permissionbolt

package module

v2.6.3 Latest Latest Go to latest Published: Jun 25, 2023 License: BSD-3-Clause Imports: 12 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/xyproto/permissionbolt

Links

Open Source Insights

Documentation ¶

Overview ¶

Package permissionbolt provides middleware for keeping track of users, login states and permissions.

Index ¶

Constants
func PermissionDenied(w http.ResponseWriter, req *http.Request)
func ValidUsernamePassword(username, password string) error
type Permissions
type UserState
- func NewUserState(filename string, randomseed bool) (*UserState, error)
- func NewUserStateSimple() (*UserState, error)

Constants ¶

View Source

const (
	// Version number. Stable API within major version numbers.
	Version = 2.6
)

Variables ¶

This section is empty.

Functions ¶

func PermissionDenied ¶

func PermissionDenied(w http.ResponseWriter, req *http.Request)

PermissionDenied is the default "permission denied" handler function

func ValidUsernamePassword ¶

func ValidUsernamePassword(username, password string) error

ValidUsernamePassword only checks if the given username and password are different and if they only contain letters, numbers and/or underscore. For checking if a given password is correct, use the `CorrectPassword` function instead.

Types ¶

type Permissions ¶

type Permissions struct {
	// contains filtered or unexported fields
}

The Permissions structure keeps track of the permissions for various path prefixes

func New ¶

func New() (*Permissions, error)

New initializes a Permissions struct with all the default settings.

func NewPermissions ¶

func NewPermissions(state *UserState) *Permissions

NewPermissions initializes a Permissions struct with the given UserState and a few default paths for admin/user/public path prefixes.

func NewWithConf ¶

func NewWithConf(filename string) (*Permissions, error)

NewWithConf initializes a Permissions struct with a database filename

func (*Permissions) AddAdminPath ¶

func (perm *Permissions) AddAdminPath(prefix string)

AddAdminPath adds an URL path prefix for pages that are only accessible for logged in administrators

func (*Permissions) AddPublicPath ¶

func (perm *Permissions) AddPublicPath(prefix string)

AddPublicPath adds an URL path prefix for pages that are public

func (*Permissions) AddUserPath ¶

func (perm *Permissions) AddUserPath(prefix string)

AddUserPath adds an URL path prefix for pages that are only accessible for logged in users

func (*Permissions) Clear ¶

func (perm *Permissions) Clear()

Clear sets every permission to public

func (*Permissions) DenyFunction ¶

func (perm *Permissions) DenyFunction() http.HandlerFunc

DenyFunction returns the currently configured http.HandlerFunc for when permissions are denied

func (*Permissions) Rejected ¶

func (perm *Permissions) Rejected(w http.ResponseWriter, req *http.Request) bool

Rejected checks if a given http request should be rejected

func (*Permissions) ServeHTTP ¶

func (perm *Permissions) ServeHTTP(w http.ResponseWriter, req *http.Request, next http.HandlerFunc)

Middleware handler (compatible with Negroni)

func (*Permissions) SetAdminPath ¶

func (perm *Permissions) SetAdminPath(pathPrefixes []string)

SetAdminPath sets all URL path prefixes for pages that are only accessible for logged in administrators

func (*Permissions) SetDenyFunction ¶

func (perm *Permissions) SetDenyFunction(f http.HandlerFunc)

SetDenyFunction specifies a http.HandlerFunc for when the permissions are denied

func (*Permissions) SetPublicPath ¶

func (perm *Permissions) SetPublicPath(pathPrefixes []string)

SetPublicPath sets all URL path prefixes for pages that are public

func (*Permissions) SetUserPath ¶

func (perm *Permissions) SetUserPath(pathPrefixes []string)

SetUserPath sets all URL path prefixes for pages that are only accessible for logged in users

func (*Permissions) UserState ¶

func (perm *Permissions) UserState() pinterface.IUserState

UserState retrieves the UserState struct

type UserState ¶

type UserState struct {
	// contains filtered or unexported fields
}

The UserState struct holds the pointer to the underlying database and a few other settings

func NewUserState ¶

func NewUserState(filename string, randomseed bool) (*UserState, error)

NewUserState creates a new UserState struct that can be used for managing users. connectionString may be on the form "username:password@host:port/database". If randomseed is true, the random number generator will be seeded after generating the cookie secret (true is a good default value).

func NewUserStateSimple ¶

func NewUserStateSimple() (*UserState, error)

NewUserStateSimple creates a new UserState struct that can be used for managing users. The random number generator will be seeded after generating the cookie secret.

func (*UserState) AddUnconfirmed ¶

func (state *UserState) AddUnconfirmed(username, confirmationCode string)

