docs: web/auth module

web/auth/error.go

@@ -1,10 +1,15 @@
 package auth
 
 const (
-	APIErrorUserNotFound      string = "user not found"
+	// APIErrorUserNotFound api error string if user not found
+	APIErrorUserNotFound string = "user not found"
+	// APIErrorIncorrectPassword api error string if password is incorrect
 	APIErrorIncorrectPassword string = "incorrect password"
-	APIErrorNoSession         string = "no session"
-	APIErrorCreateSession     string = "create session"
+	// APIErrorNoSession api error string if no session exists
+	APIErrorNoSession string = "no session"
+	// APIErrorCreateSession api error string if session could not created
+	APIErrorCreateSession string = "create session"
 
+	// APIErrroCreatePassword api error string if password could not created
 	APIErrroCreatePassword string = "error during create password"
 )

web/auth/lib_user.go

@@ -12,6 +12,7 @@ import (
 	"dev.sum7.eu/genofire/golang-lib/web"
 )
 
+// GetCurrentUserID get UserID of session in golang-gin
 func GetCurrentUserID(c *gin.Context) (uuid.UUID, bool) {
 	session := sessions.Default(c)
 
@@ -27,6 +28,7 @@ func GetCurrentUserID(c *gin.Context) (uuid.UUID, bool) {
 	return id, true
 }
 
+// GetCurrentUser get User of session from database in golang-gin
 func GetCurrentUser(c *gin.Context, ws *web.Service) (*User, bool) {
 	id, ok := GetCurrentUserID(c)
 	if !ok {

web/auth/middleware.go

@@ -9,6 +9,7 @@ import (
 	"dev.sum7.eu/genofire/golang-lib/web"
 )
 
+// MiddlewareLogin if user id in session for golang-gin
 func MiddlewareLogin(ws *web.Service) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		_, ok := GetCurrentUserID(c)
@@ -18,9 +19,12 @@ func MiddlewareLogin(ws *web.Service) gin.HandlerFunc {
 	}
 }
 
+// MiddlewarePermissionParamUUID if user has access to obj, check access by uuid in golang-gin url param uuid
 func MiddlewarePermissionParamUUID(ws *web.Service, obj HasPermission) gin.HandlerFunc {
 	return MiddlewarePermissionParam(ws, obj, "uuid")
 }
+
+// MiddlewarePermissionParam if user has access to obj, check access in golang-gin url by param
 func MiddlewarePermissionParam(ws *web.Service, obj HasPermission, param string) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		userID, ok := GetCurrentUserID(c)

web/auth/models.go

@@ -6,12 +6,14 @@ import (
 	"gorm.io/gorm"
 )
 
+// User struct - default User model which could be extended
 type User struct {
 	ID       uuid.UUID `json:"id" gorm:"type:uuid;default:gen_random_uuid()" example:"88078ec0-2135-445f-bf05-632701c77695"`
 	Username string    `json:"username" gorm:"unique" example:"kukoon"`
 	Password string    `json:"-" example:"super secret password"`
 }
 
+// NewUser by username and password
 func NewUser(username, password string) (*User, error) {
 	user := &User{
 		Username: username,
@@ -22,20 +24,23 @@ func NewUser(username, password string) (*User, error) {
 	return user, nil
 }
 
-func (this *User) SetPassword(password string) error {
+// SetPassword  - create new hash of password
+func (u *User) SetPassword(password string) error {
 	p, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
 	if err != nil {
 		return err
 	}
-	this.Password = string(p)
+	u.Password = string(p)
 	return nil
 }
 
-func (this *User) ValidatePassword(password string) bool {
-	err := bcrypt.CompareHashAndPassword([]byte(this.Password), []byte(password))
+// ValidatePassword - check if given password is equal to saved hash
+func (u *User) ValidatePassword(password string) bool {
+	err := bcrypt.CompareHashAndPassword([]byte(u.Password), []byte(password))
 	return err == nil
 }
 
+// HasPermission interface for middleware check in other models
 type HasPermission interface {
 	HasPermission(tx *gorm.DB, userID, objID uuid.UUID) (interface{}, error)
 }