account

package
v0.0.0-...-86906c4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 18, 2023 License: MIT Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MaxFreeSignInAttempts  = 3
	MaxSignInThrottleDelay = app.SignInThrottleTTL / 2
)
View Source 
const (
	SignInMethodNone    = ""
	SignInMethodWebform = "Webform"
	SignInMethodGoogle  = "Google"
)

Variables

View Source 
var (
	ErrNotVerified     = errors.New("account is not verified")
	ErrNotActivated    = errors.New("account is not activated")
	ErrInvalidPassword = errors.New("invalid password")
)
View Source 
var ErrGoogleSignUpDisabled = errors.New("Google sign up disabled")
View Source 
var ErrSignInThrottled = errors.New("sign in throttled")

Functions

This section is empty.

Types

type ActivateTOTPGuard 

type ActivateTOTPGuard interface {
	CanActivateTOTP(userID int) bool
}

type ActivateUsersGuard 

type ActivateUsersGuard interface {
	CanActivateUsers() bool
}

type Activated 

type Activated struct {
	Email string
}

type AlreadySignedUp 

type AlreadySignedUp struct {
	Email string
}

type ChangePasswordGuard 

type ChangePasswordGuard interface {
	CanChangePassword(userID int) bool
}

type ChangeRolesGuard 

type ChangeRolesGuard interface {
	CanChangeRoles(userID int) bool
	CanAssignSuperRole(userID int) bool
}

type ChangeTOTPTelGuard 

type ChangeTOTPTelGuard interface {
	CanChangeTOTPTel(userID int) bool
}

type ChoosePasswordGuard 

type ChoosePasswordGuard interface {
	CanChoosePassword(userID int) bool
}

type CreateRoleGuard 

type CreateRoleGuard interface {
	CanCreateRoles() bool
}

type DeleteRoleGuard 

type DeleteRoleGuard interface {
	CanDeleteRoles() bool
}

type DisableTOTPGuard 

type DisableTOTPGuard interface {
	CanDisableTOTP(userID int) bool
}

type Email 

type Email string

func NewEmail 

func NewEmail(email string) (Email, error)

func (Email) String 

func (e Email) String() string

type GoogleSignInBehaviour 

type GoogleSignInBehaviour byte
const (
	GoogleSignInOnly GoogleSignInBehaviour = iota
	GoogleAllowSignUp
	GoogleAllowSignUpActivate
)

type Hasher 

type Hasher interface {
	EncodedPasswordHash(password []byte) ([]byte, error)
	CheckPasswordHash(password, encodedHash []byte) (ok, rehash bool, err error)
	CheckDummyPasswordHash() error
}

type InviteUserGuard 

type InviteUserGuard interface {
	CanInviteUsers() bool
}

type Invited 

type Invited struct {
	Email string
}

type Password 

type Password struct {
	// contains filtered or unexported fields
}

func NewPassword 

func NewPassword(password string) (zero Password, _ error)

func (Password) Equal 

func (p Password) Equal(rhs Password) bool

func (Password) String 

func (p Password) String() string

type PasswordChanged 

type PasswordChanged struct {
	Email string
}

type PasswordChosen 

type PasswordChosen struct {
	Email string
}

type PasswordReset 

type PasswordReset struct {
	Email string
}

type Permission 

type Permission string

func NewPermission 

func NewPermission(name string) (Permission, error)

func (Permission) String 

func (n Permission) String() string

type ReadWriter 

type ReadWriter interface {
	Reader
	Writer
}

type Reader 

type Reader interface {
	FindRoleByID(ctx context.Context, id int) (*Role, error)
	FindRoleByName(ctx context.Context, name string) (*Role, error)

	CountUsersByRoleID(ctx context.Context, roleID int) (int, error)
	FindUserByID(ctx context.Context, id int) (*User, error)
	FindUserByEmail(ctx context.Context, email string) (*User, error)

	FindSignInAttemptLogByEmail(ctx context.Context, email string) (*SignInAttemptLog, error)
}

type RecoveryCode 

type RecoveryCode string

func NewRandomRecoveryCode 

func NewRandomRecoveryCode() (RecoveryCode, error)

func NewRecoveryCode 

func NewRecoveryCode(code string) (RecoveryCode, error)

func (RecoveryCode) EqualHash 

func (c RecoveryCode) EqualHash(rhs []byte) bool

func (RecoveryCode) String 

func (c RecoveryCode) String() string

type RecoveryCodesRegenerated 

type RecoveryCodesRegenerated struct {
	Email string
}

type RegenerateRecoveryCodesGuard 

type RegenerateRecoveryCodesGuard interface {
	CanRegenerateRecoveryCodes(userID int) bool
}

type ResetPasswordGuard 

type ResetPasswordGuard interface {
	CanResetPassword(userID int) bool
}

type ResetTOTPGuard 

type ResetTOTPGuard interface {
	CanResetTOTP(userID int) bool
}

type Role 

type Role struct {
	aggregate.Root

	ID          int
	Name        string
	Description string
	Permissions []string
}
var SuperRole *Role

func NewRole 

func NewRole(name RoleName, description RoleDesc, permissions []Permission) *Role

type RoleDesc 

type RoleDesc string

func NewRoleDesc 

func NewRoleDesc(desc string) (RoleDesc, error)

func (RoleDesc) String 

func (d RoleDesc) String() string

type RoleFilter 

type RoleFilter struct {
	ID     *int
	UserID *int
	Name   *string
	Search *string

	SortTopID int

	Limit  int
	Offset int
}

type RoleName 

type RoleName string

func NewRoleName 

func NewRoleName(name string) (RoleName, error)

func (RoleName) String 

func (n RoleName) String() string

type RolesChanged 

type RolesChanged struct {
	Email string
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func NewService 

func NewService(broker event.Broker, repo ReadWriter, hasher Hasher) (*Service, error)

func (*Service) ActivateTOTP 

func (s *Service) ActivateTOTP(ctx context.Context, guard ActivateTOTPGuard, userID int) error

func (*Service) ActivateUser 

func (s *Service) ActivateUser(ctx context.Context, guard ActivateUsersGuard, userID int) error

func (*Service) ApproveTOTPResetRequest 

func (s *Service) ApproveTOTPResetRequest(ctx context.Context, userID int) error

func (*Service) ChangePassword 

func (s *Service) ChangePassword(ctx context.Context, guard ChangePasswordGuard, userID int, oldPassword, newPassword, newPasswordCheck string) error

func (*Service) ChangeRoles 

func (s *Service) ChangeRoles(ctx context.Context, guard ChangeRolesGuard, userID int, roleIDs []int, grants, denials []string) error

func (*Service) ChangeTOTPTel 

func (s *Service) ChangeTOTPTel(ctx context.Context, guard ChangeTOTPTelGuard, userID int, newTel string) error

func (*Service) CheckSignInThrottle 

func (s *Service) CheckSignInThrottle(attempts int, lastAttemptAt time.Time) error

func (*Service) ChoosePassword 

func (s *Service) ChoosePassword(ctx context.Context, guard ChoosePasswordGuard, userID int, newPassword, newPasswordCheck string) error

func (*Service) CreateRole 

func (s *Service) CreateRole(ctx context.Context, guard CreateRoleGuard, name, description string, permissions []string) (*Role, error)

func (*Service) DeleteRole 

func (s *Service) DeleteRole(ctx context.Context, guard DeleteRoleGuard, roleID int) (*Role, error)

func (*Service) DenyTOTPResetRequest 

func (s *Service) DenyTOTPResetRequest(ctx context.Context, userID int) error

func (*Service) DisableTOTP 

func (s *Service) DisableTOTP(ctx context.Context, guard DisableTOTPGuard, userID int, password string) error

func (*Service) InviteUser 

func (s *Service) InviteUser(ctx context.Context, guard InviteUserGuard, email string) (*User, error)

func (*Service) RegenerateRecoveryCodes 

func (s *Service) RegenerateRecoveryCodes(ctx context.Context, guard RegenerateRecoveryCodesGuard, userID int, totp string) ([]string, error)

func (*Service) RequestTOTPReset 

func (s *Service) RequestTOTPReset(ctx context.Context, email string) error

func (*Service) ResetPassword 

func (s *Service) ResetPassword(ctx context.Context, guard ResetPasswordGuard, userID int, newPassword, newPasswordCheck string) error

func (*Service) ResetTOTP 

func (s *Service) ResetTOTP(ctx context.Context, guard ResetTOTPGuard, userID int, password string) error

func (*Service) SetupTOTP 

func (s *Service) SetupTOTP(ctx context.Context, guard SetupTOTPGuard, userID int) error

func (*Service) SignInWithGoogle 

func (s *Service) SignInWithGoogle(ctx context.Context, email string, behaviour GoogleSignInBehaviour) (bool, error)

func (*Service) SignInWithPassword 

func (s *Service) SignInWithPassword(ctx context.Context, email, password string) error

func (*Service) SignInWithRecoveryCode 

func (s *Service) SignInWithRecoveryCode(ctx context.Context, userID int, recoveryCode string) error

func (*Service) SignInWithTOTP 

func (s *Service) SignInWithTOTP(ctx context.Context, userID int, totp string) error

func (*Service) SignUp 

func (s *Service) SignUp(ctx context.Context, email string) (*User, error)

func (*Service) UpdateRole 

func (s *Service) UpdateRole(ctx context.Context, guard UpdateRoleGuard, roleID int, name, description string, permissions []string) (*Role, error)

func (*Service) VerifyTOTP 

func (s *Service) VerifyTOTP(ctx context.Context, guard VerifyTOTPGuard, userID int, totp, totpMethod string) ([]string, error)

func (*Service) VerifyUser 

func (s *Service) VerifyUser(ctx context.Context, email, password, passwordCheck string, behaviour VerifyUserBehaviour) error

type SetupTOTPGuard 

type SetupTOTPGuard interface {
	CanSetupTOTP(userID int) bool
}

type SignInAttemptLog 

type SignInAttemptLog struct {
	aggregate.Root

	Email         string
	Attempts      int
	LastAttemptAt time.Time
}

type SignInThrottleError 

type SignInThrottleError struct {
	InLast   string
	Delay    time.Duration
	UnlockAt time.Time
	UnlockIn string
}

func (SignInThrottleError) Error 

func (t SignInThrottleError) Error() string

type SignedInWithGoogle 

type SignedInWithGoogle struct {
	Email string
}

type SignedInWithPassword 

type SignedInWithPassword struct {
	Email string
}

type SignedInWithRecoveryCode 

type SignedInWithRecoveryCode struct {
	Email string
}

type SignedInWithTOTP 

type SignedInWithTOTP struct {
	Email string
}

type SignedUp 

type SignedUp struct {
	Email string
}

type SignedUpWithGoogle 

type SignedUpWithGoogle struct {
	Email string
}

type TOTP 

type TOTP string

func NewTOTP 

func NewTOTP(totp string) (TOTP, error)

func (TOTP) String 

func (t TOTP) String() string

type TOTPDisabled 

type TOTPDisabled struct {
	Email string
}

type TOTPKey 

type TOTPKey struct {
	// contains filtered or unexported fields
}

func NewTOTPKey 

func NewTOTPKey(algorithm otp.Algorithm) (zero TOTPKey, _ error)

type TOTPMethod 

type TOTPMethod string
const (
	TOTPMethodNone TOTPMethod = ""
	TOTPMethodApp  TOTPMethod = "app"
	TOTPMethodSMS  TOTPMethod = "sms"
)

func NewTOTPMethod 

func NewTOTPMethod(method string) (TOTPMethod, error)

func (TOTPMethod) String 

func (t TOTPMethod) String() string

type TOTPReset 

type TOTPReset struct {
	Email string
}

type TOTPResetRequestApproved 

type TOTPResetRequestApproved struct {
	Email string
}

type TOTPResetRequestDenied 

type TOTPResetRequestDenied struct {
	Email string
}

type TOTPResetRequested 

type TOTPResetRequested struct {
	Email string
}

type TOTPTelChanged 

type TOTPTelChanged struct {
	Email  string
	OldTel string
	NewTel string
}

type Tel 

type Tel string

func NewTel 

func NewTel(tel string) (Tel, error)

func (Tel) String 

func (t Tel) String() string

type UpdateRoleGuard 

type UpdateRoleGuard interface {
	CanUpdateRoles() bool
}

type User 

type User struct {
	aggregate.Root

	ID                   int
	Email                string
	HashedPassword       []byte
	TOTPMethod           string
	TOTPTel              string
	TOTPKey              []byte
	TOTPAlgorithm        string
	TOTPDigits           int
	TOTPPeriod           time.Duration
	TOTPVerifiedAt       time.Time
	TOTPActivatedAt      time.Time
	TOTPResetRequestedAt time.Time
	TOTPResetApprovedAt  time.Time
	InvitedAt            time.Time
	SignedUpAt           time.Time
	VerifiedAt           time.Time
	ActivatedAt          time.Time
	LastSignedInAt       time.Time
	LastSignedInMethod   string
	HashedRecoveryCodes  [][]byte
	Roles                []*Role
	Grants               []string
	Denials              []string
}

func NewUser 

func NewUser(email Email) *User

func (*User) Activate 

func (u *User) Activate() error

func (*User) ActivateTOTP 

func (u *User) ActivateTOTP() error

func (*User) ApproveTOTPResetRequest 

func (u *User) ApproveTOTPResetRequest() error

func (*User) ChangePassword 

func (u *User) ChangePassword(oldPassword, newPassword Password, hasher Hasher) error

func (*User) ChangeRoles 

func (u *User) ChangeRoles(roles []*Role, grants, denials []Permission) error

func (*User) ChangeTOTPTel 

func (u *User) ChangeTOTPTel(newTel Tel) error

func (*User) ChoosePassword 

func (u *User) ChoosePassword(newPassword Password, hasher Hasher) error

func (*User) DenyTOTPResetRequest 

func (u *User) DenyTOTPResetRequest() error

func (*User) DisableTOTP 

func (u *User) DisableTOTP(password Password, hasher Hasher) error

func (*User) GenerateTOTP 

func (u *User) GenerateTOTP() (string, error)

func (*User) HasActivatedTOTP 

func (u *User) HasActivatedTOTP() bool

func (*User) HasVerifiedTOTP 

func (u *User) HasVerifiedTOTP() bool

func (*User) InviteUser 

func (u *User) InviteUser() error

func (*User) IsSuper 

func (u *User) IsSuper() bool

func (*User) Permissions 

func (u *User) Permissions() []string

func (*User) RegenerateRecoveryCodes 

func (u *User) RegenerateRecoveryCodes(totp TOTP) ([]string, error)

func (*User) RequestTOTPReset 

func (u *User) RequestTOTPReset() error

func (*User) ResetPassword 

func (u *User) ResetPassword(newPassword Password, hasher Hasher) error

func (*User) ResetTOTP 

func (u *User) ResetTOTP(password Password, hasher Hasher) error

func (*User) SetupTOTP 

func (u *User) SetupTOTP() error

func (*User) SignInWithGoogle 

func (u *User) SignInWithGoogle() error

func (*User) SignInWithPassword 

func (u *User) SignInWithPassword(password Password, hasher Hasher) (rehashed bool, _ error)

func (*User) SignInWithRecoveryCode 

func (u *User) SignInWithRecoveryCode(code RecoveryCode) error

func (*User) SignInWithTOTP 

func (u *User) SignInWithTOTP(totp TOTP) error

func (*User) SignUp 

func (u *User) SignUp() error

func (*User) SignUpWithGoogle 

func (u *User) SignUpWithGoogle() error

func (*User) Verify 

func (u *User) Verify(password Password, hasher Hasher) error

func (*User) VerifyTOTP 

func (u *User) VerifyTOTP(totp TOTP, method TOTPMethod) ([]string, error)

type UserFilter 

type UserFilter struct {
	ID     *int
	Email  *string
	Search *string
	RoleID *int

	SortTopID int

	Limit  int
	Offset int
}

type Verified 

type Verified struct {
	Email string
}

type VerifyTOTPGuard 

type VerifyTOTPGuard interface {
	CanVerifyTOTP(userID int) bool
}

type VerifyUserBehaviour 

type VerifyUserBehaviour byte
const (
	VerifyUserOnly VerifyUserBehaviour = iota
	VerifyUserActivate
)

type Writer 

type Writer interface {
	AddRole(ctx context.Context, role *Role) error
	SaveRole(ctx context.Context, role *Role) error
	RemoveRole(ctx context.Context, roleID int) error

	AddUser(ctx context.Context, user *User) error
	SaveUser(ctx context.Context, user *User) error

	SaveSignInAttemptLog(ctx context.Context, log *SignInAttemptLog) error
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.