github.com/clerkinc/clerk-sdk-go@v1.49.1/clerk/session_claims.go

github.com/clerkinc/clerk-sdk-go@v1.49.1/clerk/session_claims.go (about)

     1  package clerk
     2  
     3  import (
     4  	"encoding/json"
     5  
     6  	"github.com/go-jose/go-jose/v3/jwt"
     7  )
     8  
     9  type SessionClaims struct {
    10  	jwt.Claims
    11  	SessionID                     string          `json:"sid"`
    12  	AuthorizedParty               string          `json:"azp"`
    13  	ActiveOrganizationID          string          `json:"org_id"`
    14  	ActiveOrganizationSlug        string          `json:"org_slug"`
    15  	ActiveOrganizationRole        string          `json:"org_role"`
    16  	ActiveOrganizationPermissions []string        `json:"org_permissions"`
    17  	Actor                         json.RawMessage `json:"act,omitempty"`
    18  }
    19  
    20  // HasPermission checks if the user has the specific permission
    21  // in their session claims.
    22  func (s *SessionClaims) HasPermission(permission string) bool {
    23  	for _, sessPermission := range s.ActiveOrganizationPermissions {
    24  		if sessPermission == permission {
    25  			return true
    26  		}
    27  	}
    28  	return false
    29  }
    30  
    31  // HasRole checks if the user has the specific role
    32  // in their session claims.
    33  // Performing role checks is not considered a best-practice and
    34  // developers should avoid it as much as possible.
    35  // Usually, complex role checks can be refactored with a single permission check.
    36  func (s *SessionClaims) HasRole(role string) bool {
    37  	return s.ActiveOrganizationRole == role
    38  }