Rebuild for v1.0.0: postgres-only, slug-keyed authz, predicate API
Drops the Dialect/Queries abstraction in favor of a single PostgreSQL 16+ implementation collapsed into the root authkit package, removes the public store interfaces, and reshapes the authorization model around seeded slugs (roles, permissions, abilities) with optional labels. Schema is now squashed into one migrations/0001_init.sql and applied automatically on authkit.New (opt-out via Config.SkipAutoMigrate). A schema verifier checks tables/columns/types/nullability on startup, tolerates extra columns, and falls back to default table names when a configured override is missing. Auth API: CreateUser + SetPassword replace Register; password is nullable. Email OTP (RequestEmailOTP/ConsumeEmailOTP) joins magic links and password reset, all with anti-enumeration silent-success defaults and a Config.RevealUnknownEmail opt-in. Service tokens drop owner columns and validate ability slugs against authkit_abilities at issue. Direct user permissions live alongside role-derived ones; queries return their UNION. Predicate API: HasRole/HasPermission/HasAbility leaves with AnyLogin/AllLogin/AnyServiceKey/AllServiceKey combinators. Validate runs at middleware construction, panicking on unknown slugs. Middleware collapses to RequireLogin (cookie + JWT), RequireGuest (configurable OnAuthenticated), and RequireServiceKey. UserIDFromCtx / UserFromCtx (lazy) / RefreshUserInCtx provide request-lifetime user caching. Cookie defaults flip to Secure=true and HttpOnly=true via *bool with BoolPtr opt-out. CLIs ship under cmd/perms, cmd/roles, cmd/abilities for seeding the authorization vocabulary; the library never seeds rows itself. Tests cover unit-level (slug validation + fuzz, opaque secrets, email normalization, extractors, predicates, OTP generator) and integration flows gated on AUTHKIT_TEST_DATABASE_URL (every Auth method, schema drift detection, migration idempotency, lazy user cache, all middleware paths). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
juancwu
parent
7f1db871bc
commit
d3c5367492
80 changed files with 5605 additions and 4565 deletions
140
store_schema.go
Normal file
140
store_schema.go
Normal file
|
|
@ -0,0 +1,140 @@
|
|||
package authkit
|
||||
|
||||
import (
|
||||
"regexp"
|
||||
|
||||
"git.juancwu.dev/juancwu/errx"
|
||||
)
|
||||
|
||||
// Schema lets consumers map authkit storage to their own table names. Column
|
||||
// overrides are not exposed in v1 — the column set is fixed.
|
||||
type Schema struct {
|
||||
Tables Tables
|
||||
}
|
||||
|
||||
// Tables holds per-table identifier overrides. Every field must be a valid
|
||||
// unquoted SQL identifier (matching identifierRE). Validation runs at
|
||||
// New()/Migrate() time so SQL injection through Schema is impossible past
|
||||
// that gate.
|
||||
type Tables struct {
|
||||
Users string
|
||||
Sessions string
|
||||
Tokens string
|
||||
ServiceKeys string
|
||||
ServiceKeyAbilities string
|
||||
Roles string
|
||||
Permissions string
|
||||
Abilities string
|
||||
UserRoles string
|
||||
UserPermissions string
|
||||
RolePermissions string
|
||||
SchemaMigrations string
|
||||
}
|
||||
|
||||
// DefaultSchema returns the stock authkit_* names matching the embedded
|
||||
// migration files.
|
||||
func DefaultSchema() Schema {
|
||||
return Schema{Tables: defaultTables()}
|
||||
}
|
||||
|
||||
func defaultTables() Tables {
|
||||
return Tables{
|
||||
Users: "authkit_users",
|
||||
Sessions: "authkit_sessions",
|
||||
Tokens: "authkit_tokens",
|
||||
ServiceKeys: "authkit_service_keys",
|
||||
ServiceKeyAbilities: "authkit_service_key_abilities",
|
||||
Roles: "authkit_roles",
|
||||
Permissions: "authkit_permissions",
|
||||
Abilities: "authkit_abilities",
|
||||
UserRoles: "authkit_user_roles",
|
||||
UserPermissions: "authkit_user_permissions",
|
||||
RolePermissions: "authkit_role_permissions",
|
||||
SchemaMigrations: "authkit_schema_migrations",
|
||||
}
|
||||
}
|
||||
|
||||
// identifierRE matches the safe ASCII identifier subset shared by Postgres
|
||||
// when not quoted. Anything outside this set is rejected at validation time.
