chat: github.com/tinode/chat/server/auth Index | Files | Directories

package auth

import "github.com/tinode/chat/server/auth"

Index

Package Files

auth.go

type AuthHandler Uses

type AuthHandler interface {
    // Init initializes the handler taking config string and logical name as parameters.
    Init(jsonconf, name string) error

    // AddRecord adds persistent authentication record to the database.
    // Returns: updated auth record, error
    AddRecord(rec *Rec, secret []byte) (*Rec, error)

    // UpdateRecord updates existing record with new credentials.
    // Returns updated auth record, error.
    UpdateRecord(rec *Rec, secret []byte) (*Rec, error)

    // Authenticate: given a user-provided authentication secret (such as "login:password"), either
    // return user's record (ID, time when the secret expires, etc), or issue a challenge to
    // continue the authentication process to the next step, or return an error code.
    // store.Users.GetAuthRecord("scheme", "unique")
    // Returns: user auth record, challenge, error.
    Authenticate(secret []byte) (*Rec, []byte, error)

    // IsUnique verifies if the provided secret can be considered unique by the auth scheme
    // E.g. if login is unique.
    IsUnique(secret []byte) (bool, error)

    // GenSecret generates a new secret, if appropriate.
    GenSecret(rec *Rec) ([]byte, time.Time, error)

    // DelRecords deletes (or disables) all authentication records for the given user.
    DelRecords(uid types.Uid) error

    // RestrictedTags returns the tag namespaces which are restricted by this authenticator.
    RestrictedTags() ([]string, error)
}

AuthHandler is the interface which auth providers must implement.

type Feature Uses

type Feature uint16

Feature is a bitmap of authenticated features, such as validated/not validated.

const (
    // FeatureValidated bit is set if user's credentials are already validated.
    FeatureValidated Feature = 1 << iota
    // FeatureNoLogin is set if the token should not be used to permanently authenticate a session.
    FeatureNoLogin
)

func (Feature) MarshalJSON Uses

func (f Feature) MarshalJSON() ([]byte, error)

MarshalJSON converts AccessMode to a quoted string.

func (Feature) MarshalText Uses

func (f Feature) MarshalText() ([]byte, error)

MarshalText converts AccessMode to ASCII byte slice.

func (Feature) String Uses

func (f Feature) String() string

String returns string representation of Feature.

func (*Feature) UnmarshalJSON Uses

func (f *Feature) UnmarshalJSON(b []byte) error

UnmarshalJSON reads AccessMode from a quoted string.

func (*Feature) UnmarshalText Uses

func (f *Feature) UnmarshalText(b []byte) error

UnmarshalText parses access mode string as byte slice. Does not change the mode if the string is empty or invalid.

type Level Uses

type Level int

Level is the type for authentication levels.

const (
    // LevelNone is undefined/not authenticated
    LevelNone Level = iota * 10
    // LevelAnon is anonymous user/light authentication
    LevelAnon
    // LevelAuth is fully authenticated user
    LevelAuth
    // LevelRoot is a superuser (currently unused)
    LevelRoot
)

Authentication levels

func ParseAuthLevel Uses

func ParseAuthLevel(name string) Level

ParseAuthLevel parses authentication level from a string.

func (Level) MarshalJSON Uses

func (a Level) MarshalJSON() ([]byte, error)

MarshalJSON converts Level to a quoted string.

func (Level) MarshalText Uses

func (a Level) MarshalText() ([]byte, error)

MarshalText converts Level to a slice of bytes with the name of the level.

func (Level) String Uses

func (a Level) String() string

String implements Stringer interface: gets human-readable name for a numeric authentication level.

func (*Level) UnmarshalJSON Uses

func (a *Level) UnmarshalJSON(b []byte) error

UnmarshalJSON reads Level from a quoted string.

func (*Level) UnmarshalText Uses

func (a *Level) UnmarshalText(b []byte) error

UnmarshalText parses authentication level from a string.

type Rec Uses

type Rec struct {
    // User ID
    Uid types.Uid `json:"uid,omitempty"`
    // Authentication level
    AuthLevel Level `json:"authlvl,omitempty"`
    // Lifetime of this record
    Lifetime time.Duration `json:"lifetime,omitempty"`
    // Bitmap of features. Currently 'validated'/'not validated' only.
    Features Feature `json:"features,omitempty"`
    // Tags generated by this authentication record.
    Tags []string `json:"tags,omitempty"`

    // Authenticator may request the server to create a new account.
    // These are the account parameters which can be used for creating the account.
    DefAcs  *types.DefaultAccess `json:"defacs,omitempty"`
    Public  interface{}          `json:"public,omitempty"`
    Private interface{}          `json:"private,omitempty"`
}

Rec is an authentication record.

Directories

PathSynopsis
anon
basic
rest
token

Package auth imports 4 packages (graph) and is imported by 16 packages. Updated 2019-08-16. Refresh now. Tools for package owners.