Passport/pkg/models/auth.go

90 lines
2.5 KiB
Go
Raw Normal View History

2024-01-06 17:56:32 +00:00
package models
import (
"fmt"
"time"
"gorm.io/datatypes"
)
type AuthFactorType = int8
const (
PasswordAuthFactor = AuthFactorType(iota)
EmailPasswordFactor
)
type AuthFactor struct {
BaseModel
Type int8 `json:"type"`
2024-01-28 16:32:39 +00:00
Secret string `json:"-"`
2024-01-06 17:56:32 +00:00
Config JSONMap `json:"config"`
AccountID uint `json:"account_id"`
}
type AuthSession struct {
BaseModel
Claims datatypes.JSONSlice[string] `json:"claims"`
2024-01-30 07:57:49 +00:00
Audiences datatypes.JSONSlice[string] `json:"audiences"`
2024-01-06 17:56:32 +00:00
Challenge AuthChallenge `json:"challenge" gorm:"foreignKey:SessionID"`
GrantToken string `json:"grant_token"`
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token"`
ExpiredAt *time.Time `json:"expired_at"`
AvailableAt *time.Time `json:"available_at"`
LastGrantAt *time.Time `json:"last_grant_at"`
2024-01-30 07:57:49 +00:00
ClientID *uint `json:"client_id"`
2024-01-06 17:56:32 +00:00
AccountID uint `json:"account_id"`
}
func (v AuthSession) IsAvailable() error {
if v.AvailableAt != nil && time.Now().Unix() < v.AvailableAt.Unix() {
return fmt.Errorf("session isn't available yet")
}
if v.ExpiredAt != nil && time.Now().Unix() > v.ExpiredAt.Unix() {
return fmt.Errorf("session expired")
}
return nil
}
type AuthChallengeState = int8
const (
ActiveChallengeState = AuthChallengeState(iota)
2024-01-27 16:05:19 +00:00
ExpiredChallengeState
2024-01-06 17:56:32 +00:00
FinishChallengeState
)
type AuthChallenge struct {
BaseModel
2024-01-30 07:57:49 +00:00
Location string `json:"location"`
2024-01-06 17:56:32 +00:00
IpAddress string `json:"ip_address"`
UserAgent string `json:"user_agent"`
RiskLevel int `json:"risk_level"`
Progress int `json:"progress"`
Requirements int `json:"requirements"`
BlacklistFactors datatypes.JSONType[[]uint] `json:"blacklist_factors"`
State int8 `json:"state"`
ExpiredAt time.Time `json:"expired_at"`
SessionID *uint `json:"session_id"`
AccountID uint `json:"account_id"`
}
func (v AuthChallenge) IsAvailable() error {
if time.Now().Unix() > v.ExpiredAt.Unix() {
return fmt.Errorf("challenge expired")
}
return nil
}
type AuthContext struct {
Session AuthSession `json:"session"`
Account Account `json:"account"`
ExpiredAt time.Time `json:"expired_at"`
}