management
	// RequestPasswordReset returns (token, code, error) where token is for URL links and code is 6-digit for mobile
	RequestPasswordReset(ctx context.Context, email string) (string, string, error)
	ResetPassword(ctx context.Context, token, newPassword string) error
	ResetPasswordWithCode(ctx context.Context, code, newPassword string) error
	ValidateResetToken(ctx context.Context, token string) (bool, error)
	ChangePassword(ctx context.Context, userID xid.ID, oldPassword, newPassword string) error

	// Email change
	RequestEmailChange(ctx context.Context, userID xid.ID, newEmail string) (string, error)
	ConfirmEmailChange(ctx context.Context, token string) error
	ValidateEmailChangeToken(ctx context.Context, token string) (bool, error)
}

ServiceInterface defines the contract for auth service operations This allows plugins to decorate the service with additional behavior.

type SignInRequest ¶

type SignInRequest struct {
	Email      string `json:"email"                validate:"required,email"`
	Password   string `json:"password"             validate:"required,min=8"`
	RememberMe bool   `json:"rememberMe,omitempty"`
	// Optional alternative naming per docs
	IPAddress string `json:"ipAddress,omitempty"`
	UserAgent string `json:"userAgent,omitempty"`
}

SignInRequest represents a signin request.

type SignOutRequest ¶

type SignOutRequest struct {
	Token string `json:"token" validate:"required"`
}

SignOutRequest represents a signout request.

type SignUpRequest ¶

type SignUpRequest struct {
	Email      string `json:"email"                validate:"required,email"`
	Password   string `json:"password"             validate:"required,min=8"`
	Name       string `json:"name"                 validate:"required"`
	RememberMe bool   `json:"rememberMe,omitempty"`
	IPAddress  string `json:"ipAddress,omitempty"`
	UserAgent  string `json:"userAgent,omitempty"`
}

SignUpRequest represents a signup request.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL