auth

package
v0.35.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 29, 2025 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidCredentials = errors.New("invalid credentials")
	ErrUnauthorized       = errors.New("unauthorized")
	ErrInvalidToken       = errors.New("invalid token")
	ErrExpiredToken       = errors.New("expired token")
)

Functions

func GenerateAPIKey 

func GenerateAPIKey() (string, error)

GenerateAPIKey 生成新的 API Key

Types

type APIKeyAuthenticator 

type APIKeyAuthenticator struct {
	// contains filtered or unexported fields
}

APIKeyAuthenticator API Key 认证器

func NewAPIKeyAuthenticator 

func NewAPIKeyAuthenticator(store APIKeyStore) *APIKeyAuthenticator

NewAPIKeyAuthenticator 创建 API Key 认证器

func (*APIKeyAuthenticator) Authenticate 

func (a *APIKeyAuthenticator) Authenticate(ctx context.Context, credentials any) (*User, error)

Authenticate 验证 API Key

func (*APIKeyAuthenticator) Method 

func (a *APIKeyAuthenticator) Method() AuthMethod

Method 返回认证方法类型

func (*APIKeyAuthenticator) Validate 

func (a *APIKeyAuthenticator) Validate(ctx context.Context, key string) (*User, error)

Validate 验证 API Key 并返回用户信息

type APIKeyInfo 

type APIKeyInfo struct {
	Key       string         `json:"key"`
	UserID    string         `json:"user_id"`
	Name      string         `json:"name"`
	Roles     []string       `json:"roles"`
	ExpiresAt *time.Time     `json:"expires_at,omitempty"`
	CreatedAt time.Time      `json:"created_at"`
	LastUsed  *time.Time     `json:"last_used,omitempty"`
	Metadata  map[string]any `json:"metadata,omitempty"`
}

APIKeyInfo API Key 信息

type APIKeyStore 

type APIKeyStore interface {
	// Get 获取 API Key 信息
	Get(ctx context.Context, key string) (*APIKeyInfo, error)

	// Create 创建新的 API Key
	Create(ctx context.Context, info *APIKeyInfo) error

	// Delete 删除 API Key
	Delete(ctx context.Context, key string) error

	// List 列出用户的所有 API Keys
	List(ctx context.Context, userID string) ([]*APIKeyInfo, error)
}

APIKeyStore API Key 存储接口

type AuthMethod 

type AuthMethod string

AuthMethod 认证方法类型 

const (
	AuthMethodAPIKey AuthMethod = "apikey"
	AuthMethodJWT    AuthMethod = "jwt"
	AuthMethodOAuth  AuthMethod = "oauth"
)

type Authenticator 

type Authenticator interface {
	// Authenticate 验证凭证并返回用户信息
	Authenticate(ctx context.Context, credentials any) (*User, error)

	// Validate 验证令牌是否有效
	Validate(ctx context.Context, token string) (*User, error)

	// Method 返回认证方法类型
	Method() AuthMethod
}

Authenticator 认证器接口

type JWTAuthenticator 

type JWTAuthenticator struct {
	// contains filtered or unexported fields
}

JWTAuthenticator JWT 认证器

func NewJWTAuthenticator 

func NewJWTAuthenticator(config JWTConfig) *JWTAuthenticator

NewJWTAuthenticator 创建 JWT 认证器

func (*JWTAuthenticator) Authenticate 

func (a *JWTAuthenticator) Authenticate(ctx context.Context, credentials any) (*User, error)

Authenticate 生成 JWT 令牌

func (*JWTAuthenticator) GenerateToken 

func (a *JWTAuthenticator) GenerateToken(user *User) (string, time.Time, error)

GenerateToken 生成 JWT 令牌

func (*JWTAuthenticator) Method 

func (a *JWTAuthenticator) Method() AuthMethod

Method 返回认证方法类型

func (*JWTAuthenticator) RefreshToken 

func (a *JWTAuthenticator) RefreshToken(tokenString string) (string, time.Time, error)

RefreshToken 刷新令牌

func (*JWTAuthenticator) Validate 

func (a *JWTAuthenticator) Validate(ctx context.Context, tokenString string) (*User, error)

Validate 验证 JWT 令牌

type JWTClaims 

type JWTClaims struct {
	jwt.RegisteredClaims

	UserID   string   `json:"user_id"`
	Username string   `json:"username"`
	Email    string   `json:"email"`
	Roles    []string `json:"roles"`
}

