Token stuff

2022-12-03 15:20:59 -05:00 · 2022-12-03 15:20:59 -05:00 · d499d20a9c
commit d499d20a9c
parent d3dfeeccc3
8 changed files with 194 additions and 64 deletions
--- a/auth/auth.go
+++ b/auth/auth.go
@ -6,13 +6,17 @@ import (
 	"regexp"
 )

-// Auther is a generic interface to implement password-based authentication and authorization
+// Auther is a generic interface to implement password and token based authentication and authorization
 type Auther interface {
 	// Authenticate checks username and password and returns a user if correct. The method
 	// returns in constant-ish time, regardless of whether the user exists or the password is
 	// correct or incorrect.
 	Authenticate(username, password string) (*User, error)

+	AuthenticateToken(token string) (*User, error)
+
+	GenerateToken(user *User) (string, error)
+
 	// Authorize returns nil if the given user has access to the given topic using the desired
 	// permission. The user param may be nil to signal an anonymous user.
 	Authorize(user *User, topic string, perm Permission) error
@ -56,10 +60,11 @@ type Manager interface {

 // User is a struct that represents a user
 type User struct {
-	Name   string
-	Hash   string // password hash (bcrypt)
-	Role   Role
-	Grants []Grant
+	Name     string
+	Hash     string // password hash (bcrypt)
+	Role     Role
+	Grants   []Grant
+	Language string
 }

 // Grant is a struct that represents an access control entry to a topic