Documentation ¶
Index ¶
- Variables
- func ActivateUser(uuid string) error
- func AddProvider(provider Provider) error
- func ChangeUserPassword(w http.ResponseWriter, r *http.Request) error
- func CheckPermissionForObject(user auth.User, object special.UserBelongingObject) bool
- func CheckUsernameAndEmail(username, email string) error
- func DeletePersistentSession(w http.ResponseWriter, r *http.Request)
- func GetUserByNameOrMail(login string) *auth.User
- func GetUserDatabase(w http.ResponseWriter, r *http.Request) *gorm.DB
- func GetUserForAuthProvider(login, provider string) (*auth.User, error)
- func GetUserForSession(w http.ResponseWriter, r *http.Request) (*auth.User, error)
- func GetUserSession(r *http.Request) (*sessions.Session, error)
- func GetUserWithMinimalInformation() auth.User
- func LoginUser(w http.ResponseWriter, r *http.Request, user auth.User) error
- func LogoutUser(w http.ResponseWriter, r *http.Request)
- func MakePersistentSession(w http.ResponseWriter, r *http.Request, user auth.User)
- func MakeProviderLogout(w http.ResponseWriter, r *http.Request)
- func MustGetUserForSession(w http.ResponseWriter, r *http.Request) *auth.User
- func MustGetUserSession(r *http.Request) *sessions.Session
- func RecoverPersistentSession(w http.ResponseWriter, r *http.Request)
- func UserIsLoggedIn(w http.ResponseWriter, r *http.Request) bool
- type GoogleAuthProvider
- type PasswordAuthProvider
- type Provider
- type StatusCode
- type UrlRegexpCheck
Constants ¶
This section is empty.
Variables ¶
var ErrMailInUse = errors.New("email is already in use")
var ErrUsernameInUse = errors.New("username is already in use")
Functions ¶
func ActivateUser ¶
ActivateUser activates the user for the given uuid. It returns an error if there is no user for the given activation code
func AddProvider ¶
AddProvider adds a new authentication provider. Add providers in the `START_SERVICES` startup phase. This function will return an error if the provider cannot be added. The error message will contain detailed information about the reason
func ChangeUserPassword ¶
func ChangeUserPassword(w http.ResponseWriter, r *http.Request) error
ChangeUserPassword changes the users password. If that fails, it returns an error message describing the cause for the user
func CheckPermissionForObject ¶
func CheckPermissionForObject(user auth.User, object special.UserBelongingObject) bool
CheckPermissionForObject checks whether the given user is allowed to access the given object
func CheckUsernameAndEmail ¶
CheckUsernameAndEmail checks if the given username or email is in use and returns the fitting error in that case
func DeletePersistentSession ¶
func DeletePersistentSession(w http.ResponseWriter, r *http.Request)
DeletePersistentSession deletes the cookie in the users browser and the database row
func GetUserByNameOrMail ¶
GetUserByNameOrMail returns the user who has the matching name or mail
func GetUserDatabase ¶
func GetUserForAuthProvider ¶
GetUserForAuthProvider returns the user for the given auth provider. The user is nil, if there is no user for the given login. When there is a user for the given login, but for the wrong auth provider, the error field is set accordingly
func GetUserForSession ¶
GetUserForSession returns the user for the given session or nil, if no user is found. When no user is found for this session, it returns the appropriate error
func GetUserWithMinimalInformation ¶
GetUserWithMinimalInformation returns the minimal information needed for every user
func LogoutUser ¶
func LogoutUser(w http.ResponseWriter, r *http.Request)
func MakePersistentSession ¶
MakePersistentSession saves a persistent cookie in the users browser and stores the neccessary information in the database
func MakeProviderLogout ¶
func MakeProviderLogout(w http.ResponseWriter, r *http.Request)
func MustGetUserForSession ¶
func RecoverPersistentSession ¶
func RecoverPersistentSession(w http.ResponseWriter, r *http.Request)
RecoverPersistentSession tries to recover a persistent session. It fails silently when that's not possible
func UserIsLoggedIn ¶
func UserIsLoggedIn(w http.ResponseWriter, r *http.Request) bool
UserIsLoggedIn checks, if the user for the given request is logged in
Types ¶
type GoogleAuthProvider ¶
type GoogleAuthProvider struct {
Provider
}
func (GoogleAuthProvider) CreateUser ¶
func (g GoogleAuthProvider) CreateUser(w http.ResponseWriter, r *http.Request) (auth.User, error)
func (GoogleAuthProvider) GetIdentifier ¶
func (g GoogleAuthProvider) GetIdentifier() string
func (GoogleAuthProvider) LoginUser ¶
func (g GoogleAuthProvider) LoginUser(w http.ResponseWriter, r *http.Request) (auth.User, error)
type PasswordAuthProvider ¶
type PasswordAuthProvider struct {
Provider
}
func (PasswordAuthProvider) CreateUser ¶
func (p PasswordAuthProvider) CreateUser(w http.ResponseWriter, r *http.Request) (auth.User, error)
func (PasswordAuthProvider) GetIdentifier ¶
func (p PasswordAuthProvider) GetIdentifier() string
func (PasswordAuthProvider) LoginUser ¶
func (p PasswordAuthProvider) LoginUser(w http.ResponseWriter, r *http.Request) (auth.User, error)
type Provider ¶
type Provider interface { // GetIdentifier returns a unique identifier for this provider. It MUST be always the same GetIdentifier() string // LoginUser tries to login the user with the information given in the request. The response writer is passed // in for setting cookies etc. When the user cannot be logged in, the function MUST return a detailed error message, // as this message will be visible for the user LoginUser(w http.ResponseWriter, r *http.Request) (auth.User, error) // CreateUser creates the new user in the database. The `AuthProvider` column MUST be filled with the same string // that is returned for `GetIdentifier`. The error returned MUST contain a detailed error message, as this message // will be visible for the user. When a user with the given username/email exists already, this function MUST // return an error. CreateUser(w http.ResponseWriter, r *http.Request) (auth.User, error) }
type StatusCode ¶
type StatusCode int
StatusCode is a type for http status codes
func MakeProviderLogin ¶
func MakeProviderLogin(w http.ResponseWriter, r *http.Request) (error, StatusCode)
MakeProviderLogin logs in the user by calling the correct provider to to the login
func MakeProviderUserCreation ¶
func MakeProviderUserCreation(w http.ResponseWriter, r *http.Request) (auth.User, error, StatusCode)
MakeProviderUserCreation creates a user with the given information.
type UrlRegexpCheck ¶
type UrlRegexpCheck struct {
// contains filtered or unexported fields
}
func NewUrlBlacklistCheck ¶
func NewUrlBlacklistCheck(url string) *UrlRegexpCheck
NewUrlBlacklistCheck returns the blacklisted urls for a logged in user
func NewUrlWhitelistCheck ¶
func NewUrlWhitelistCheck(url string) *UrlRegexpCheck
NewUrlWhitelistCheck returns a checker to check, if a given url should be accessible without login
func (*UrlRegexpCheck) Check ¶
func (u *UrlRegexpCheck) Check() bool
Check returns true, if the url specified is on the whitelist for urls requestable without user authentication