README
¶
EAuth
Poor man's OAuth
Death to passwords.
Documentation
¶
Index ¶
- Variables
- func CreateLink(c Config, user User) string
- func IsValid(c Config, user User, then time.Time, given string) bool
- func IsValidSession(m SessionManager, key string) bool
- func RandomKey() (string, error)
- func SaltedHMAC(salt, secret, data []byte) []byte
- func Send(c SMTPConfig, to []string, subject, body string) error
- func SetCookie(w http.ResponseWriter, config CookieConfig, session Session)
- type Addresses
- type Config
- type CookieConfig
- type DatabaseConfig
- type DefaultSender
- type Email
- type KeyFunc
- type SMTPConfig
- type Sender
- type Server
- type Session
- type SessionManager
- type User
- type UserManager
- type UserTest
Constants ¶
This section is empty.
Variables ¶
var Default = &DefaultSender{}
Default is an initialized instance of the DefaultSender No need to place this in init, there's no initialization behavior needed
Functions ¶
func CreateLink ¶
Links can be reused within the expiration, but I'm okay with that
func IsValidSession ¶
func IsValidSession(m SessionManager, key string) bool
IsValidSession checks if a session key exists in the given manager.
func RandomKey ¶
For 144 bit sessions, we'll need to generate 18 random bytes. These will be encoded in URL safe base 64, for a length of 24 chars.
func SaltedHMAC ¶
The validity of the reset link is determined by * The HMAC using the server's secret key * The unix timestamp in the message body * That the associated session does not have an assigned IP
func Send ¶
func Send(c SMTPConfig, to []string, subject, body string) error
Send will send an email using the default Sender implementation.
func SetCookie ¶
func SetCookie(w http.ResponseWriter, config CookieConfig, session Session)
Include the cookie on the response The cookie's name is taken from the cookie configuration and its value is the given session key.
Types ¶
type Config ¶
type Config struct {
Domain string `json:"domain"`
Secret string `json:"secret"`
Https bool `json:"https"`
Cookie CookieConfig `json:"cookie"`
SMTP SMTPConfig `json:"smtp"`
Databases DatabaseConfig `json:"database"`
}
TODO A mechanism should be in place to rotate secret keys TODO Multiple domains?
type CookieConfig ¶
type CookieConfig struct {
Age time.Duration `json:"age"`
Domain string `json:"domain"`
HttpOnly bool `json:"http_only"`
Name string `json:"name"`
Path string `json:"path"`
Secure bool `json:"secure"`
}
Cookie names are valid tokens as defined by RFC 2616 section 2.2: http://tools.ietf.org/html/rfc2616#section-2.2 TL;DR: Any non-control or non-separator character.
type DatabaseConfig ¶
type DatabaseConfig struct {
Driver string `json:"driver"`
Host string `json:"host"`
Port int64 `json:"port"`
Name string `json:"name"`
User string `json:"user"`
Password string `json:"password"`
}
func (DatabaseConfig) Credentials ¶
func (db DatabaseConfig) Credentials() string
Return a string of credentials approriate for Go's sql.Open() func
type DefaultSender ¶
type DefaultSender struct{}
DefaultSender implements the Email Sender interface
func (*DefaultSender) Send ¶
func (ds *DefaultSender) Send(c SMTPConfig, to Addresses, subject, body string) error
Send will send an email on the DefaultSender
type SMTPConfig ¶
type SMTPConfig struct {
Port int64 `json:"port"`
User string `json:"user"`
Password string `json:"password"`
Host string `json:"host"`
From string `json:"from"`
Alias string `json:"alias"`
}
func (SMTPConfig) FromAddress ¶
func (c SMTPConfig) FromAddress() string
func (SMTPConfig) HostWithPort ¶
func (c SMTPConfig) HostWithPort() string
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
func NewServer ¶
func NewServer(c Config, u UserManager, s SessionManager) *Server
func (*Server) Authenticate ¶
func (s *Server) Authenticate(w http.ResponseWriter, r *http.Request)
func (*Server) ListenAndServe ¶
func (*Server) LoginRequired ¶
func (s *Server) LoginRequired(h http.HandlerFunc) http.HandlerFunc
type Session ¶
Includes options for making sessions even more secure: * Single sessions per user * IP address fixation Session does not include data.
func NewSession ¶
func NewSession(m SessionManager, uid int64, c CookieConfig) (Session, error)
Session keys become the cookie's value. US-ASCII is safe except for control characters, commas, semicolons and backslash. URL-encoded base64 is safe and is used here.
type SessionManager ¶
type SessionManager interface {
Save(session Session) error
Delete(key string) error
Get(key string) Session
}
SessionManager is the persistance interface for sessions.
type User ¶
User is the server's user struct. Sessions are attached to users. Id is included so urls do not need to include the email in the link url. Tokens are refreshed everytime a new session is created in order to prevent replay attacks with the given link URL.
type UserManager ¶
type UserManager interface {
Save(user User) error
Delete(user User) error
UpdateToken(user User, token string) error
Get(id int64) User
GetEmail(email string) User
}
UserManager is the persistance interface for users. TODO Save should return a User or it's impossible to return manager- created attributes.
Source Files
Directories