account

package
v0.0.0-...-dc37515 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 23, 2021 License: GPL-3.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var AccountnameBlacklist = []string{

	"autoconfig",
	"autodiscover",
	"broadcasthost",
	"isatap",
	"localdomain",
	"localhost",
	"wpad",

	"ftp",
	"imap",
	"mail",
	"news",
	"pop",
	"pop3",
	"smtp",
	"usenet",
	"uucp",
	"webmail",
	"www",

	"admin",
	"administrator",
	"hostmaster",
	"info",
	"is",
	"it",
	"mis",
	"postmaster",
	"root",
	"ssladmin",
	"ssladministrator",
	"sslwebmaster",
	"sysadmin",
	"webmaster",

	"abuse",
	"marketing",
	"noc",
	"sales",
	"security",
	"support",

	"mailer-daemon",
	"nobody",
	"noreply",
	"no-reply",

	"clientaccesspolicy.xml",
	"crossdomain.xml",
	"favicon.ico",
	"humans.txt",
	"keybase.txt",
	"robots.txt",
	".htaccess",
	".htpasswd",

	"account",
	"accounts",
	"blog",
	"buy",
	"clients",
	"contact",
	"contactus",
	"contact-us",
	"copyright",
	"dashboard",
	"doc",
	"docs",
	"download",
	"downloads",
	"enquiry",
	"faq",
	"help",
	"inquiry",
	"license",
	"login",
	"logout",
	"me",
	"myaccount",
	"payments",
	"plans",
	"portfolio",
	"preferences",
	"pricing",
	"privacy",
	"profile",
	"register",
	"secure",
	"settings",
	"signin",
	"signup",
	"ssl",
	"status",
	"subscribe",
	"terms",
	"tos",
	"user",
	"users",
	"weblog",
	"work",

	".well-known",
}

AccountnameBlacklist is a list of account names that can't be registered.

This list is copied from django-registration.

View Source 
var Separators = []string{
	" ",
	"	",
	".",
	"-",
	"_",
}

Separators is a list of common separators in usernames.

Functions

func CompareHashes 

func CompareHashes(h0, h1 []byte) bool

CompareHashes safely compares password hashes.

func EnforcePermission 

func EnforcePermission(perm string) negroni.Handler

EnforcePermission is a middleware that makes sure the current account has the given permission before proceeding on the middleware chain.

func GetAccessChecker 

func GetAccessChecker(r *http.Request) page.AccessChecker

GetAccessChecker returns the access checker saved in the request context.

func HashPassword 

func HashPassword(password string, salt []byte) ([]byte, []byte)

HashPassword hashes a string password.

If the salt is nil, it will be generated.

Returns the hash and salt.

func IsAccountnameBlacklisted 

func IsAccountnameBlacklisted(accountname string) bool

IsAccountnameBlacklisted checks if the account name is on the internal blacklist.

Currently uses an O(n) lookup, but it should be fine, given that the blacklist only has around ~100~200 items.

func LogoutPage 

func LogoutPage(m *session.Middleware, middlewares ...negroni.Handler) server.Route

LogoutPage is the handler for the logout page.

func NewLoginForm 

func NewLoginForm(m *session.Middleware) form.Delegate

NewLoginForm creates the delegate for the login form.

func NormalizeAccountname 

func NormalizeAccountname(accountname string) string

NormalizeAccountname creates a normalized version of the account name.

The purpose of this function is to make it harder to create misleading usernames, that look the same but different (because of fancy unicode characters, separators, lower/upper case differences).

func Pages 

func Pages(store keyvalue.Store, m *session.Middleware, passwordValidator PasswordValidator, mailer mailer.Mailer, baseurl *server.BaseURL) []server.Route

Pages returns the html pages for the Account entity.

func PreloadPermissions 

func PreloadPermissions() negroni.Handler

PreloadPermissions is a middleware that lazy-loads permissions for a given account.

func RespondPermissionDenied 

func RespondPermissionDenied(w http.ResponseWriter, r *http.Request, permName string)

RespondPermissionDenied responds with a permission denied page.

func SavePermissions 

func SavePermissions(conn database.DB, id uuid.UUID, p Permissions) error

SavePermissions overwrites the permissions for a given account.

It is strongly recommended that the database connection given to this function is a transaction.

Types

type AccessCheckLoader 

type AccessCheckLoader struct{}

AccessCheckLoader adds the default access check loader to a form.

This type is meant to be embedded in a form delegate.

func (AccessCheckLoader) GetAccessCheck 

func (l AccessCheckLoader) GetAccessCheck(r *http.Request) page.AccessChecker

GetAccessCheck returns the access checker saved in the request context.

This function helps a form delegate to implement form.Delegate by using the GetAccessChecker().

type Account 

type Account struct {
	ID       uuid.UUID `json:"id"`
	Username string    `json:"username"`
	Email    string    `json:"email"`
	Active   bool      `json:"active"`
	// contains filtered or unexported fields
}

Account represents the main user entity.

func LoadAccount 

func LoadAccount(conn database.DB, id uuid.UUID) (*Account, error)

LoadAccount loads an account from the database by a given id.

func LoadAccountByEmail 

func LoadAccountByEmail(conn database.DB, email string) (*Account, error)

LoadAccountByEmail loads an account from the database by a given email.

func LoadAccountByUsername 

func LoadAccountByUsername(conn database.DB, username string) (*Account, error)

LoadAccountByUsername loads an account from the database by a given username.

func (*Account) CheckPassword 

func (a *Account) CheckPassword(pw string) bool

CheckPassword compares a given password with the saved one.

func (*Account) Save 

func (a *Account) Save(conn database.DB) error

Save updates or inserts the account into the database.

func (Account) SchemaSQL 

func (a Account) SchemaSQL() string

SchemaSQL returns the schema of the account entity.

func (*Account) SetPassword 

func (a *Account) SetPassword(pw string)

SetPassword sets a password on the account by correctly hashing it and updating the salt.

type PasswordValidator 

type PasswordValidator interface {
	Validate(pw string) (bool, error)
}

PasswordValidator checks if a password is valid (strong enough, not compromised) when users register or change password.

type PasswordValidatorFunc 

type PasswordValidatorFunc func(pw string) (bool, error)

PasswordValidatorFunc is a single function implementation of PasswordValidator.

func (PasswordValidatorFunc) Validate 

func (f PasswordValidatorFunc) Validate(pw string) (bool, error)

type Permission 

type Permission struct {
	ID         uuid.UUID `json:"id"`
	Permission string    `json:"permission"`
}

Permission represents data from the permission table.

func (Permission) SchemaSQL 

func (p Permission) SchemaSQL() string

SchemaSQL returns the database schema for the permission table.

type Permissions 

type Permissions []string

Permissions represent the set of permissions that an account has.

func LoadPermissions 

func LoadPermissions(conn database.DB, id uuid.UUID) (Permissions, error)

LoadPermissions loads the list of permissions for a given account.

func (Permissions) Has 

func (p Permissions) Has(perm string) bool

Has checks if an account has a permission or not.

While this is using a linear search, it should be fine since an account won't have more than a few dozen permissions.

type RegistrationFormDelegate 

type RegistrationFormDelegate interface {
	form.Delegate
	Verify(w http.ResponseWriter, r *http.Request)
}

RegistrationFormDelegate expands the form.Delegate with a registration verification endpoint.

func NewRegistrationForm 

func NewRegistrationForm(passwordValidator PasswordValidator, mailer mailer.Mailer, baseurl *server.BaseURL) RegistrationFormDelegate

NewRegistrationForm creates the delegate for the registration form.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.