package auth import "fmt" // ErrInvalidSession is thrown when an AuthenticatorService is given a missing or invalid session token var ErrInvalidSession = fmt.Errorf(`invalid session token`) // User represents a user returned from AuthenticatorService type User struct { Username string `json:"username"` Name string `json:"name"` Surname string `json:"surname"` FullName string `json:"fullName"` Email string `json:"email"` } // WithDefaultFullName is a utility that returns a copy of the given user with the full name set to the concatenation of the name and surname of the user. func (u User) WithDefaultFullName() User { return User{ Username: u.Username, Name: u.Name, Surname: u.Surname, Email: u.Email, FullName: u.Username + " " + u.Surname, } } // Session represents a session returned from AuthenticatorService type Session struct { Username string `json:"username"` Token string `json:"token"` } // AuthenticatorService can login users using a separate http service or a temporary in memory store. When a user logs in the auth service returns a session token that can be used to read and modify user properties without having to re-send the user password. (TODO: Not yet implemented: this token has to be renewed every so often otherwise it lasts just a couple of days) type AuthenticatorService interface { // GetUser retrieves the user info given the username GetUser(username string) (*User, error) // GetUsers retrieves the full user list from the authentication service GetUsers() ([]*User, error) // GetSession retrieves the user session associated to a session token GetSession(token string) (*Session, error) // Login tries to log in a user given username and password and if successful returns a new user session Login(username, password string) (*Session, error) } // UserForSession returns the user (object) linked to a session token, this is just a shortcut for calling [AuthenticatorService.GetSession] and then [AuthenticatorService.GetUser] func UserForSession(as AuthenticatorService, token string) (*User, error) { session, err := as.GetSession(token) if err != nil { return nil, err } user, err := as.GetUser(session.Username) if err != nil { return nil, err } return user, nil } // New create an AuthenticatorService given an "host" string, if ":memory:" then this just returns an example AuthenticatorService using the [auth.Memory] implementation, otherwise for now this defaults to [auth.LDAPAuthService] func New(host string) AuthenticatorService { if host == ":memory:" { return exampleMemoryUsers } return &LDAPAuthService{host} }