auth

package

v0.0.0-...-8dc6894 Latest Latest Go to latest Published: Sep 29, 2020 License: Unlicense Imports: 5 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/getcouragenow/modules

Documentation ¶

Index ¶

Constants
Variables
type AuthError
- func (err AuthError) Error() string
type AuthErrorReason
type Claimant
type TokenClaims
- func NewTokenClaims(exp time.Duration, c Claimant) *TokenClaims
type TokenConfig
- func NewTokenConfig(accessSecret, refreshSecret []byte) *TokenConfig
type TokenPairDetails

Constants ¶

View Source

const (
	ErrInvalidParameters = iota
	ErrInvalidCredentials
	ErrMissingToken
	ErrInvalidToken
	ErrDecryptionToken
	ErrInsufficientRights
	ErrRegistrationError
	ErrCreatingToken
	ErrAccountNotFound
)

Variables ¶

View Source

var (
	DefaultAccessExpiration  = 10 * time.Minute    // 10 minutes access token
	DefaultRefreshExpiration = 14 * 24 * time.Hour // two weeks
)

Functions ¶

This section is empty.

Types ¶

type AuthError ¶

type AuthError struct {
	Reason AuthErrorReason
	Err    error
}

AuthError containing error reason and golang's err

func (AuthError) Error ¶

func (err AuthError) Error() string

type AuthErrorReason ¶

type AuthErrorReason int

type Claimant ¶

type Claimant interface {
	GetEmail() string
	GetRole() *rpc.UserRoles
}

Claimants are ones who are able to get token claims

type TokenClaims ¶

type TokenClaims struct {
	UserId    string         `json:"userId"`
	Role      *rpc.UserRoles `json:"role"`
	UserEmail string         `json:"userEmail"`
	jwt.StandardClaims
}

TokenClaims is the representation of JWT auth claims

func NewTokenClaims ¶

func NewTokenClaims(exp time.Duration, c Claimant) *TokenClaims

create token claims for refresh / access token

type TokenConfig ¶

type TokenConfig struct {
	AccessSecret      []byte
	RefreshSecret     []byte
	AccessExpiration  time.Duration
	RefreshExpiration time.Duration
}

func NewTokenConfig ¶

func NewTokenConfig(accessSecret, refreshSecret []byte) *TokenConfig

func (*TokenConfig) NewTokenPairs ¶

func (tc *TokenConfig) NewTokenPairs(claimant Claimant) (*TokenPairDetails, error)

NewTokenPairs returns new TokenPairDetails for given Claimant

func (*TokenConfig) ParseTokenStringToClaim ¶

func (tc *TokenConfig) ParseTokenStringToClaim(authenticate string, isAccess bool) (TokenClaims, error)

ParseTokenStringToClaim parses given token (access or refresh) and returns token claims with embedded JWT claims if token is indeed valid

func (*TokenConfig) RenewAccessToken ¶

func (tc *TokenConfig) RenewAccessToken(tcl *TokenClaims) (string, error)

RenewAccessToken given a refresh token

type TokenPairDetails ¶

type TokenPairDetails struct {
	AccessToken  string
	RefreshToken string
	ATExpiry     int64  // unix epoch or nano (TODO @WinWisely268: specify be it in millis or in nanos, for now use milli)
	RTExpiry     int64  // same as above
	ATId         string // access token id, for storing to the database alongside refresh token id below
	RTId         string // this way we can update and delete token (somewhat) easily.
}

TokenPairDetails contain both AccessToken and RefreshToken of the user This in turn will be saved to the Genji / Badger DB as `session data`

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL