user

package

v0.0.13 Latest Latest Go to latest Published: Dec 1, 2022 License: BSD-2-Clause Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/eisenwinter/gotrxx

Documentation ¶

Index ¶

Variables
type Dispatcher
type LoginStorer
type Service
- func New(store *db.DataStore, logger *zap.Logger, cfg *config.Configuration, ...) *Service
type SignedInUser
type SigninService
- func NewSignInService(store *db.DataStore, log *zap.Logger, cfg *config.BehaviourConfiguration, ...) *SigninService
type UserLocker

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrInviteOnly = errors.New(
		"behaivoural setting is set to only accept invited members",
	)
	ErrTokenGenTimeout         = errors.New("could not generate a token within given cycles")
	ErrEntityAlreadyExists     = errors.New("entity already exists in system")
	ErrTokenExpired            = errors.New("supplied token has expired")
	ErrEntityInvalidTransition = errors.New("entity does not support transition")
	ErrPasswordGuidelines      = errors.New("password doesnt match password guidlines")
)

View Source

var (
	ErrEntityDoesNotExist       = errors.New("entity does not exist")
	ErrEntityOperationForbidden = errors.New("entity does not support operation")
	ErrInvalidCredentials       = errors.New("invalid credentials")
	ErrMFARequired              = errors.New("entity requires mfa")
	ErrInvalidOTP               = errors.New(
		"supplied one time password was not correct or already consumed",
	)
)

Functions ¶

This section is empty.

Types ¶

type Dispatcher ¶

type Dispatcher interface {
	Dispatch(event events.Event)
}

type LoginStorer ¶

type LoginStorer interface {
}

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

func New ¶

func New(store *db.DataStore,
	logger *zap.Logger,
	cfg *config.Configuration,
	mailer *mailing.Mailer,
	dispatcher Dispatcher,
	manager *manage.UserService) *Service

func (*Service) ChangeEmail ¶

func (g *Service) ChangeEmail(ctx context.Context, id uuid.UUID, email string) error

ChangeEmail changes the users email address, this will not trigger a reconfirm, be vary of that

func (*Service) ChangePassword ¶

func (g *Service) ChangePassword(ctx context.Context, id uuid.UUID, password string) error

ChangePassword sets a new password for the supplied user id

func (*Service) ConfirmUser ¶

func (g *Service) ConfirmUser(ctx context.Context, token string) error

ConfirmUser confirms a user account with the supplied token

func (*Service) DisableMFA ¶

func (g *Service) DisableMFA(ctx context.Context, userID uuid.UUID) error

DisableMFA disables multi factor for a user IF the user has multifactor enabled

func (*Service) EmailToID ¶

func (g *Service) EmailToID(ctx context.Context, email string) (uuid.UUID, bool)

func (*Service) EnableMFA ¶

func (g *Service) EnableMFA(ctx context.Context, userID uuid.UUID, secret string) (string, error)

EnableMFA enables multi factor auth for a user, this should only be called after ProvisionMFA it returns a recovery code which the user should note in case of device loss to still access his account

func (*Service) InRole ¶

func (g *Service) InRole(ctx context.Context, id uuid.UUID, role string) bool

InRole check if given user id is in role

func (*Service) InviteUser ¶

func (g *Service) InviteUser(ctx context.Context, email string) error

InviteUser is a user initiaized invite without roles and apps

func (*Service) IsMFAEnabled ¶

func (g *Service) IsMFAEnabled(ctx context.Context, userID uuid.UUID) bool

IsMFAEnabled check if user has mfa enabled

func (*Service) ProvisionMFA ¶

func (g *Service) ProvisionMFA(ctx context.Context, userID uuid.UUID) (string, string, error)

ProvisionMFA returns a new secret and a otpauth:// url if success

func (*Service) RecoverPassword ¶

func (g *Service) RecoverPassword(
	ctx context.Context,
	email string,
	token string,
) (uuid.UUID, error)

RecoverPassword is used to reset the password from the token obtained from the recovery mail

func (*Service) RegisterFromInvite ¶

func (g *Service) RegisterFromInvite(
	ctx context.Context,
	email string,
	password string,
	phone *string,
	inviteCode string,
) (uuid.UUID, error)

RegisterFromInvite registers a user from an invite, which means the user will automatically be granted roles and application permissions from the invite

func (*Service) RegisterUser ¶

func (g *Service) RegisterUser(
	ctx context.Context,
	email string,
	password string,
	phone *string,
) (uuid.UUID, error)

RegisterUser registers a user from user supplied data

func (*Service) TriggerPasswordRecovery ¶

func (g *Service) TriggerPasswordRecovery(ctx context.Context, id uuid.UUID) error

TriggerPasswordRecovery takes all step necassary to recover a user password if successful it will send a email to the user

type SignedInUser ¶

type SignedInUser struct {
	UserID uuid.UUID
	Email  string
	Roles  []string
}

type SigninService ¶

type SigninService struct {
	// contains filtered or unexported fields
}

func NewSignInService ¶

func NewSignInService(store *db.DataStore,
	log *zap.Logger,
	cfg *config.BehaviourConfiguration,
	dispatcher Dispatcher,
	userLocker UserLocker) *SigninService

func (*SigninService) CanLogin ¶

func (g *SigninService) CanLogin(ctx context.Context, userID uuid.UUID) (bool, error)

CanLogin checks if a user is eligble to login (not lockedout, not banned, not unconfirmed)

func (*SigninService) InitializeMFA ¶

func (g *SigninService) InitializeMFA(ctx context.Context, email string) error

InitializeMFA marks a otp as pending

func (g *SigninService) SignIn(
	ctx context.Context,
	email string,
	password string,
) (*SignedInUser, error)

SignIn signs in a user with the supplied credentials

func (*SigninService) SignInByIDFromToken ¶

func (g *SigninService) SignInByIDFromToken(
	ctx context.Context,
	userID uuid.UUID,
	tokenType string,
) (*SignedInUser, error)

SignInByIDFromToken creates a signed in user after the supplied token type has been validated - do not use this without validating the token before!

func (*SigninService) SignInMFA ¶

func (g *SigninService) SignInMFA(
	ctx context.Context,
	email string,
	password string,
	otp string,
) (*SignedInUser, error)

SignInMFA signs in the user with the credentials and the OTP

func (*SigninService) UserFromSubject ¶

func (g *SigninService) UserFromSubject(
	ctx context.Context,
	userID uuid.UUID,
) (*SignedInUser, error)

UserFromSubject returns a user by id, this should be only used in special cases

func (*SigninService) Validate ¶

func (g *SigninService) Validate(ctx context.Context, id uuid.UUID, password string) error

Validate validates a password, this is used for user settings which require reentering the password to change those things this method is exclusively only to be used for this not any other things as it doesnt increase lockout counts and check MFA settings

type UserLocker ¶

type UserLocker interface {
	LockUser(ctx context.Context, id uuid.UUID, until time.Time) error
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL