Documentation ¶
Overview ¶
Authentication service.
This service is a generic service for authentication.
Index ¶
- Variables
- func AddAuthToUser(db ab.DB, uuid, authid, secret, provider string) error
- func AuthenticateUser(db ab.DB, name, authid string) (string, error)
- func ConsumeToken(db ab.DB, uuid, category, token string) (bool, error)
- func CreateToken(db ab.DB, uuid, category string, expires *time.Time, autoclean bool) (string, error)
- func GetOAuth1Client(db ab.DB, logger *log.Log, provider OAuth1ProviderDelegate, uid string) *oauth.Credentials
- func GetOAuth2Client(db ab.DB, logger *log.Log, provider OAuth2ProviderDelegate, uid string) *http.Client
- func LoggedInMiddleware(user UserDelegate) func(http.Handler) http.Handler
- func NotLoggedInMiddleware(user UserDelegate) func(http.Handler) http.Handler
- func RemoveExpiredTokens(db ab.DB) error
- type AuthProvider
- type MailTemplateData
- type MultiUserDelegate
- type OAuth1Provider
- type OAuth1ProviderDelegate
- type OAuth2Provider
- type OAuth2ProviderDelegate
- type OAuthCredentials
- type OAuthProvider
- type Password
- type PasswordAuthEmailSenderDelegate
- type PasswordAuthProvider
- type PasswordAuthProviderDelegate
- type PasswordAuthSMTPEmailSenderDelegate
- type PasswordChangeFields
- type PasswordFields
- type PasswordLoginData
- type Service
- type SessionUserDelegate
- type UserDelegate
Constants ¶
This section is empty.
Variables ¶
var ( PASSWORD_HASH_SALT_LENGTH = 32 PASSWORD_HASH_N = 32768 PASSWORD_HASH_R = 8 PASSWORD_HASH_P = 1 PASSWORD_HASH_KEYLEN = 64 )
Functions ¶
func AddAuthToUser ¶
Adds an authentication method for a user.
func AuthenticateUser ¶
Authenticates a user with authid.
func CreateToken ¶
func CreateToken(db ab.DB, uuid, category string, expires *time.Time, autoclean bool) (string, error)
Generates and saves a new token.
func GetOAuth1Client ¶
func GetOAuth1Client(db ab.DB, logger *log.Log, provider OAuth1ProviderDelegate, uid string) *oauth.Credentials
func GetOAuth2Client ¶
func LoggedInMiddleware ¶
func LoggedInMiddleware(user UserDelegate) func(http.Handler) http.Handler
This middlware restricts the endpoint for loggedin users.
func NotLoggedInMiddleware ¶
func NotLoggedInMiddleware(user UserDelegate) func(http.Handler) http.Handler
This middleware restricts the endpoint for anonymous users.
func RemoveExpiredTokens ¶
Removes all expired tokens from the dataabase.
Types ¶
type AuthProvider ¶
type MailTemplateData ¶
type MultiUserDelegate ¶
type MultiUserDelegate struct { LoginUserDelegate func([]UserDelegate) []UserDelegate // contains filtered or unexported fields }
This user delegate allows using multiple user delegats as if they were one.
The LoginUserDelegate decides which delegates should perform the login; if left empty, then all delegates will login.
func NewMultiUserDelegate ¶
func NewMultiUserDelegate(delegates ...UserDelegate) *MultiUserDelegate
func (*MultiUserDelegate) CurrentUser ¶
func (mud *MultiUserDelegate) CurrentUser(r *http.Request) string
func (*MultiUserDelegate) IsLoggedIn ¶
func (mud *MultiUserDelegate) IsLoggedIn(r *http.Request) bool
type OAuth1Provider ¶
type OAuth1Provider struct {
// contains filtered or unexported fields
}
func NewOAuth1Provider ¶
func NewOAuth1Provider(ec *ab.EntityController, delegate OAuth1ProviderDelegate) *OAuth1Provider
func (*OAuth1Provider) GetLabel ¶
func (p *OAuth1Provider) GetLabel() string
func (*OAuth1Provider) GetName ¶
func (p *OAuth1Provider) GetName() string
func (*OAuth1Provider) Register ¶
func (p *OAuth1Provider) Register(baseURL string, srv *ab.Server, user UserDelegate)
type OAuth1ProviderDelegate ¶
type OAuth1ProviderDelegate interface { OAuthProvider GetClient() *oauth.Client PrepareUser(*oauth.Credentials) (ab.Entity, string, error) }
type OAuth2Provider ¶
type OAuth2Provider struct {
// contains filtered or unexported fields
}
func NewOAuth2Provider ¶
func NewOAuth2Provider(ec *ab.EntityController, delegate OAuth2ProviderDelegate) *OAuth2Provider
func (*OAuth2Provider) GetLabel ¶
func (p *OAuth2Provider) GetLabel() string
func (*OAuth2Provider) GetName ¶
func (p *OAuth2Provider) GetName() string
func (*OAuth2Provider) Register ¶
func (p *OAuth2Provider) Register(baseURL string, srv *ab.Server, user UserDelegate)
type OAuth2ProviderDelegate ¶
type OAuthCredentials ¶
Container struct for OAuth credentials.
func (OAuthCredentials) Empty ¶
func (c OAuthCredentials) Empty() bool
type OAuthProvider ¶
type OAuthProvider interface { GetName() string // machine name of the provider (usually a lowercase word, max 32 characters) GetLabel() string // the name of the OAuth provider that is displayed for the user ResolveUniqueID(db ab.DB, user ab.Entity) (string, error) // Tries to resolve the user with unique properties on the user entity }
type PasswordAuthProvider ¶
type PasswordAuthProvider struct {
// contains filtered or unexported fields
}
func NewPasswordAuthProvider ¶
func NewPasswordAuthProvider(ec *ab.EntityController, delegate PasswordAuthProviderDelegate, emailDelegate PasswordAuthEmailSenderDelegate) *PasswordAuthProvider
func (*PasswordAuthProvider) GetLabel ¶
func (p *PasswordAuthProvider) GetLabel() string
func (*PasswordAuthProvider) GetName ¶
func (p *PasswordAuthProvider) GetName() string
func (*PasswordAuthProvider) Register ¶
func (p *PasswordAuthProvider) Register(baseURL string, srv *ab.Server, user UserDelegate)
type PasswordAuthSMTPEmailSenderDelegate ¶
type PasswordAuthSMTPEmailSenderDelegate struct { SMTPAddr string SiteEmail string From string RegistrationEmailTemplate *template.Template LostPasswordEmailTemplate *template.Template // contains filtered or unexported fields }
func NewPasswordAuthSMTPEmailSenderDelegate ¶
func NewPasswordAuthSMTPEmailSenderDelegate(smtpAddr string, smtpAuth smtp.Auth, baseURL string) *PasswordAuthSMTPEmailSenderDelegate
func (*PasswordAuthSMTPEmailSenderDelegate) SendLostPasswordLink ¶
func (d *PasswordAuthSMTPEmailSenderDelegate) SendLostPasswordLink(address, url string) error
func (*PasswordAuthSMTPEmailSenderDelegate) SendRegistrationEmail ¶
func (d *PasswordAuthSMTPEmailSenderDelegate) SendRegistrationEmail(address, url string) error
type PasswordChangeFields ¶
type PasswordChangeFields struct { PasswordFields OldPassword string `json:"old_password"` }
func (PasswordChangeFields) GetOldPassword ¶
func (pcf PasswordChangeFields) GetOldPassword() string
type PasswordFields ¶
type PasswordFields struct { Password string `json:"password"` PasswordConfirm string `json:"password_confirm"` }
func (PasswordFields) GetPassword ¶
func (pf PasswordFields) GetPassword() string
func (PasswordFields) ValidatePassword ¶
func (pf PasswordFields) ValidatePassword() error
type PasswordLoginData ¶
type Service ¶
type Service struct { BaseURL string // base URL of the server that uses this service // contains filtered or unexported fields }
Auth service settings.
func NewService ¶
func NewService(baseURL string, user UserDelegate, conn ab.DB, providers ...AuthProvider) *Service
Creates a new auth service.
Before using this service, make sure that you called util.SetKey().
func (*Service) AddProvider ¶
func (s *Service) AddProvider(p AuthProvider)
Adds an OAuth1Provider or an OAuth2Provider to the service. Adding a type that only implements the OAuthProvider interface will cause a runtime panic on Register().
type SessionUserDelegate ¶
type SessionUserDelegate struct { DB ab.DB TableName string // Name of the user table, defaults to "user" UUIDColumn string // Name of the uuid column, defaults to "uuid" }
A session-based user delegate, that stores the current user's UUID in the "uid" key of the session.
The DB value is optional. If provided, the delegate assumes that a table named "user" exists, and it has a UUID field which is its primary key.
func (*SessionUserDelegate) CurrentUser ¶
func (ud *SessionUserDelegate) CurrentUser(r *http.Request) string
func (*SessionUserDelegate) IsLoggedIn ¶
func (ud *SessionUserDelegate) IsLoggedIn(r *http.Request) bool