Documentation ¶
Index ¶
Constants ¶
View Source
const (
// Number of bits of the hash used for anti-bruteforce ratelimit
LOGIN_HASH_BITS = 12
)
View Source
const MAX_TOKEN_SIZE = 65536
MAX_TOKEN_SIZE is the maximum token size returned by auth
Variables ¶
View Source
var ErrorAuthCancelled = errors.New("AuthManager is being cancelled")
View Source
var ErrorEmptyAuthResponse = errors.New("Empty body in auth response")
ErrorEmptyAuthResponse returned when response to auth request is empty
View Source
var ErrorInvalidWebToken = errors.New("Web Token is not valid, check your clock")
View Source
var ErrorTooManyAttempts = errors.New("Too many concurrent auth attempts")
Functions ¶
This section is empty.
Types ¶
type Credentials ¶
Credentials for authentication
func (Credentials) Hash ¶
func (cred Credentials) Hash(password string) uint32
Hash credentials for rate-limiting
type ErrorUnauthorized ¶
type ErrorUnauthorized string
ErrorUnauthorized encapsulates the error returned by Keystone
func (ErrorUnauthorized) Error ¶
func (err ErrorUnauthorized) Error() string
type Manager ¶
type Manager struct { // Keeper must be at the top of the struct clock.Keeper Logger *log.Logger Lifetime time.Duration Keystone Keystone // For token signing SigningMethod jwt.SigningMethod KeyFunc jwt.Keyfunc // contains filtered or unexported fields }
Manager handles credential resolution, ratelimit and cache
func New ¶
func New(logger *log.Logger, client *http.Client, lifetime time.Duration, keystoneURL string, signingMethod jwt.SigningMethod, keyFunc jwt.Keyfunc) *Manager
New creates new Auth Manager
func (*Manager) Check ¶
func (m *Manager) Check(webToken string) (Credentials, *Session, error)
Check the credential cache for a match that has not expired yet.
Click to show internal directories.
Click to hide internal directories.