auth

package module
v0.0.0-...-f7f324f Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 27, 2020 License: MIT Imports: 29 Imported by: 0

README

nginxauth

Build Status Coverage Status

A Go http server or middleware that can be used as an authentication backend with NGINX or directly in a Go web server Capabilities included:

  1. Session management (through Redis by default)
  2. User authentication and hashing (OpenLDAP or SQL database)
  3. Email notification

Documentation

Overview

This file taken with some modification from authboss github.com/go-authboss

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetInfo

func GetInfo(info map[string]interface{}, name string) interface{}

GetInfo will return the named info as an interface{}

func GetInfoInts

func GetInfoInts(info map[string]interface{}, name string) []int

GetInfoInts will return the named info as an array of integers

func GetInfoString

func GetInfoString(info map[string]interface{}, name string) string

GetInfoString will return the named info as a string

func GetInfoStrings

func GetInfoStrings(info map[string]interface{}, name string) []string

GetInfoStrings will return the named info as an array of strings

Types

type AuthError

type AuthError struct {
	// contains filtered or unexported fields
}

AuthError struct holds detailed auth error info

func (*AuthError) Error

func (a *AuthError) Error() string

func (*AuthError) Trace

func (a *AuthError) Trace() string

type AuthStorer

type AuthStorer interface {
	GetSession(w http.ResponseWriter, r *http.Request) (*LoginSession, error)
	GetBasicAuth(w http.ResponseWriter, r *http.Request) (*LoginSession, error)
	OAuthLogin(w http.ResponseWriter, r *http.Request) (string, error)
	Login(w http.ResponseWriter, r *http.Request) (*LoginSession, error)
	Register(w http.ResponseWriter, r *http.Request, params EmailSendParams, password string) error
	RequestPasswordReset(w http.ResponseWriter, r *http.Request, params EmailSendParams) error
	Logout(w http.ResponseWriter, r *http.Request) error
	CreateProfile(w http.ResponseWriter, r *http.Request) (*LoginSession, error)
	VerifyEmail(w http.ResponseWriter, r *http.Request, params EmailSendParams) (string, *User, error)
	VerifyPasswordReset(w http.ResponseWriter, r *http.Request, emailVerificationCode string) (string, *User, error)
	CreateSecondaryEmail(w http.ResponseWriter, r *http.Request, templateName, emailSubject string) error
	SetPrimaryEmail(w http.ResponseWriter, r *http.Request, templateName, emailSubject string) error
	UpdatePassword(w http.ResponseWriter, r *http.Request) (*LoginSession, error)
	UpdateInfo(userID string, info map[string]interface{}) error
}

AuthStorer interface provides the necessary functionality to get and store authentication information

func NewAuthStore

func NewAuthStore(b Backender, mailer Mailer, customPrefix, cookieDomain string, cookieKey []byte, secureOnly bool) AuthStorer

NewAuthStore is used to create an AuthStorer for most authentication needs

type Backender

type Backender interface {
	Clone() Backender
	// contains filtered or unexported methods
}

Backender interface contains all the methods needed to read and write users, sessions and logins

func NewBackend

func NewBackend(u UserBackender, s SessionBackender) Backender

NewBackend returns a Backender from a UserBackender, LoginBackender and SessionBackender

func NewBackendMemory

func NewBackendMemory(c Crypter) Backender

NewBackendMemory creates a memory-backed Backender

func NewBackendMongo

func NewBackendMongo(m mgo.Sessioner, c Crypter) Backender

NewBackendMongo creates a MongoDB-based Backender

type CookieStorer

type CookieStorer interface {
	Get(w http.ResponseWriter, r *http.Request, key string, result interface{}) error
	Put(w http.ResponseWriter, key string, value interface{}) error
	PutWithExpire(w http.ResponseWriter, key string, expireMins int, value interface{}) error
	Delete(w http.ResponseWriter, key string)
}

CookieStorer interface provides the necessary methods for handling cookies

type Crypter

type Crypter interface {
	HashEquals(token, tokenHash string) error
	Hash(token string) (string, error)
}

Crypter interface is used to store the password hash and to compare two password hashes together for equality

type CryptoHashStore

type CryptoHashStore struct {
	Crypter
}

CryptoHashStore encrypts using an iterated hash with configurable number of iterations

func (*CryptoHashStore) Hash

func (c *CryptoHashStore) Hash(token string) (string, error)

Hash returns a hashed string that has been hashed 50000 times

func (*CryptoHashStore) HashEquals

func (c *CryptoHashStore) HashEquals(token, tokenHash string) error

HashEquals does a constant-time compare to determine if a token is equal to the provided hash

type EmailSendParams

type EmailSendParams struct {
	VerificationCode string
	Email            string
	BaseURL          string
	Info             map[string]interface{}
	TemplateSuccess  string
	SubjectSuccess   string
	TemplateFailure  string
	SubjectFailure   string
}

