h/golib
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b13b783d7e95d1bf486f617d362f430f22e817c9
golib/hwsauth/authenticator.go
Haelnorr b13b783d7e created hwsauth module
2026-01-04 01:01:17 +11:00

94 lines
2.7 KiB
Go
Raw Blame History

package hwsauth
import (
"database/sql"
"projectreshoot/pkg/hws"
"git.haelnorr.com/h/golib/jwt"
"github.com/pkg/errors"
"github.com/rs/zerolog"
)
type Authenticator[T Model] struct {
tokenGenerator *jwt.TokenGenerator
load LoadFunc[T]
conn *sql.DB
ignoredPaths []string
logger *zerolog.Logger
server *hws.Server
errorPage hws.ErrorPage
SSL bool // Use SSL for JWT tokens. Default true
TrustedHost string // TrustedHost to use for SSL verification
SecretKey string // Secret key to use for JWT tokens
AccessTokenExpiry int64 // Expiry time for Access tokens in minutes. Default 5
RefreshTokenExpiry int64 // Expiry time for Refresh tokens in minutes. Default 1440 (1 day)
TokenFreshTime int64 // Expiry time of token freshness. Default 5 minutes
LandingPage string // Path of the desired landing page for logged in users
}
// NewAuthenticator creates and returns a new Authenticator using the provided configuration.
// All expiry times should be provided in minutes.
// trustedHost and secretKey strings must be provided.
func NewAuthenticator[T Model](
load LoadFunc[T],
server *hws.Server,
conn *sql.DB,
logger *zerolog.Logger,
errorPage hws.ErrorPage,
) (*Authenticator[T], error) {
if load == nil {
return nil, errors.New("No function to load model supplied")
}
if server == nil {
return nil, errors.New("No hws.Server provided")
}
if conn == nil {
return nil, errors.New("No database connection supplied")
}
if logger == nil {
return nil, errors.New("No logger provided")
}
if errorPage == nil {
return nil, errors.New("No ErrorPage provided")
}
auth := Authenticator[T]{
load: load,
server: server,
conn: conn,
logger: logger,
errorPage: errorPage,
AccessTokenExpiry: 5,
RefreshTokenExpiry: 1440,
TokenFreshTime: 5,
SSL: true,
}
return &auth, nil
}
// Initialise finishes the setup and prepares the Authenticator for use.
// Any custom configuration must be set before Initialise is called
func (auth *Authenticator[T]) Initialise() error {
if auth.TrustedHost == "" {
return errors.New("Trusted host must be provided")
}
if auth.SecretKey == "" {
return errors.New("Secret key cannot be blank")
}
if auth.LandingPage == "" {
return errors.New("No landing page specified")
}
tokenGen, err := jwt.CreateGenerator(
auth.AccessTokenExpiry,
auth.RefreshTokenExpiry,
auth.TokenFreshTime,
auth.TrustedHost,
auth.SecretKey,
auth.conn,
)
if err != nil {
return errors.Wrap(err, "jwt.CreateGenerator")
}
auth.tokenGenerator = tokenGen
return nil
}
Reference in New Issue View Git Blame Copy Permalink