|
||||
var identifierRE = regexp.MustCompile(`^[a-zA-Z_][a-zA-Z0-9_]*$`)
|
||||
|
||||
// Validate ensures every Schema.Tables field is a non-empty, safe identifier.
|
||||
func (s Schema) Validate() error {
|
||||
const op = "authkit.Schema.Validate"
|
||||
checks := []struct {
|
||||
field, value string
|
||||
}{
|
||||
{"Users", s.Tables.Users},
|
||||
{"Sessions", s.Tables.Sessions},
|
||||
{"Tokens", s.Tables.Tokens},
|
||||
{"ServiceKeys", s.Tables.ServiceKeys},
|
||||
{"ServiceKeyAbilities", s.Tables.ServiceKeyAbilities},
|
||||
{"Roles", s.Tables.Roles},
|
||||
{"Permissions", s.Tables.Permissions},
|
||||
{"Abilities", s.Tables.Abilities},
|
||||
{"UserRoles", s.Tables.UserRoles},
|
||||
{"UserPermissions", s.Tables.UserPermissions},
|
||||
{"RolePermissions", s.Tables.RolePermissions},
|
||||
{"SchemaMigrations", s.Tables.SchemaMigrations},
|
||||
}
|
||||
for _, c := range checks {
|
||||
if c.value == "" {
|
||||
return errx.Newf(op, "Schema.Tables.%s is empty", c.field)
|
||||
}
|
||||
if !identifierRE.MatchString(c.value) {
|
||||
return errx.Newf(op, "Schema.Tables.%s = %q is not a valid identifier", c.field, c.value)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// isDefault reports whether every Schema.Tables entry matches the default
|
||||
// names. Embedded migrations hard-code the defaults, so they only run
|
||||
// unmodified against the default schema.
|
||||
func (s Schema) isDefault() bool {
|
||||
return s.Tables == defaultTables()
|
||||
}
|
||||
|
||||
// mergeSchemaDefaults fills in any blank Tables field from the default set
|
||||
// so callers can override one or two table names without having to copy
|
||||
// the whole DefaultSchema structure.
|
||||
func mergeSchemaDefaults(s Schema) Schema {
|
||||
def := defaultTables()
|
||||
if s.Tables.Users == "" {
|
||||
s.Tables.Users = def.Users
|
||||
}
|
||||
if s.Tables.Sessions == "" {
|
||||
s.Tables.Sessions = def.Sessions
|
||||
}
|
||||
if s.Tables.Tokens == "" {
|
||||
s.Tables.Tokens = def.Tokens
|
||||
}
|
||||
if s.Tables.ServiceKeys == "" {
|
||||
s.Tables.ServiceKeys = def.ServiceKeys
|
||||
}
|
||||
if s.Tables.ServiceKeyAbilities == "" {
|
||||
s.Tables.ServiceKeyAbilities = def.ServiceKeyAbilities
|
||||
}
|
||||
if s.Tables.Roles == "" {
|
||||
s.Tables.Roles = def.Roles
|
||||
}
|
||||
if s.Tables.Permissions == "" {
|
||||
s.Tables.Permissions = def.Permissions
|
||||
}
|
||||
if s.Tables.Abilities == "" {
|
||||
s.Tables.Abilities = def.Abilities
|
||||
}
|
||||
if s.Tables.UserRoles == "" {
|
||||
s.Tables.UserRoles = def.UserRoles
|
||||
}
|
||||
if s.Tables.UserPermissions == "" {
|
||||
s.Tables.UserPermissions = def.UserPermissions
|
||||
}
|
||||
if s.Tables.RolePermissions == "" {
|
||||
s.Tables.RolePermissions = def.RolePermissions
|
||||
}
|
||||
if s.Tables.SchemaMigrations == "" {
|
||||
s.Tables.SchemaMigrations = def.SchemaMigrations
|
||||
}
|
||||
return s
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue