Documentation
¶
Index ¶
Constants ¶
View Source
const (
// Number of bits of the hash used for anti-bruteforce ratelimit
LOGIN_HASH_BITS = 12
)
View Source
const MAX_TOKEN_SIZE = 65536
MAX_TOKEN_SIZE is the maximum token size returned by auth
Variables ¶
View Source
var ErrorAuthCancelled = errors.New("AuthManager is being cancelled")
View Source
var ErrorEmptyAuthResponse = errors.New("Empty body in auth response")
ErrorEmptyAuthResponse returned when response to auth request is empty
View Source
var ErrorInvalidWebToken = errors.New("Web Token is not valid, check your clock")
View Source
var ErrorTooManyAttempts = errors.New("Too many concurrent auth attempts")
Functions ¶
This section is empty.
Types ¶
type Credentials ¶
Credentials for authentication
func (Credentials) Hash ¶
func (cred Credentials) Hash(password string) uint32
Hash credentials for rate-limiting
type ErrorUnauthorized ¶
type ErrorUnauthorized string
ErrorUnauthorized encapsulates the error returned by Keystone
func (ErrorUnauthorized) Error ¶
func (err ErrorUnauthorized) Error() string
type Manager ¶
type Manager struct {
// Keeper must be at the top of the struct
clock.Keeper
Logger *log.Logger
Lifetime time.Duration
Keystone Keystone
// For token signing
SigningMethod jwt.SigningMethod
KeyFunc jwt.Keyfunc
// contains filtered or unexported fields
}
Manager handles credential resolution, ratelimit and cache
func New ¶
func New(logger *log.Logger, client *http.Client, lifetime time.Duration, keystoneURL string, signingMethod jwt.SigningMethod, keyFunc jwt.Keyfunc) *Manager
New creates new Auth Manager
func (*Manager) Check ¶
func (m *Manager) Check(webToken string) (Credentials, *Session, error)
Check the credential cache for a match that has not expired yet.
Source Files
Click to show internal directories.
Click to hide internal directories.