Documentation ¶
Index ¶
- Constants
- Variables
- func AuthLoadMiddleware(manager *AuthManager) alice.Chain
- func GenerateState() (string, error)
- func RequireAuthMiddleware(authManager *AuthManager) alice.Constructor
- func ValidateState(r *http.Request) error
- type AuthManager
- func (am *AuthManager) CheckPassword(email string, password string) (int, error)
- func (am *AuthManager) GetUser(r *http.Request) (ReadUser, error)
- func (am *AuthManager) GetUserCtx(ctx context.Context) (ReadUser, error)
- func (am *AuthManager) HandleOAuth(name string) http.HandlerFunc
- func (am *AuthManager) HandleOAuthCallback(name string) http.HandlerFunc
- func (am *AuthManager) Login(r *http.Request, data SessionData) error
- func (am *AuthManager) LoginCtx(ctx context.Context, data SessionData) error
- func (am *AuthManager) Logout(r *http.Request) error
- func (am *AuthManager) LogoutCtx(ctx context.Context) error
- func (am *AuthManager) PasswordSignup(email string, password string) (int, error)
- func (am *AuthManager) ThirdPartySignup(user UserAccount) (int, error)
- func (am *AuthManager) WithGithub(provider *GithubProvider)
- func (am *AuthManager) WithGoogle(provider *GoogleProvider)
- func (am *AuthManager) WithLogger(logger *slog.Logger)
- func (am *AuthManager) WithPostgres(pool *pgxpool.Pool)
- func (am *AuthManager) WithProvider(name string, provider OAuthProvider)
- func (am *AuthManager) WithSqlite(db *sql.DB)
- type AuthOpts
- type GithubProvider
- type GoogleProvider
- type GoogleToken
- type OAuthProvider
- type ReadUser
- type SessionData
- type UserAccount
Constants ¶
const OAUTH_STATE_SESSION_KEY = "oauth_state"
const OAUTH_VERIFIER_SESSION_KEY = "oauth_verifier"
const SessionUserIdKey = "user_id"
Variables ¶
var ( ErrUserExists = errors.New("user already exists with that email") ErrInvalidEmail = errors.New("invalid email") ErrInvalidPassword = errors.New("invalid password") )
var ErrStateMismatch = errors.New("state mismatch")
var (
ErrUnauthenticated = errors.New("unauthenticated")
)
Functions ¶
func AuthLoadMiddleware ¶
func AuthLoadMiddleware(manager *AuthManager) alice.Chain
func GenerateState ¶
GenerateState generates a random state string, base64 urlencoded with a length of 64 bytes
func RequireAuthMiddleware ¶
func RequireAuthMiddleware(authManager *AuthManager) alice.Constructor
func ValidateState ¶
ValidateState checks if the state in the query matches the state in the cookie, returns ErrStateMismatch if the states do not match Assumes the state cookie name is OAUTH_STATE_SESSION_KEY
Types ¶
type AuthManager ¶
type AuthManager struct { // SessionManager from https://github.com/alexedwards/scs, can be assigned to a custom session manager, // only guaranteed to work with pgxstore and sqlite3store SessionManager *scs.SessionManager // Optional logger for debugging Logger *slog.Logger // contains filtered or unexported fields }
func NewAuthManager ¶
func NewAuthManager(opts AuthOpts) *AuthManager
func (*AuthManager) CheckPassword ¶
func (am *AuthManager) CheckPassword(email string, password string) (int, error)
CheckPassword checks if the password is correct for the given email Returns user id if the password is correct to be used in the session Returns ErrInvalidEmail if the user with email is not found Returns ErrInvalidPassword if the password doesn't match the hash
func (*AuthManager) GetUserCtx ¶ added in v0.2.0
func (am *AuthManager) GetUserCtx(ctx context.Context) (ReadUser, error)
func (*AuthManager) HandleOAuth ¶
func (am *AuthManager) HandleOAuth(name string) http.HandlerFunc
func (*AuthManager) HandleOAuthCallback ¶
func (am *AuthManager) HandleOAuthCallback(name string) http.HandlerFunc
func (*AuthManager) Login ¶
func (am *AuthManager) Login(r *http.Request, data SessionData) error
func (*AuthManager) LoginCtx ¶ added in v0.2.0
func (am *AuthManager) LoginCtx(ctx context.Context, data SessionData) error
func (*AuthManager) LogoutCtx ¶ added in v0.2.0
func (am *AuthManager) LogoutCtx(ctx context.Context) error
func (*AuthManager) PasswordSignup ¶
func (am *AuthManager) PasswordSignup(email string, password string) (int, error)
func (*AuthManager) ThirdPartySignup ¶
func (am *AuthManager) ThirdPartySignup(user UserAccount) (int, error)
func (*AuthManager) WithGithub ¶ added in v0.2.0
func (am *AuthManager) WithGithub(provider *GithubProvider)
func (*AuthManager) WithGoogle ¶
func (am *AuthManager) WithGoogle(provider *GoogleProvider)
func (*AuthManager) WithLogger ¶ added in v0.2.0
func (am *AuthManager) WithLogger(logger *slog.Logger)
func (*AuthManager) WithPostgres ¶
func (am *AuthManager) WithPostgres(pool *pgxpool.Pool)
func (*AuthManager) WithProvider ¶
func (am *AuthManager) WithProvider(name string, provider OAuthProvider)
Add generic OAuth provider not covered by the built-in providers
func (*AuthManager) WithSqlite ¶
func (am *AuthManager) WithSqlite(db *sql.DB)
type GithubProvider ¶ added in v0.2.0
type GithubProvider struct {
// contains filtered or unexported fields
}
GitHub
func NewGithubProvider ¶ added in v0.2.0
func NewGithubProvider(clientId, clientSecret, redirectUrl string, postCallbackUrl string, extraScopes []string) *GithubProvider
func (*GithubProvider) HandleAuth ¶ added in v0.2.0
func (ghp *GithubProvider) HandleAuth(w http.ResponseWriter, r *http.Request)
func (*GithubProvider) HandleCallback ¶ added in v0.2.0
func (ghp *GithubProvider) HandleCallback(authManager *AuthManager) http.HandlerFunc
type GoogleProvider ¶
type GoogleProvider struct {
// contains filtered or unexported fields
}
func NewGoogleProvider ¶
func NewGoogleProvider(clientId, clientSecret, redirectUrl string, postCallbackUrl string, extraScopes []string) *GoogleProvider
func (*GoogleProvider) HandleAuth ¶
func (gp *GoogleProvider) HandleAuth(w http.ResponseWriter, r *http.Request)
func (*GoogleProvider) HandleCallback ¶
func (gp *GoogleProvider) HandleCallback(authManager *AuthManager) http.HandlerFunc
type GoogleToken ¶
type GoogleToken struct { AccessToken string `json:"access_token"` RefreshToken string `json:"refresh_token,omitempty"` Expiry time.Time `json:"expiry,omitempty"` IDToken string `json:"id_token"` ExpiresIn *int `json:"expires_in,omitempty"` Scope string `json:"scope"` }
GoogleToken is a custom struct to hold the oidc token response ExpiresIn remaining lifetime of the token in seconds
type OAuthProvider ¶
type OAuthProvider interface { // HandleAuth should handle generating and redirecting to the OAuth provider's authorization URL HandleAuth(w http.ResponseWriter, r *http.Request) // HandleCallback should handle the callback from the OAuth provider, exchange the code for tokens, and updating the database HandleCallback(authManager *AuthManager) http.HandlerFunc }
type SessionData ¶
type SessionData struct { // UserId is the primary key of the user in the database UserId int }