README
¶
Authentication REST API starter/skeleton/template with Auth0 authentication
Go
Featuring Many:Many relationship between organization and users for multi-tenant applications.
- Echo Framework
- Auth0
- go-pg (migrating to SQLX)
- go redis
- Inspired by https://github.com/ribice/gorsk
- Meant to be paired with https://github.com/jpurdie/frontend_auth
TODO's:
- Unit testing
- Middleware to use DB connection pool instead of new connection or use Redis to cache profiles and rolse
- Enhance docker integration
- Solidify error handling, logging, and responses
DB Pre-requisite:
CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
Documentation
¶
Index ¶
- Constants
- func ErrorMessage(err error) string
- func ErrorType(err error) string
- type AccessRole
- type AuthToken
- type AuthUser
- type Base
- type Error
- type ErrorResp
- type Invitation
- type ListQuery
- type Location
- type Logger
- type Organization
- type Pagination
- type PaginationReq
- type Ping
- type Pong
- type Profile
- type RBACService
- type RefreshToken
- type Role
- type User
Constants ¶
View Source
const ( ECONFLICT = "conflict" // action cannot be performed EINTERNAL = "internal" // internal error EINVALID = "invalid" // validation failed ENOTFOUND = "not_found" // entity does not exist )
Application error type.
Variables ¶
This section is empty.
Functions ¶
func ErrorMessage ¶
ErrorMessage returns the human-readable message of the error, if available. Otherwise returns a generic error message.
Types ¶
type AccessRole ¶
type AccessRole int
AccessRole represents access role type
const ( // SuperAdminRole has all permissions OwnerRole AccessRole = 500 // AdminRole has admin specific permissions SuperUserRole AccessRole = 400 // CompanyAdminRole can edit company specific things AdminRole AccessRole = 300 // LocationAdminRole can edit location specific things SupervisorRole AccessRole = 200 // UserRole is a standard user UserRole AccessRole = 100 )
type AuthUser ¶
type AuthUser struct {
ID int
CompanyID int
Username string
Email string
Role AccessRole
}
AuthUser represents data stored in JWT token for user
type Base ¶
type Base struct {
ID int `json:"-" db:"id"`
CreatedAt pq.NullTime `json:"-" db:"created_at"`
UpdatedAt pq.NullTime `json:"-" db:"updated_at"`
DeletedAt pq.NullTime `json:"-" db:"deleted_at"`
}
Base contains common fields for all tables
func (*Base) BeforeInsert ¶
BeforeInsert hooks into insert operations, setting createdAt and updatedAt to current time
type Error ¶
type Error struct {
// Machine-readable error code.
Code string `json:"-"`
CodeInt int `json:"code"`
// Human-readable message.
Message string `json:"msg"`
// Logical operation and nested error.
Op string `json:"-"`
Err error `json:"-"`
}
Taken from: https://middlemost.com/failure-is-your-domain/
Error defines a standard application error.
type Invitation ¶
type Invitation struct {
Base
TokenHash string `json:"-" db:"token_hash"'` //represents the hash of the token
TokenStr string `json:"-" pg:"-" sql:"-"` // represents the plaintext token string
ExpiresAt *time.Time `json:"expires_at" db:"expires_at"` //token expiration
InvitorID int `json:"-" db:"invitor_id"` //ID of the person sending the invite
Invitor *User `json:"-"` //person sending the invitation
OrganizationID int `json:"-" db:"organization_id"`
Organization *Organization `json:"organization"`
Email string `json:"email" db:"email"` //email of the user being invited
Used bool `json:"used" db:"used"`
UUID uuid.UUID `json:"-" db:"uuid"`
}
type Location ¶
type Location struct {
Base
Name string `json:"name"`
Active bool `json:"active"`
Address string `json:"address"`
CompanyID int `json:"company_id"`
}
Location represents company location model
type Logger ¶
type Logger interface {
// source, msg, error, params
Log(echo.Context, string, string, error, map[string]interface{})
}
Logger represents logging interface
type Organization ¶
type Pagination ¶
Pagination data
type PaginationReq ¶
PaginationReq holds pagination http fields and tags
func (PaginationReq) Transform ¶
func (p PaginationReq) Transform() Pagination
Transform checks and converts http pagination into database pagination model
type Profile ¶
type Profile struct {
Base
UUID uuid.UUID `json:"profileID" db:"uuid"`
UserID int `json:"-" db:"user_id"`
User *User `json:"-"`
OrganizationID int `json:"-" db:"organization_id"`
Organization *Organization `json:"organization"`
RoleID int `json:"-" db:"role_id"`
Role *Role `json:"role"`
Active bool `json:"-" db:"active"`
}
Company represents Profile model
type RBACService ¶
type RBACService interface {
User(echo.Context) AuthUser
EnforceRole(echo.Context, AccessRole) error
EnforceUser(echo.Context, int) error
EnforceCompany(echo.Context, int) error
EnforceLocation(echo.Context, int) error
AccountCreate(echo.Context, AccessRole, int, int) error
IsLowerRole(echo.Context, AccessRole) error
}
RBACService represents role-based access control service interface
type RefreshToken ¶
type RefreshToken struct {
Token string `json:"token"`
}
RefreshToken holds authentication token details
type Role ¶
type Role struct {
ID AccessRole `json:"-" db:"id"`
AccessLevel AccessRole `json:"-" db:"access_level"`
Name string `json:"name" db:"name"`
Active bool `json:"-" db:"active"`
}
Role model
type User ¶
type User struct {
Base
FirstName string `json:"firstName,omitempty" db:"first_name"`
LastName string `json:"lastName,omitempty" db:"last_name"`
Password string `json:"-" pg:"-" sql:"-"`
Email string `json:"email,omitempty" db:"email"`
Username sql.NullString `json:"-"`
Mobile sql.NullString `json:"-" db:"mobile"`
Phone sql.NullString `json:"-" db:"phone"`
Address sql.NullString `json:"-" db:"address"`
ExternalID string `json:"-" db:"external_id"`
UUID uuid.UUID `json:"id,omitempty" db:"uuid"`
OrganizationID int `json:"-" db:"organization_id"`
Profile []Profile `json:"profiles,omitempty"`
TimeZone *string `json:"timeZone" db:"timezone"`
}
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.