Strona główna Odkrywaj Pomoc
Zaloguj się
byop
/
byop-engine
2
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Gałąź: main
Gałęzie Tagi
byop-engine
/
auth
/
auth.go

auth.go 2.0 KB
Bezpośredni odnośnik Historia Czysty

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647 
  1. package auth
    2. 

  2. 

  3. import (
    4. 

  4. 	"context"
    5. 

  5. 	"errors"
    6. 

  6. )
    7. 

  7. 

  8. // TokenResponse represents the response containing both access and refresh tokens
    9. 

  9. type TokenResponse struct {
    10. 

  10. 	AccessToken  string `json:"access_token"`
    11. 

  11. 	RefreshToken string `json:"refresh_token"`
    12. 

  12. 	ExpiresIn    int64  `json:"expires_in"` // Expiration time in seconds for the access token
    13. 

  13. 	TokenType    string `json:"token_type"` // Usually "Bearer"
    14. 

  14. 	UserID       string `json:"user_id"`    // User identifier
    15. 

  15. 	UserRole     string `json:"user_role"`  // User role
    16. 

  16. }
    17. 

  17. 

  18. var (
    19. 

  19. 	ErrTokenExpired         = errors.New("token has expired")
    20. 

  20. 	ErrInvalidToken         = errors.New("token is invalid")
    21. 

  21. 	ErrTokenBlacklisted     = errors.New("token has been revoked or blacklisted")
    22. 

  22. 	ErrRefreshTokenNotFound = errors.New("refresh token not found or has been invalidated")
    23. 

  23. 	ErrUserNotFound         = errors.New("user not found")
    24. 

  24. 	ErrInvalidCredentials   = errors.New("invalid credentials")
    25. 

  25. )
    26. 

  26. 

  27. // Service defines the interface for authentication operations
    28. 

  28. type Service interface {
    29. 

  29. 	// Login authenticates a user with email and password, returning tokens upon success.
    30. 

  30. 	Login(ctx context.Context, email string, password string) (*TokenResponse, error)
    31. 

  31. 

  32. 	// GenerateToken creates new access and refresh tokens for a user.
    33. 

  33. 	// userID is the unique identifier for the user (e.g., from the database).
    34. 

  34. 	// role is the user's role.
    35. 

  35. 	GenerateToken(ctx context.Context, userID string, role string) (*TokenResponse, error)
    36. 

  36. 

  37. 	// ValidateToken verifies an access token and returns the userID and role if valid.
    38. 

  38. 	ValidateToken(ctx context.Context, tokenString string) (userID string, role string, err error)
    39. 

  39. 

  40. 	// RefreshToken creates a new access token (and potentially a new refresh token)
    41. 

  41. 	// based on a valid refresh token.
    42. 

  42. 	RefreshToken(ctx context.Context, refreshTokenString string) (*TokenResponse, error)
    43. 

  43. 

  44. 	// Logout invalidates the given token (typically an access token, and its associated refresh token if applicable).
    45. 

  45. 	// The exact mechanism (e.g., blacklisting) depends on the implementation.
    46. 

  46. 	Logout(ctx context.Context, tokenString string) error
    47. 

  47. }
    48.