package auth import ( "fmt" "git.phc.dm.unipi.it/phc/website/model" ) // ErrInvalidSession is thrown when an AuthenticatorService is given a missing // or invalid session token var ErrInvalidSession = fmt.Errorf(`invalid session token`) // Service is an authentication service abstraction. When a user is logged in a // new session token is returned, this can be used to read and modify user // properties without having to re-send the user password. (TODO: implement // token renewal) type Service interface { // GetUser retrieves the user info given the username GetUser(username string) (*model.User, error) // GetUsers retrieves the full user list from the authentication service GetUsers() ([]*model.User, error) // GetSession retrieves the user session associated to a session token GetSession(token string) (*model.Session, error) // Login tries to log in a user given username and password and if successful returns a new user session Login(username, password string) (*model.Session, error) } // UserForSession returns the user linked to the given session token, this is just a shortcut for calling [AuthenticatorService.GetSession] and then [AuthenticatorService.GetUser] func UserForSession(as Service, token string) (*model.User, error) { session, err := as.GetSession(token) if err != nil { return nil, err } user, err := as.GetUser(session.Username) if err != nil { return nil, err } return user, nil } // NewDefaultService create an AuthenticatorService given an "host" string, // If host is ":memory:" then this uses the [auth.Memory] implementation, // otherwise for now this defaults to [auth.LDAPAuthService] func NewDefaultService(host string) Service { if host == ":memory:" { return exampleMemoryUsers } return &LDAPAuthService{host} }