fort

package module

v0.0.0-...-858afe4 Latest Latest Go to latest Published: Jun 27, 2022 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/firasdarwish/fort

Links

Open Source Insights

Documentation ¶

Constants ¶

View Source

const SKIP_TOTP_LOGIN = 654 // 0

Variables ¶

View Source

var (
	GuardNameAlreadyExists = errors.New("guard already exists")
	GuardNotFound          = errors.New("guard not found")
	InvalidCredentials     = errors.New("invalid credentials")
	InvalidPassword        = errors.New("invalid password")
	HandlerNotAllowed      = errors.New("handler not allowed")
	EmptyHandler           = errors.New("handler has no value")

	Collision = errors.New("collision, too many records")

	IncorrectCredentials = errors.New("incorrect credentials")

	InvalidUserId = errors.New("invalid user id")

	MustValidateTOTP = errors.New("user must validate TOTP first")

	InvalidTOTPLogin  = errors.New("invalid TOTP login request")
	IncorrectTOTPCode = errors.New("incorrect TOTP code")

	TOTPLoginDisabled = errors.New("TOTP login is disabled")

	NotRefreshable = errors.New("refresh token disabled")

	InvalidAccessToken = errors.New("invalid access token")

	RefreshTokenExpired = errors.New("refresh token expired")

	RefreshTokenRevoked = errors.New("refresh token revoked")
)

Functions ¶

This section is empty.

Types ¶

type Auth ¶

type Auth struct {
	Guard     string `json:"guard"`
	UserTable string `json:"user_table"`
	UserId    any    `json:"user_id"`

	UserStateHash string `json:"user_state_hash"`

	UniqueToken        string  `json:"unique_token"`         // plain, acts like primary key
	HashedRefreshToken *string `json:"hashed_refresh_token"` // one-way hash, null = un-refreshable

	UserAgent *string
	IPAddress *string

	ExpiresAt time.Time

	CreatedAt      time.Time
	UpdatedAt      *time.Time
	RevokedAt      *time.Time
	LastActivityAt time.Time // at init, = CreatedAt
}

type Fort ¶

type Fort interface {
	NewGuard(name string, config *GuardConfig) (Guard, error)
	GetGuard(name string) (Guard, error)
}

func New ¶

func New() Fort

type Guard ¶

type Guard interface {
	Login(userAgent *string, ip *string, props map[string]any, params ...int) (LoginResult, error)
	LoginTOTP(userAgent *string, ip *string, token string, code string) (LoginResult, error)

	Refresh(userAgent *string, ip *string, accessToken, refreshToken string) (LoginResult, error)
}

type GuardConfig ¶

type GuardConfig struct {
	UserStore   Store
	AuthStore   Store
	UserIdKey   string
	UsersTable  string // users, admins, mods ...
	AuthTable   string
	GetUserInfo func(map[string]any) UserInfo

	AESSecretKey []byte

	LoginConfig *LoginConfig
	TOTPConfig  *TOTPConfig
}

type JWTConfig ¶

type JWTConfig struct {
	SecretKey          []byte
	AccessTokenTTLMins int
	Audience           string
	Issuer             string
	Algorithm          jwt.SigningMethod
}

type JwtResult ¶

type JwtResult struct {
	AccessToken  string
	RefreshToken *string

	AccessTokenExpiresAt  time.Time
	RefreshTokenExpiresAt *time.Time
}

type LoginConfig ¶

type LoginConfig struct {
	AllowedHandlers         []string // username, email, mobile ...
	PasswordsHasherComparer PasswordsHasherComparer

	TOTP                        bool
	TOTPIntermediateResponseTTL time.Duration

	ExpiresAfter time.Duration
	Refreshable  bool

	JWTConfig *JWTConfig
}

type LoginResult ¶

type LoginResult interface {
	User() map[string]any
	UserInfo() *UserInfo

	TOTPToken() (*string, error)

	JWT(additionalInfo map[string]any) (*JwtResult, error)
}

type PasswordsHasherComparer ¶

type PasswordsHasherComparer interface {
	Hash(plainPassword string) (string, error)
	Compare(plainPassword, hash string) bool
}

type Store ¶

type Store interface {
	GetByProps(table string, whereKeyVals map[string]any, limit int, and bool) ([]map[string]any, error)
	Insert(table string, doc map[string]any) error
	Update(table string, whereKeyVals map[string]any, limit int, and bool, newVals map[string]any) error
}

type TOTPConfig ¶

type TOTPConfig struct {
	Now func() time.Time

	// Number of seconds a TOTP hash is valid for. Defaults to 30 seconds.
	Period uint
	// Periods before or after the current time to allow.  Value of 1 allows up to Period
	// of either side of the specified time.  Defaults to 0 allowed skews.  Values greater
	// than 1 are likely sketchy.
	Skew uint
	// Digits as part of the input. Defaults to 6.
	Digits otp.Digits
	// Algorithm to use for HMAC. Defaults to SHA1.
	Algorithm otp.Algorithm
}

type UserInfo ¶

type UserInfo struct {
	ID          any
	DisplayName string
	Email       string
	Mobile      string
	Password    string
	Scope       string
	Roles       []string

	TOTPSecretKey string
	TOTPActive    bool
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL