Documentation ¶
Index ¶
- Constants
- Variables
- func CSRFTemplateField(r *http.Request) template.HTML
- func CheckPasswordHash(hash, password []byte) error
- func HashPassword(password []byte) ([]byte, error)
- func Redirect(state *State, w http.ResponseWriter, r *http.Request)
- type DB
- func (db *DB) Auth(username, password string) bool
- func (db *DB) DeleteRegisterToken(token string)
- func (db *DB) DeleteSessionID(sessionID string)
- func (db *DB) DeleteUser(username string) error
- func (db *DB) DoesUserExist(username string) bool
- func (db *DB) GenerateRegisterToken(role string) string
- func (db *DB) GetSessionID(sessionID string) string
- func (db *DB) NewAdmin(username, password string) error
- func (db *DB) NewUser(username, password string) error
- func (db *DB) PutSessionID(username string) string
- func (db *DB) UpdatePass(username string, hash []byte) error
- func (db *DB) Userlist() ([]string, error)
- func (db *DB) ValidateRegisterToken(token string) (bool, string)
- type State
- func (state *State) AnyUsers() bool
- func (state *State) AuthAdminMiddle(next http.HandlerFunc) http.HandlerFunc
- func (state *State) AuthMiddle(next http.HandlerFunc) http.HandlerFunc
- func (state *State) AuthMiddleHandler(next http.Handler) http.Handler
- func (state *State) CSRFProtect(secure bool) func(http.Handler) http.Handler
- func (state *State) GetFlash(r *http.Request, w http.ResponseWriter) string
- func (state *State) GetRedirect(r *http.Request, w http.ResponseWriter) (redirURL string)
- func (state *State) GetUserState(r *http.Request) *User
- func (state *State) IsLoggedIn(r *http.Request) bool
- func (state *State) Login(username string, w http.ResponseWriter)
- func (state *State) LoginPostHandler(w http.ResponseWriter, r *http.Request)
- func (state *State) LogoutHandler(w http.ResponseWriter, r *http.Request)
- func (state *State) NewUserToken(w http.ResponseWriter, r *http.Request)
- func (state *State) SetFlash(msg string, w http.ResponseWriter)
- func (state *State) UserSignupPostHandler(w http.ResponseWriter, r *http.Request)
- func (state *State) UserSignupTokenPostHandler(w http.ResponseWriter, r *http.Request)
- type User
Constants ¶
const ( // UserKey is used to store the *User in the context UserKey key = 1 // MsgKey is used to store flash messages in the context MsgKey key = 2 // ChkKey is used to store whether UserEnvMiddle has been hit in the context ChkKey key = 3 )
Variables ¶
var ( // LoginPath is the path to the login page, used to redirect protected pages LoginPath = "/login" // SignupPath is the path to your signup page, used in the initial registration banner SignupPath = "/signup" )
Functions ¶
func CSRFTemplateField ¶ added in v1.0.2
CSRFTemplateField wraps gorilla/csrf.TemplateField
func CheckPasswordHash ¶
CheckPasswordHash securely compares a bcrypt hashed password with its possible plaintext equivalent. Returns nil on success, or an error on failure.
func HashPassword ¶
HashPassword generates a bcrypt hash of the password using work factor 14.
