golazy.dev
–
golazy.dev
/
lazyauth
Index
|
Files
|
Directories
package lazyauth ¶
import "golazy.dev/lazyauth"
Variables ¶
var ErrInvalidCredentials, ErrMissingUser ¶
var (
ErrInvalidCredentials = errors.New("lazyauth: invalid credentials")
ErrMissingUser = errors.New("lazyauth: user is missing")
)
Functions ¶
func WithConfig ¶
WithConfig stores the configured app authentication backend in ctx.
func WithConfig(ctx context.Context, config Config) context.Context
func WithUser ¶
WithUser stores user in ctx.
func WithUser(ctx context.Context, user User) context.Context
Types ¶
type Authenticator ¶
Authenticator validates credentials and returns a user identity.
type Authenticator interface {
Authenticate(context.Context, Credential) (User, error)
}
type Config ¶
Config configures authentication for higher-level packages.
type Config struct {
Authenticator Authenticator
}
func ConfigFromContext ¶
ConfigFromContext returns the app authentication backend stored in ctx.
func ConfigFromContext(ctx context.Context) (Config, bool)
type Credential ¶
Credential describes one authentication attempt.
type Credential struct {
Kind string
Identifier string
Secret string
Values map[string]string
}
type User ¶
User is the authenticated identity returned by an Authenticator.
type User struct {
ID string `json:"id"`
Data map[string]any `json:"data,omitempty"`
}
func Authenticate ¶
Authenticate validates credential through config.Authenticator.
func Authenticate(ctx context.Context, config Config, credential Credential) (User, error)
func FromContext ¶
FromContext returns the authenticated user stored in ctx.
func FromContext(ctx context.Context) (User, bool)
Directories ¶
| Path | Synopsis |
|---|---|
| lazyauth/fileauth | |
| lazyauth/memoryauth |
Package lazyauth authenticates users without owning application authorization.
Authenticators can validate passwords, magic links, bearer tokens, OAuth provider callbacks, or application-specific credentials. Successful authentication returns a User with an ID and serializable Data map. Packages above lazyauth decide how that data becomes OAuth claims, sessions, roles, or MCP permissions.
The memoryauth subpackage provides the default lazyapp backend. It starts with zero users unless LAZYAUTH_DEFAULT_PASS creates a bootstrap password user named admin, or LAZYAUTH_DEFAULT_USER when that value is set.