JWTClaims JWT 声明

type JWTConfig 

type JWTConfig struct {
	SecretKey      string
	Issuer         string
	ExpiryDuration time.Duration
}

JWTConfig JWT 配置

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

Manager 认证管理器

func NewManager 

func NewManager(defaultMethod AuthMethod) *Manager

NewManager 创建认证管理器

func (*Manager) Authenticate 

func (m *Manager) Authenticate(ctx context.Context, method AuthMethod, credentials any) (*User, error)

Authenticate 使用指定方法进行认证

func (*Manager) DefaultMethod 

func (m *Manager) DefaultMethod() AuthMethod

DefaultMethod 返回默认认证方法

func (*Manager) GetAuthenticator 

func (m *Manager) GetAuthenticator(method AuthMethod) (Authenticator, bool)

GetAuthenticator 获取指定类型的认证器

func (*Manager) Register 

func (m *Manager) Register(auth Authenticator)

Register 注册认证器

func (*Manager) Validate 

func (m *Manager) Validate(ctx context.Context, method AuthMethod, token string) (*User, error)

Validate 验证令牌

type MemoryAPIKeyStore 

type MemoryAPIKeyStore struct {
	// contains filtered or unexported fields
}

MemoryAPIKeyStore 内存 API Key 存储(用于测试和开发)

func NewMemoryAPIKeyStore 

func NewMemoryAPIKeyStore() *MemoryAPIKeyStore

NewMemoryAPIKeyStore 创建内存存储

func (*MemoryAPIKeyStore) Create 

func (s *MemoryAPIKeyStore) Create(ctx context.Context, info *APIKeyInfo) error

Create 创建或更新 API Key

func (*MemoryAPIKeyStore) Delete 

func (s *MemoryAPIKeyStore) Delete(ctx context.Context, key string) error

Delete 删除 API Key

func (*MemoryAPIKeyStore) Get 

func (s *MemoryAPIKeyStore) Get(ctx context.Context, key string) (*APIKeyInfo, error)

Get 获取 API Key 信息

func (*MemoryAPIKeyStore) List 

func (s *MemoryAPIKeyStore) List(ctx context.Context, userID string) ([]*APIKeyInfo, error)

List 列出用户的所有 API Keys

type Permission 

type Permission struct {
	Resource string   `json:"resource"` // e.g., "agents", "workflows"
	Actions  []string `json:"actions"`  // e.g., ["create", "read", "update", "delete"]
}

Permission 权限

type RBAC 

type RBAC struct {
	// contains filtered or unexported fields
}

RBAC 基于角色的访问控制

func NewRBAC 

func NewRBAC() *RBAC

NewRBAC 创建 RBAC 实例

func (*RBAC) AddRole 

func (r *RBAC) AddRole(role *Role)

AddRole 添加角色

func (*RBAC) CheckPermission 

func (r *RBAC) CheckPermission(ctx context.Context, user *User, resource string, action string) error

CheckPermission 检查权限,返回错误

func (*RBAC) GetRole 

func (r *RBAC) GetRole(name string) (*Role, bool)

GetRole 获取角色

func (*RBAC) GetUserPermissions 

func (r *RBAC) GetUserPermissions(user *User) []Permission

GetUserPermissions 获取用户的所有权限

func (*RBAC) HasPermission 

func (r *RBAC) HasPermission(ctx context.Context, user *User, resource string, action string) bool

HasPermission 检查用户是否有指定权限

func (*RBAC) RegisterDefaultRoles 

func (r *RBAC) RegisterDefaultRoles()

RegisterDefaultRoles 注册默认角色

type Role 

type Role struct {
	Name        string       `json:"name"`
	Description string       `json:"description,omitempty"`
	Permissions []Permission `json:"permissions"`
}

Role 角色

type TokenInfo 

type TokenInfo struct {
	Token     string         `json:"token"`
	ExpiresAt time.Time      `json:"expires_at"`
	User      *User          `json:"user,omitempty"`
	Metadata  map[string]any `json:"metadata,omitempty"`
}

TokenInfo 令牌信息

type User 

type User struct {
	ID       string         `json:"id"`
	Username string         `json:"username"`
	Email    string         `json:"email"`
	Roles    []string       `json:"roles"`
	Metadata map[string]any `json:"metadata,omitempty"`
}

User 用户信息

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.