69 lines
1.6 KiB
Go
69 lines
1.6 KiB
Go
// Copyright (c) Mainflux
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package auth
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"time"
|
|
)
|
|
|
|
var (
|
|
// ErrInvalidKeyIssuedAt indicates that the Key is being used before it's issued.
|
|
ErrInvalidKeyIssuedAt = errors.New("invalid issue time")
|
|
|
|
// ErrKeyExpired indicates that the Key is expired.
|
|
ErrKeyExpired = errors.New("use of expired key")
|
|
|
|
// ErrAPIKeyExpired indicates that the Key is expired
|
|
// and that the key type is API key.
|
|
ErrAPIKeyExpired = errors.New("use of expired API key")
|
|
)
|
|
|
|
const (
|
|
// UserKey is temporary User key received on successfull login.
|
|
UserKey uint32 = iota
|
|
// RecoveryKey represents a key for resseting password.
|
|
RecoveryKey
|
|
// APIKey enables the one to act on behalf of the user.
|
|
APIKey
|
|
)
|
|
|
|
// Key represents API key.
|
|
type Key struct {
|
|
ID string
|
|
Type uint32
|
|
IssuerID string
|
|
Subject string
|
|
IssuedAt time.Time
|
|
ExpiresAt time.Time
|
|
}
|
|
|
|
// Identity contains ID and Email.
|
|
type Identity struct {
|
|
ID string
|
|
Email string
|
|
}
|
|
|
|
// Expired verifies if the key is expired.
|
|
func (k Key) Expired() bool {
|
|
if k.Type == APIKey && k.ExpiresAt.IsZero() {
|
|
return false
|
|
}
|
|
return k.ExpiresAt.UTC().Before(time.Now().UTC())
|
|
}
|
|
|
|
// KeyRepository specifies Key persistence API.
|
|
type KeyRepository interface {
|
|
// Save persists the Key. A non-nil error is returned to indicate
|
|
// operation failure
|
|
Save(context.Context, Key) (string, error)
|
|
|
|
// Retrieve retrieves Key by its unique identifier.
|
|
Retrieve(context.Context, string, string) (Key, error)
|
|
|
|
// Remove removes Key with provided ID.
|
|
Remove(context.Context, string, string) error
|
|
}
|