DocumentationVessel DIAI SDKExtensionsCLIChangelogRoadmapBlog
Security

Functions

Public API reference for the Security extension

Extension Entry Points

FunctionDescription
NewExtension(opts ...ConfigOption) forge.ExtensionCreate the security extension with functional options
NewExtensionWithConfig(config Config) forge.ExtensionCreate with a complete config
DefaultConfig() ConfigReturns the default configuration

Session Operations

FunctionDescription
GenerateSessionID() stringGenerate a cryptographic session ID
NewSession(userID, ttl) *SessionCreate a new session

SessionStore Interface

MethodDescription
Create(ctx, session) errorStore a new session
Get(ctx, sessionID) (*Session, error)Retrieve a session
Update(ctx, session) errorUpdate session data
Delete(ctx, sessionID) errorDelete a session
Touch(ctx, sessionID) errorRefresh session expiry
Cleanup(ctx) errorRemove expired sessions
Count(ctx) (int, error)Count active sessions

CSRF

FunctionDescription
GetCSRFToken(w) stringGenerate and set a CSRF token in a cookie

JWT

FunctionDescription
GetJWTClaims(ctx forge.Context) *JWTClaimsGet JWT claims from Forge context
GetJWTClaimsFromStdContext(ctx) *JWTClaimsGet JWT claims from standard context
RequireRoles(roles...) forge.MiddlewareMiddleware requiring specific JWT roles

JWTManager Methods

MethodDescription
GenerateToken(claims) (string, error)Generate a JWT token
ValidateToken(token) (*JWTClaims, error)Validate and parse a JWT
GenerateRefreshToken(claims) (string, error)Generate a refresh token

API Key

FunctionDescription
GetAPIKeyInfo(ctx forge.Context) *APIKeyInfoGet API key info from Forge context
GetAPIKeyInfoFromStdContext(ctx) *APIKeyInfoGet from standard context
RequireScopes(scopes...) forge.MiddlewareMiddleware requiring API key scopes
HashAPIKey(key) stringHash an API key for storage
VerifyAPIKeyHash(key, hash) boolVerify a key against its hash

Password Hashing

PasswordHasher Methods

MethodDescription
Hash(password) (string, error)Hash a password
Verify(password, hash) (bool, error)Verify a password against a hash

CORS

CORSManager Middleware

MethodDescription
Middleware() forge.MiddlewareCORS middleware handler

Rate Limiting

RateLimiter Middleware

MethodDescription
Middleware() forge.MiddlewareRate limiting middleware

How is this guide?

Configuration

Config reference, YAML examples, and options for Security

Features

Feature flags and targeted rollouts with multiple providers

On this page

Extension Entry Points
Session Operations
SessionStore Interface
CSRF
JWT
JWTManager Methods
API Key
Password Hashing
PasswordHasher Methods
CORS
CORSManager Middleware
Rate Limiting
RateLimiter Middleware