Types ¶
type DB ¶
type DB struct {
// contains filtered or unexported fields
}
DB wraps a bolt.DB struct, so I can test and interact with the db from programs using the lib, while vendoring bolt in both places
func (*DB) DeleteRegisterToken ¶
DeleteRegisterToken deletes a registration token
func (*DB) DeleteSessionID ¶ added in v1.1.0
DeleteSessionID deletes a given session ID
func (*DB) DeleteUser ¶
DeleteUser deletes a given user from the DB
func (*DB) DoesUserExist ¶
DoesUserExist checks if user actually exists in the DB
func (*DB) GenerateRegisterToken ¶
GenerateRegisterToken generates a token to register a user, and only a user
func (*DB) GetSessionID ¶ added in v1.1.0
GetSessionID checks for a given session ID in the DB and returns the associated username
func (*DB) PutSessionID ¶ added in v1.1.0
PutSessionID generates a session ID and ties the ID to the given user
func (*DB) UpdatePass ¶
UpdatePass updates a given user's password to the given hash Password hashing must be done by the caller
type State ¶
type State struct { DB // contains filtered or unexported fields }
State holds all required info to get authentication working in the app
func NewAuthState ¶
NewAuthState creates a new AuthState using the BoltDB backend, storing the boltDB connection and cookie info
func NewAuthStateWithDB ¶
NewAuthStateWithDB takes an instance of a boltDB, and returns an AuthState using the BoltDB backend
func (*State) AnyUsers ¶ added in v1.0.10
AnyUsers checks if there are any users in the DB This is useful in application initialization flows
func (*State) AuthAdminMiddle ¶
func (state *State) AuthAdminMiddle(next http.HandlerFunc) http.HandlerFunc
AuthAdminMiddle is a middleware to protect a given handler; admin only access
func (*State) AuthMiddle ¶
func (state *State) AuthMiddle(next http.HandlerFunc) http.HandlerFunc
AuthMiddle is a middleware for HandlerFunc-specific stuff, to protect a given handler; users only access
func (*State) AuthMiddleHandler ¶
AuthMiddleHandler is a middleware to protect a given handler; users only access
func (*State) CSRFProtect ¶ added in v1.0.2
CSRFProtect wraps gorilla/csrf.Protect, only allowing toggling the Secure option
func (*State) GetRedirect ¶ added in v1.1.0
GetRedirect returns the URL from the redirect cookie
func (*State) GetUserState ¶ added in v1.1.0
GetUserState returns a *User from the context The *User should have been crammed in there by UserEnvMiddle
func (*State) IsLoggedIn ¶ added in v1.1.0
IsLoggedIn takes a context, tries to fetch user{} from it,
and if that succeeds, verifies the username fetched actually exists
func (*State) Login ¶ added in v1.1.0
func (state *State) Login(username string, w http.ResponseWriter)
Login generates a random session ID, throws that into the DB,
then sets that session ID into the cookie
func (*State) LoginPostHandler ¶
func (state *State) LoginPostHandler(w http.ResponseWriter, r *http.Request)
LoginPostHandler only handles POST requests, verifying forms named "username" and "password" Comparing values with those in BoltDB, and if it passes, stores the verified username in the cookie Note: As opposed to the other Handlers above, now commented out, this one deals with the redirects, so worth handling in the library.
func (*State) LogoutHandler ¶
func (state *State) LogoutHandler(w http.ResponseWriter, r *http.Request)
LogoutHandler clears the "user" cookie, logging the user out
func (*State) NewUserToken ¶ added in v1.0.2
func (state *State) NewUserToken(w http.ResponseWriter, r *http.Request)
NewUserToken is a convenient handler that generates and provides a new user registration token
func (*State) SetFlash ¶
func (state *State) SetFlash(msg string, w http.ResponseWriter)
SetFlash sets a flash message inside a cookie, which, combined with the UserEnvMiddle
middleware, pushes the message into context and then template
func (*State) UserSignupPostHandler ¶
func (state *State) UserSignupPostHandler(w http.ResponseWriter, r *http.Request)
UserSignupPostHandler only handles POST requests, using forms named "username", "password" Signing up users as necessary, inside the AuthConf
func (*State) UserSignupTokenPostHandler ¶ added in v1.1.0
func (state *State) UserSignupTokenPostHandler(w http.ResponseWriter, r *http.Request)
UserSignupTokenPostHandler only handles POST requests, using forms named "username", "password", and "register_key"
This is an alternative to UserSignupPostHandler, adding registration token support That token is verified against the DB before registration