AddUnconfirmed adds a user to a list of users that are registered, but not confirmed.

func (*UserState) AddUser ¶

func (state *UserState) AddUser(username, password, email string)

AddUser creates a user and hashes the password, does not check for rights. The given data must be valid.

func (*UserState) AdminRights ¶

func (state *UserState) AdminRights(req *http.Request) bool

AdminRights checks if the current user is logged in and has administrator rights.

func (*UserState) AllUnconfirmedUsernames ¶

func (state *UserState) AllUnconfirmedUsernames() ([]string, error)

AllUnconfirmedUsernames returns a list of all registered users that are not yet confirmed.

func (*UserState) AllUsernames ¶

func (state *UserState) AllUsernames() ([]string, error)

AllUsernames retrieves a list of all usernames.

func (*UserState) AlreadyHasConfirmationCode ¶

func (state *UserState) AlreadyHasConfirmationCode(confirmationCode string) bool

AlreadyHasConfirmationCode goes through all the confirmationCodes of all the unconfirmed users and checks if this confirmationCode already is in use.

func (*UserState) BooleanField ¶

func (state *UserState) BooleanField(username, fieldname string) bool

BooleanField returns a boolean value for the given username and fieldname. If the user or field is missing, false will be returned. Useful for states where it makes sense that the returned value is not true unless everything is in order.

func (*UserState) ClearCookie ¶

func (state *UserState) ClearCookie(w http.ResponseWriter)

ClearCookie tries to clear the user cookie by setting it to be expired. Some browsers *may* be configured to keep cookies even after this.

func (*UserState) Close ¶

func (state *UserState) Close()

Close the connection to the database host

func (*UserState) Confirm ¶

func (state *UserState) Confirm(username string)

Confirm marks a user as confirmed, and removes the username from the list of unconfirmed users.

func (*UserState) ConfirmUserByConfirmationCode ¶

func (state *UserState) ConfirmUserByConfirmationCode(confirmationCode string) error

ConfirmUserByConfirmationCode takes a unique confirmation code and marks the corresponding unconfirmed user as confirmed.

func (*UserState) ConfirmationCode ¶

func (state *UserState) ConfirmationCode(username string) (string, error)

ConfirmationCode returns the stored confirmation code for a specific user.

func (*UserState) CookieSecret ¶

func (state *UserState) CookieSecret() string

CookieSecret returns the current cookie secret

func (*UserState) CookieTimeout ¶

func (state *UserState) CookieTimeout(username string) int64

CookieTimeout returns the current login cookie timeout, in seconds.

func (*UserState) CorrectPassword ¶

func (state *UserState) CorrectPassword(username, password string) bool

CorrectPassword checks if a password is correct. "username" is needed because it may be part of the hash for some password hashing algorithms.

func (*UserState) Creator ¶

func (state *UserState) Creator() pinterface.ICreator

Creator returns a struct for creating data structures.

func (*UserState) Database ¶

func (state *UserState) Database() *simplebolt.Database

Database retrieves the underlying database

func (*UserState) Email ¶

func (state *UserState) Email(username string) (string, error)

Email returns the email address for the given username.

func (*UserState) FindUserByConfirmationCode ¶

func (state *UserState) FindUserByConfirmationCode(confirmationCode string) (string, error)

FindUserByConfirmationCode tries to find the corresponding username, given a unique confirmation code.

func (*UserState) GenerateUniqueConfirmationCode ¶

func (state *UserState) GenerateUniqueConfirmationCode() (string, error)

GenerateUniqueConfirmationCode generates a unique confirmation code that can be used for confirming users.

func (*UserState) HasUser ¶

func (state *UserState) HasUser(username string) bool

HasUser checks if the given username exists in the current list of usernames.

func (*UserState) HashPassword ¶

func (state *UserState) HashPassword(username, password string) string

HashPassword takes a password and creates a password hash. It also takes a username, since some algorithms may use it for salt.

func (*UserState) Host ¶

func (state *UserState) Host() pinterface.IHost

Host retrieves the underlying database. It helps fulfill the IHost interface.

func (*UserState) IsAdmin ¶

func (state *UserState) IsAdmin(username string) bool

IsAdmin checks if a user is an administrator.

func (*UserState) IsConfirmed ¶

func (state *UserState) IsConfirmed(username string) bool

IsConfirmed checks if a user is confirmed (can be used for "e-mail confirmation").

func (*UserState) IsLoggedIn ¶

func (state *UserState) IsLoggedIn(username string) bool

IsLoggedIn checks if a user is logged in.

func (state *UserState) Login(w http.ResponseWriter, username string) error

Login is a convenience function for logging a user in and storing the username in a cookie. Returns an error if the cookie could not be set.

func (*UserState) Logout ¶

func (state *UserState) Logout(username string)

Logout is a convenience function for logging out a user.

func (*UserState) MarkConfirmed ¶

func (state *UserState) MarkConfirmed(username string)

MarkConfirmed marks a user as being confirmed.

func (*UserState) PasswordAlgo ¶

func (state *UserState) PasswordAlgo() string

PasswordAlgo returns the current password hashing algorithm.

func (*UserState) PasswordHash ¶

func (state *UserState) PasswordHash(username string) (string, error)

PasswordHash returns the password hash for the given username.

func (*UserState) Properties ¶

func (state *UserState) Properties(username string) []string

Properties returns a list of user properties. Returns an empty list if the user has no properties.

func (*UserState) RemoveAdminStatus ¶

func (state *UserState) RemoveAdminStatus(username string)

RemoveAdminStatus removes the administrator status from a user.

func (*UserState) RemoveUnconfirmed ¶

func (state *UserState) RemoveUnconfirmed(username string)

RemoveUnconfirmed removes a user from a list of users that are registered, but not confirmed.

func (*UserState) RemoveUser ¶

func (state *UserState) RemoveUser(username string)

RemoveUser removes a user and the login status for this user.

func (*UserState) SetAdminStatus ¶

func (state *UserState) SetAdminStatus(username string)

SetAdminStatus marks a user as an administrator.

func (*UserState) SetBooleanField ¶

func (state *UserState) SetBooleanField(username, fieldname string, val bool)

SetBooleanField stores a boolean value given a username and a custom fieldname.

func (*UserState) SetCookieSecret ¶

func (state *UserState) SetCookieSecret(cookieSecret string)

SetCookieSecret sets the current cookie secret

func (*UserState) SetCookieTimeout ¶

func (state *UserState) SetCookieTimeout(cookieTime int64)

SetCookieTimeout sets how long a login cookie should last, in seconds.

func (*UserState) SetLoggedIn ¶

func (state *UserState) SetLoggedIn(username string)

SetLoggedIn marks a user as logged in. Use the Login function instead, unless cookies are not involved.

func (*UserState) SetLoggedOut ¶

func (state *UserState) SetLoggedOut(username string)

SetLoggedOut marks a user as logged out.

func (*UserState) SetMinimumConfirmationCodeLength ¶

func (state *UserState) SetMinimumConfirmationCodeLength(length int)

SetMinimumConfirmationCodeLength sets the minimum length of the user confirmation code. The default is 20.

func (*UserState) SetPassword ¶

func (state *UserState) SetPassword(username, password string)

SetPassword sets/changes the password for a user. Does not take a password hash, will hash the password string.

func (*UserState) SetPasswordAlgo ¶

func (state *UserState) SetPasswordAlgo(algorithm string) error

SetPasswordAlgo determines which password hashing algorithm should be used.

*
* The default value is "bcrypt+".
*
* Possible values are:
*    bcrypt  -> Store and check passwords with the bcrypt hash.
*    sha256  -> Store and check passwords with the sha256 hash.
*    bcrypt+ -> Store passwords with bcrypt, but check with both
*               bcrypt and sha256, for backwards compatibility
*               with old passwords that has been stored as sha256.

func (*UserState) SetUsernameCookie ¶

func (state *UserState) SetUsernameCookie(w http.ResponseWriter, username string) error

SetUsernameCookie tries to store the given username in a cookie in the browser.

*
* The user must exist. Returns an error if the username is empty or does not exist.
* Returns nil if the cookie has been attempted to be set.
* To check if the cookie has actually been set, one must try to read it.

func (*UserState) SetUsernameCookieOnlyHTTPS ¶

func (state *UserState) SetUsernameCookieOnlyHTTPS(w http.ResponseWriter, username string) error

SetUsernameCookieOnlyHTTPS tries to store the given username in a cookie in the browser.

This function will not set the cookie if over plain HTTP. *
The user must exist. Returns an error if the username is empty or does not exist.
Returns nil if the cookie has been attempted to be set.
To check if the cookie has actually been set, one must try to read it.

func (*UserState) UserRights ¶

func (state *UserState) UserRights(req *http.Request) bool

UserRights checks if the current user is logged in and has user rights.

func (*UserState) Username ¶

func (state *UserState) Username(req *http.Request) string

Username is a convenience function for returning the current username (from the browser cookie), or an empty string.

func (*UserState) UsernameCookie ¶

func (state *UserState) UsernameCookie(req *http.Request) (string, error)

UsernameCookie retrieves the username that is stored in a cookie in the browser, if available.

func (*UserState) Users ¶

func (state *UserState) Users() pinterface.IHashMap

Users returns a hash map of all the users.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL