Documentation ¶
Index ¶
- Variables
- func IsSamePassword(hashedPassword []byte, password string) bool
- func TranslateBcryptError(err error) error
- type Checker
- type CheckerHistoryStore
- type Expiry
- type History
- type HistoryStore
- func (p *HistoryStore) CreatePasswordHistory(userID string, hashedPassword []byte, createdAt time.Time) error
- func (p *HistoryStore) GetPasswordHistory(userID string, historySize int, historyDays config.DurationDays) ([]History, error)
- func (p *HistoryStore) RemovePasswordHistory(userID string, historySize int, historyDays config.DurationDays) error
- func (p *HistoryStore) ResetPasswordHistory(userID string) error
- type Housekeeper
- type HousekeeperLogger
- type Logger
- type Policy
- type PolicyName
- type Provider
- func (p *Provider) Authenticate(a *authenticator.Password, password string) (verifyResult *VerifyResult, err error)
- func (p *Provider) Create(a *authenticator.Password) error
- func (p *Provider) Delete(a *authenticator.Password) error
- func (p *Provider) Get(userID string, id string) (*authenticator.Password, error)
- func (p *Provider) GetMany(ids []string) ([]*authenticator.Password, error)
- func (p *Provider) List(userID string) ([]*authenticator.Password, error)
- func (p *Provider) New(id string, userID string, passwordSpec *authenticator.PasswordSpec, ...) (*authenticator.Password, error)
- func (p *Provider) UpdatePassword(a *authenticator.Password) error
- func (p *Provider) WithPassword(a *authenticator.Password, password string) (*authenticator.Password, error)
- type Store
- func (s *Store) Create(a *authenticator.Password) (err error)
- func (s *Store) Delete(id string) error
- func (s *Store) Get(userID string, id string) (*authenticator.Password, error)
- func (s *Store) GetMany(ids []string) ([]*authenticator.Password, error)
- func (s *Store) List(userID string) ([]*authenticator.Password, error)
- func (s *Store) UpdatePasswordHash(a *authenticator.Password) error
- type VerifyResult
Constants ¶
This section is empty.
Variables ¶
View Source
var DependencySet = wire.NewSet( NewLogger, wire.Struct(new(Provider), "*"), wire.Struct(new(Store), "*"), NewHousekeeperLogger, wire.Struct(new(Housekeeper), "*"), ProvideChecker, wire.Struct(new(HistoryStore), "*"), wire.Bind(new(CheckerHistoryStore), new(*HistoryStore)), ProvideExpiry, )
View Source
var InvalidBcryptHash = apierrors.Invalid.WithReason("InvalidBcryptHash")
View Source
var PasswordExpiryForceChange apierrors.Kind = apierrors.Invalid.WithReason("PasswordExpiryForceChange")
View Source
var PasswordPolicyViolated apierrors.Kind = apierrors.Invalid.WithReason("PasswordPolicyViolated")
Functions ¶
func IsSamePassword ¶
func TranslateBcryptError ¶
Types ¶
type Checker ¶
type Checker struct { PwMinLength int PwUppercaseRequired bool PwLowercaseRequired bool PwAlphabetRequired bool PwDigitRequired bool PwSymbolRequired bool PwMinGuessableLevel int PwExcludedKeywords []string PwHistorySize int PwHistoryDays config.DurationDays PasswordHistoryEnabled bool PasswordHistoryStore CheckerHistoryStore }
func ProvideChecker ¶
func ProvideChecker( cfg *config.AuthenticatorPasswordConfig, featureCfg *config.AuthenticatorFeatureConfig, s CheckerHistoryStore, ) *Checker
func (*Checker) PasswordPolicy ¶
PasswordPolicy outputs a list of PasswordPolicy to reflect the password policy.
func (*Checker) PasswordRules ¶
func (*Checker) ValidateCurrentPassword ¶
ValidateCurrentPassword should be used when the user authenticates.
type CheckerHistoryStore ¶
type Expiry ¶
type Expiry struct { ForceChangeEnabled bool ForceChangeSinceLastUpdate config.DurationString Clock clock.Clock }
func ProvideExpiry ¶
func ProvideExpiry( cfg *config.AuthenticatorPasswordConfig, c clock.Clock, ) *Expiry
type HistoryStore ¶
type HistoryStore struct { Clock clock.Clock SQLBuilder *appdb.SQLBuilderApp SQLExecutor *appdb.SQLExecutor }
func (*HistoryStore) CreatePasswordHistory ¶
func (*HistoryStore) GetPasswordHistory ¶
func (p *HistoryStore) GetPasswordHistory(userID string, historySize int, historyDays config.DurationDays) ([]History, error)
func (*HistoryStore) RemovePasswordHistory ¶
func (p *HistoryStore) RemovePasswordHistory(userID string, historySize int, historyDays config.DurationDays) error
func (*HistoryStore) ResetPasswordHistory ¶
func (p *HistoryStore) ResetPasswordHistory(userID string) error
type Housekeeper ¶
type Housekeeper struct { Store *HistoryStore Logger HousekeeperLogger Config *config.AuthenticatorPasswordConfig }
func (*Housekeeper) Housekeep ¶
func (p *Housekeeper) Housekeep(authID string) (err error)
type HousekeeperLogger ¶
func NewHousekeeperLogger ¶
func NewHousekeeperLogger(lf *log.Factory) HousekeeperLogger
type Policy ¶
type Policy struct { Name PolicyName Info map[string]interface{} `json:",omitempty"` }
type PolicyName ¶
type PolicyName string
const ( // PasswordTooShort is self-explanatory PasswordTooShort PolicyName = "PasswordTooShort" // PasswordUppercaseRequired means the password does not contain ASCII uppercase character PasswordUppercaseRequired PolicyName = "PasswordUppercaseRequired" // PasswordLowercaseRequired means the password does not contain ASCII lowercase character PasswordLowercaseRequired PolicyName = "PasswordLowercaseRequired" // PasswordAlphabetRequired means the password does not contain ASCII alphabet character PasswordAlphabetRequired PolicyName = "PasswordAlphabetRequired" // PasswordDigitRequired means the password does not contain ASCII digit character PasswordDigitRequired PolicyName = "PasswordDigitRequired" // PasswordSymbolRequired means the password does not contain ASCII non-alphanumeric character PasswordSymbolRequired PolicyName = "PasswordSymbolRequired" // PasswordContainingExcludedKeywords means the password contains configured excluded keywords PasswordContainingExcludedKeywords PolicyName = "PasswordContainingExcludedKeywords" // PasswordBelowGuessableLevel means the password's guessable level is below configured level. // The current implementation uses Dropbox's zxcvbn. PasswordBelowGuessableLevel PolicyName = "PasswordBelowGuessableLevel" // PasswordReused is self-explanatory PasswordReused PolicyName = "PasswordReused" )
type Provider ¶
type Provider struct { Store *Store Config *config.AuthenticatorPasswordConfig Clock clock.Clock Logger Logger PasswordHistory *HistoryStore PasswordChecker *Checker Expiry *Expiry Housekeeper *Housekeeper }
func (*Provider) Authenticate ¶
func (p *Provider) Authenticate(a *authenticator.Password, password string) (verifyResult *VerifyResult, err error)
func (*Provider) GetMany ¶
func (p *Provider) GetMany(ids []string) ([]*authenticator.Password, error)
func (*Provider) New ¶
func (p *Provider) New(id string, userID string, passwordSpec *authenticator.PasswordSpec, isDefault bool, kind string) (*authenticator.Password, error)
func (*Provider) UpdatePassword ¶
func (p *Provider) UpdatePassword(a *authenticator.Password) error
func (*Provider) WithPassword ¶
func (p *Provider) WithPassword(a *authenticator.Password, password string) (*authenticator.Password, error)
WithPassword return new authenticator pointer if password is changed Otherwise original authenticator will be returned
type Store ¶
type Store struct { SQLBuilder *appdb.SQLBuilderApp SQLExecutor *appdb.SQLExecutor }
func (*Store) UpdatePasswordHash ¶
func (s *Store) UpdatePasswordHash(a *authenticator.Password) error
type VerifyResult ¶
func (*VerifyResult) RequireUpdate ¶
func (r *VerifyResult) RequireUpdate() bool
Click to show internal directories.
Click to hide internal directories.