Passport/pkg/models/auth.go

package models

import (
	"fmt"
	"time"

	"gorm.io/datatypes"
)

type AuthFactorType = int8

const (
	PasswordAuthFactor = AuthFactorType(iota)
	EmailPasswordFactor
)

type AuthFactor struct {
	BaseModel

	Type      int8    `json:"type"`
	Secret    string  `json:"-"`
	Config    JSONMap `json:"config"`
	AccountID uint    `json:"account_id"`
}

type AuthTicket struct {
	BaseModel

	Location            string                      `json:"location"`
	IpAddress           string                      `json:"ip_address"`
	UserAgent           string                      `json:"user_agent"`
	RequireMFA          bool                        `json:"require_mfa"`
	RequireAuthenticate bool                        `json:"require_authenticate"`
	Claims              datatypes.JSONSlice[string] `json:"claims"`
	Audiences           datatypes.JSONSlice[string] `json:"audiences"`
	GrantToken          *string                     `json:"grant_token"`
	AccessToken         *string                     `json:"access_token"`
	RefreshToken        *string                     `json:"refresh_token"`
	ExpiredAt           *time.Time                  `json:"expired_at"`
	AvailableAt         *time.Time                  `json:"available_at"`
	LastGrantAt         *time.Time                  `json:"last_grant_at"`
	ClientID            *uint                       `json:"client_id"`
	AccountID           uint                        `json:"account_id"`
}

func (v AuthTicket) IsAvailable() error {
	if v.RequireMFA || v.RequireAuthenticate {
		return fmt.Errorf("ticket isn't authenticated yet")
	}
	if v.AvailableAt != nil && time.Now().Unix() < v.AvailableAt.Unix() {
		return fmt.Errorf("ticket isn't available yet")
	}
	if v.ExpiredAt != nil && time.Now().Unix() > v.ExpiredAt.Unix() {
		return fmt.Errorf("ticket expired")
	}

	return nil
}

type AuthContext struct {
	Ticket     AuthTicket `json:"ticket"`
	Account    Account    `json:"account"`
	LastUsedAt time.Time  `json:"last_used_at"`
}
:tada: Initial Commit 2024-01-06 17:56:32 +00:00			`package models`

			`import (`
			`"fmt"`
			`"time"`

			`"gorm.io/datatypes"`
			`)`

			`type AuthFactorType = int8`

			`const (`
			`PasswordAuthFactor = AuthFactorType(iota)`
			`EmailPasswordFactor`
			`)`

			`type AuthFactor struct {`
			`BaseModel`

			Type int8 `json:"type"`
:sparkles: Account confirm 2024-01-28 16:32:39 +00:00			Secret string `json:"-"`
:tada: Initial Commit 2024-01-06 17:56:32 +00:00			Config JSONMap `json:"config"`
			AccountID uint `json:"account_id"`
			`}`

:sparkles: New ticket ways 2024-04-20 11:04:33 +00:00			`type AuthTicket struct {`
:tada: Initial Commit 2024-01-06 17:56:32 +00:00			`BaseModel`

:sparkles: New ticket ways 2024-04-20 11:04:33 +00:00			Location string `json:"location"`
			IpAddress string `json:"ip_address"`
			UserAgent string `json:"user_agent"`
			RequireMFA bool `json:"require_mfa"`
			RequireAuthenticate bool `json:"require_authenticate"`
			Claims datatypes.JSONSlice[string] `json:"claims"`
			Audiences datatypes.JSONSlice[string] `json:"audiences"`
			GrantToken *string `json:"grant_token"`
			AccessToken *string `json:"access_token"`
			RefreshToken *string `json:"refresh_token"`
			ExpiredAt *time.Time `json:"expired_at"`
			AvailableAt *time.Time `json:"available_at"`
			LastGrantAt *time.Time `json:"last_grant_at"`
			ClientID *uint `json:"client_id"`
			AccountID uint `json:"account_id"`
:tada: Initial Commit 2024-01-06 17:56:32 +00:00			`}`

:sparkles: New ticket ways 2024-04-20 11:04:33 +00:00			`func (v AuthTicket) IsAvailable() error {`
			`if v.RequireMFA \|\| v.RequireAuthenticate {`
:sparkles: User center page 2024-04-21 04:20:06 +00:00			`return fmt.Errorf("ticket isn't authenticated yet")`
:sparkles: New ticket ways 2024-04-20 11:04:33 +00:00			`}`
:tada: Initial Commit 2024-01-06 17:56:32 +00:00			`if v.AvailableAt != nil && time.Now().Unix() < v.AvailableAt.Unix() {`
:sparkles: User center page 2024-04-21 04:20:06 +00:00			`return fmt.Errorf("ticket isn't available yet")`
:tada: Initial Commit 2024-01-06 17:56:32 +00:00			`}`
			`if v.ExpiredAt != nil && time.Now().Unix() > v.ExpiredAt.Unix() {`
:sparkles: User center page 2024-04-21 04:20:06 +00:00			`return fmt.Errorf("ticket expired")`
:tada: Initial Commit 2024-01-06 17:56:32 +00:00			`}`

			`return nil`
			`}`

:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`type AuthContext struct {`
:zap: In memory auth context cache 2024-05-17 11:37:58 +00:00			Ticket AuthTicket `json:"ticket"`
			Account Account `json:"account"`
			LastUsedAt time.Time `json:"last_used_at"`
:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`}`