lixen/auth
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.2.0 restructured and generalized to be more modular, added golang-jwt dependency

Browse Source
This commit is contained in:
Lixen Wraith
2025-11-03 15:11:40 -05:00
parent 3a662862d7
commit 3471030edd
14 changed files with 760 additions and 482 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
README.md
View File

@ -1,38 +1,45 @@
# Auth Package
Pluggable authentication utilities for Go applications.
Modular authentication utilities for Go applications.
## Features
- **Password Hashing**: Argon2id with PHC format
- **JWT**: HS256/RS256 token generation and validation
- **SCRAM-SHA256**: Client/server implementation with Argon2id KDF
- **HTTP Auth**: Basic/Bearer header parsing
- **Password Hashing**: Standalone Argon2id hashing with PHC format.
- **JWT**: HS256/RS256 token management via a simple facade over `golang-jwt`.
- **SCRAM-SHA256**: Client/server implementation with Argon2id KDF.
- **HTTP Auth**: Helpers for parsing Basic and Bearer authentication headers.
## Usage
```go
// Argon2 Password Hashing
hash, _ := auth.HashPassword("password123")
err := auth.VerifyPassword("password123", hash)
// JWT with HS256
auth, _ := auth.NewAuthenticator([]byte("32-byte-secret-key..."))
token, _ := auth.GenerateToken("user123", map[string]interface{}{"role": "admin"})
userID, claims, _ := auth.ValidateToken(token)
jwtMgr, _ := auth.NewJWT([]byte("a-very-secure-32-byte-secret-key"))
token, _ := jwtMgr.GenerateToken("user123", map[string]any{"role": "admin"})
userID, claims, _ := jwtMgr.ValidateToken(token)
// SCRAM authentication
server := auth.NewScramServer()
cred, _ := auth.DeriveCredential("user", "password", salt, 1, 65536, 4)
phcHash, _ := auth.HashPassword("password123")
cred, _ := auth.MigrateFromPHC("user", "password123", phcHash)
server.AddCredential(cred)
```
## Package Structure
- `interfaces.go` - Core interfaces
- `jwt.go` - JWT token operations
- `argon2.go` - Password hashing
- `scram.go` - SCRAM-SHA256 protocol
- `token.go` - Token validation utilities
- `http.go` - HTTP header parsing
- `errors.go` - Error definitions
- `doc.go` - Overview and package documentation
- `argon2.go` - Standalone Argon2id password hashing
- `jwt.go` - JWT manager (HS256/RS256) wrapping `golang-jwt`
- `scram.go` - SCRAM-SHA256 client/server protocol
- `http.go` - HTTP Basic/Bearer header parsing
- `token.go` - Simple in-memory token validator
- `error.go` - Centralized error definitions
## Testing
```bash
go test -v ./auth
go test -v ./
```