Pull the credential/TOTP check, session deletion, user-token issuance and OIDC callback flow out of the v1 echo handlers and into reusable helpers so both /api/v1 and the upcoming /api/v2 share one implementation: - auth.IssueUserToken + auth.WriteUserAuthCookies split the token/cookie machinery from the echo response; NewUserAuthTokenResponse now wraps them. - auth.SessionIDFromContext reads the sid claim for logout. - shared.AuthenticateUserCredentials, shared.DeleteSession hold the login and logout cores. - openid.AuthenticateCallback holds the OIDC exchange/getOrCreate/TOTP/team sync, returning the user; HandleCallback issues the token as before. v1 behaviour is unchanged on the wire. |
||
|---|---|---|
| .. | ||
| admin_user.go | ||
| auth.go | ||
| auth_provider.go | ||
| info.go | ||
| testing.go | ||