Documentation ¶
Index ¶
- Constants
- type BackupCode
- type BackupKey
- type Code
- type CodeResponse
- type Controller
- func (backupCodeModule *Controller) BindAPI(router *web.Router)
- func (bc *Controller) ClearPendingTokens(userid string) error
- func (bc *Controller) CreateCodes(userid string) (*CreateResponse, error)
- func (bc *Controller) IsSupported(userid string) bool
- func (bc *Controller) ListCodes(userid string) ([]BackupCode, error)
- func (bc *Controller) ValidateCode(userid string, codeString string) (bool, error)
- func (bc *Controller) ValidateName(userid string, name string) (bool, error)
- type CreateResponse
- type Storer
Constants ¶
const (
NumRecoveryKeys = 5
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BackupCode ¶
BackupCode is a backup code information structure
type BackupKey ¶
type BackupKey struct { // Mnemonic key name Name string // Mnemonic key code Code string // Key Hash Hash string }
BackupKey structure for API use
type Code ¶
type Code interface { // Get user friendly name GetName() string // Get hashed secret GetHashedSecret() string // Check if the token has been used IsUsed() bool // Set a token used flag SetUsed() // Fetch the used time GetUsedAt() time.Time // Fetch creation time GetCreatedAt() time.Time }
Code backup code instance interface Storer backup code objects must implement this interface
type CodeResponse ¶
type CodeResponse struct {
Keys []BackupKey
}
CodeResponse is the backup code response object returned when codes are created
type Controller ¶
type Controller struct {
// contains filtered or unexported fields
}
Controller Backup code controller instance The backup code controller generates and parses mnemonic backup codes for 2fa use These codes can be registered and used in the same manner as any other 2fa component.
func NewController ¶
func NewController(issuerName string, backupStore Storer, emitter events.Emitter) *Controller
NewController creates a new backup code controller Backup tokens are issued with an associated issuer name to assist with user identification of codes. A Storer provides underlying storage to the backup code module
func (*Controller) BindAPI ¶
func (backupCodeModule *Controller) BindAPI(router *web.Router)
BindAPI Binds the API for the totp module to the provided router
func (*Controller) ClearPendingTokens ¶
func (bc *Controller) ClearPendingTokens(userid string) error
ClearPendingTokens deletes pending backup tokens
func (*Controller) CreateCodes ¶
func (bc *Controller) CreateCodes(userid string) (*CreateResponse, error)
CreateCodes creates a set of backup codes for a user
func (*Controller) IsSupported ¶
func (bc *Controller) IsSupported(userid string) bool
IsSupported checks whether the backup code method is supported
func (*Controller) ListCodes ¶
func (bc *Controller) ListCodes(userid string) ([]BackupCode, error)
ListCodes fetches a list of the available backup codes
func (*Controller) ValidateCode ¶
func (bc *Controller) ValidateCode(userid string, codeString string) (bool, error)
ValidateCode validates a backup code use and marks the code as used
func (*Controller) ValidateName ¶
func (bc *Controller) ValidateName(userid string, name string) (bool, error)
ValidateName validates a code name This is intended to be checked periodically when using other login mechanisms to ensure user still has access to recovery codes
type CreateResponse ¶
CreateResponse is output when codes are created
type Storer ¶
type Storer interface { // Fetch a user instance by user id (should be able to remove this) GetUserByExtID(userid string) (interface{}, error) // Add a backup code to a given user AddBackupToken(userid, name, secret string) (interface{}, error) // Fetch backup codes for a given user GetBackupTokens(userid string) ([]interface{}, error) // Fetch a backup code by name for a given user GetBackupTokenByName(userid, name string) (interface{}, error) // Update a provided backup code UpdateBackupToken(code interface{}) (interface{}, error) // Remove valid backup codes ClearPendingBackupTokens(userid string) error }
Storer Backup Code store interface This must be implemented by a storage module to provide persistence to the module