EmailSendParams contains information necessary to send an email to the user

type Emailer

type Emailer struct {
	TemplateCache *template.Template
	Sender        sender
}

Emailer struct contains parsed glob of email templates a Sender interface to send emails

func (*Emailer) SendMessage

func (e *Emailer) SendMessage(to, templateName, emailSubject string, data interface{}) error

SendMessage prepares an email with the provided template and passes it to Send for mailing

type FakeStorer

type FakeStorer interface {
	AuthStorer
	MethodsCalled() []string
}

FakeStorer is a fake AuthStorer for testing and includes MethodsCalled to track what was called

func NewFakeStorer

func NewFakeStorer(config FakeStorerConfig) FakeStorer

NewFakeStorer returns a fake AuthStorer that can be used for testing

type FakeStorerConfig

type FakeStorerConfig struct {
	GetSessionVal           *LoginSession
	GetSessionErr           error
	GetBasicAuthVal         *LoginSession
	GetBasicAuthErr         error
	OAuthLoginVal           string
	OAuthLoginErr           error
	LoginVal                *LoginSession
	LoginErr                error
	RegisterErr             error
	RequestPasswordResetErr error
	LogoutErr               error
	CreateProfileVal        *LoginSession
	CreateProfileErr        error
	VerifyEmailVal          string
	VerifyEmailVal2         *User
	VerifyEmailErr          error
	VerifyPasswordResetVal  string
	VerifyPasswordResetVal2 *User
	VerifyPasswordResetErr  error
	CreateSecondaryEmailErr error
	SetPrimaryEmailErr      error
	UpdatePasswordVal       *LoginSession
	UpdatePasswordErr       error
	UpdateInfoErr           error
}

FakeStorerConfig stores the config for a Fake AuthStorer

type LoginSession

type LoginSession struct {
	UserID        string                 `bson:"userID"        json:"userID"`
	Email         string                 `bson:"email"         json:"email"`
	Info          map[string]interface{} `bson:"info"          json:"info"`
	SessionHash   string                 `bson:"_id"           json:"sessionHash"`
	CSRFToken     string                 `bson:"csrfToken"     json:"csrfToken"`
	RenewTimeUTC  time.Time              `bson:"renewTimeUTC"  json:"renewTimeUTC"`
	ExpireTimeUTC time.Time              `bson:"expireTimeUTC" json:"expireTimeUTC"`
}

LoginSession is the struct which holds session information

func (*LoginSession) GetInfo

func (l *LoginSession) GetInfo(name string) interface{}

GetInfo will return the named info as an interface{}

func (*LoginSession) GetInfoInts

func (l *LoginSession) GetInfoInts(name string) []int

GetInfoInts will return the named info as an array of integers

func (*LoginSession) GetInfoString

func (l *LoginSession) GetInfoString(name string) string

GetInfoString will return the named info as a string

func (*LoginSession) GetInfoStrings

func (l *LoginSession) GetInfoStrings(name string) []string

GetInfoStrings will return the named info as an array of strings

type Mailer

type Mailer interface {
	SendMessage(to, templateName, emailSubject string, data interface{}) error
}

Mailer interface includes method needed to send communication to users on account updates

type SendGridSender

type SendGridSender struct {
	APIKey               string
	EmailFromDisplayName string
	EmailFromAddress     string
}

func (*SendGridSender) Send

func (s *SendGridSender) Send(to, subject, body string) error

Send mails the provided email body to recipient at "to" with subject "subject"

type SessionBackender

type SessionBackender interface {
	// contains filtered or unexported methods
}

SessionBackender interface holds methods for session management

func NewBackendRedisSession

func NewBackendRedisSession(server string, port int, password string, maxIdle, maxConnections int, keyPrefix string) SessionBackender

NewBackendRedisSession returns a SessionBackender for Redis

type SmtpSender

type SmtpSender struct {
	SMTPServer           string
	SMTPPort             int
	SMTPFromEmail        string
	SMTPPassword         string
	EmailFromDisplayName string
}

func (*SmtpSender) Send

func (s *SmtpSender) Send(to, subject, body string) error

Send mails the provided email body to recipient at "to" with subject "subject"

type User

type User struct {
	UserID          string                 `json:"userID"`
	Email           string                 `json:"email"`
	IsEmailVerified bool                   `json:"isEmailVerified"`
	Info            map[string]interface{} `json:"info"`
}

User is the struct which holds user information

func (*User) GetInfo

func (u *User) GetInfo(name string) interface{}

GetInfo will return the named info as an interface{}

func (*User) GetInfoInts

func (u *User) GetInfoInts(name string) []int

GetInfoInts will return the named info as an array of integers

func (*User) GetInfoString

func (u *User) GetInfoString(name string) string

GetInfoString will return the named info as a string

func (*User) GetInfoStrings

func (u *User) GetInfoStrings(name string) []string

GetInfoStrings will return the named info as an array of strings

type UserBackender

type UserBackender interface {
	// contains filtered or unexported methods
}

UserBackender interface holds methods for user management

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL