permissions2: github.com/xyproto/permissions2 Index | Files

package permissions

import "github.com/xyproto/permissions2"

Package permissions provides a way to keep track of users, login states and permissions.

Index

Package Files

hashing.go permissions.go userstate.go

Constants

const (
    // Version number. Stable API within major version numbers.
    Version = 2.6
)

Variables

var (

    // ErrNotFound is used as an error if not finding what is being searched for
    ErrNotFound = errors.New("not found")
)

func PermissionDenied Uses

func PermissionDenied(w http.ResponseWriter, req *http.Request)

PermissionDenied is the default "permission denied" http handler.

func ValidUsernamePassword Uses

func ValidUsernamePassword(username, password string) error

ValidUsernamePassword checks that the given username and password are different. Also check if the chosen username only contains letters, numbers and/or underscore. Use the "CorrectPassword" function for checking if the password is correct.

type Permissions Uses

type Permissions struct {
    // contains filtered or unexported fields
}

Permissions is a structure that keeps track of the permissions for various path prefixes

func New Uses

func New() *Permissions

New will initialize a Permissions struct with all the default settings. This will also connect to the redis host at localhost:6379.

func New2 Uses

func New2() (*Permissions, error)

New2 will initialize a Permissions struct with all the default settings. This will also connect to the redis host at localhost:6379.

func NewPermissions Uses

func NewPermissions(state *UserState) *Permissions

NewPermissions will initialize a Permissions struct with the given UserState and a few default paths for admin/user/public path prefixes.

func NewWithRedisConf Uses

func NewWithRedisConf(dbindex int, hostPort string) *Permissions

NewWithRedisConf will initialize a Permissions struct with Redis DB index and host:port. Calls log.Fatal if something goes wrong.

func NewWithRedisConf2 Uses

func NewWithRedisConf2(dbindex int, hostPort string) (*Permissions, error)

NewWithRedisConf2 will initialize a Permissions struct with Redis DB index and host:port. Returns an error if something goes wrong.

func (*Permissions) AddAdminPath Uses

func (perm *Permissions) AddAdminPath(prefix string)

AddAdminPath registers a path prefix for URLs that shall only be reached by logged in administrators

func (*Permissions) AddPublicPath Uses

func (perm *Permissions) AddPublicPath(prefix string)

AddPublicPath registers a path prefix for URLs that can be reached by anyone

func (*Permissions) AddUserPath Uses

func (perm *Permissions) AddUserPath(prefix string)

AddUserPath registers a path prefix for URLs that shall only be reached by logged in users

func (*Permissions) Clear Uses

func (perm *Permissions) Clear()

Clear sets every URL path prefix permission to "public"

func (*Permissions) DenyFunction Uses

func (perm *Permissions) DenyFunction() http.HandlerFunc

DenyFunction returns the current http.HandlerFunc, for when permissions are denied.

func (*Permissions) Rejected Uses

func (perm *Permissions) Rejected(w http.ResponseWriter, req *http.Request) bool

Rejected checks if a given request should be rejected.

func (*Permissions) ServeHTTP Uses

func (perm *Permissions) ServeHTTP(w http.ResponseWriter, req *http.Request, next http.HandlerFunc)

Middleware handler (compatible with Negroni)

func (*Permissions) SetAdminPath Uses

func (perm *Permissions) SetAdminPath(pathPrefixes []string)

SetAdminPath can be used for setting all URL path prefixes that are for the logged in administrator pages.

func (*Permissions) SetDenyFunction Uses

func (perm *Permissions) SetDenyFunction(f http.HandlerFunc)

SetDenyFunction can be used for specifying a http.HandlerFunc that will be used when the permissions are denied.

func (*Permissions) SetPublicPath Uses

func (perm *Permissions) SetPublicPath(pathPrefixes []string)

SetPublicPath can be used for setting all URL path prefixes that are for the public pages.

func (*Permissions) SetUserPath Uses

func (perm *Permissions) SetUserPath(pathPrefixes []string)

SetUserPath can be used for setting all URL path prefixes that are for the logged in user pages.

func (*Permissions) UserState Uses

func (perm *Permissions) UserState() pinterface.IUserState

UserState retrieves the UserState struct

type UserState Uses

type UserState struct {
    // contains filtered or unexported fields
}

UserState is a struct for dealing with the user state, users and passwords. Can also be used for retrieving the underlying Redis connection pool. The default password hashing algorithm is "bcrypt+", which is the same as "bcrypt", but with backwards compatibility for checking sha256 hashes.

func NewUserState Uses

func NewUserState(dbindex int, randomseed bool, redisHostPort string) *UserState

NewUserState will create a new *UserState that can be used for managing users. dbindex is the Redis database index (0 is a good default value). If randomseed is true, the random number generator will be seeded after generating the cookie secret (true is a good default value). redisHostPort is host:port for the desired Redis server (can be blank for localhost). Also creates a new ConnectionPool. Calls log.Fatal if things go wrong.

func NewUserState2 Uses

func NewUserState2(dbindex int, randomseed bool, redisHostPort string) (*UserState, error)

NewUserState2 will create a new *UserState that can be used for managing users. dbindex is the Redis database index (0 is a good default value). If randomseed is true, the random number generator will be seeded after generating the cookie secret (true is a good default value). redisHostPort is host:port for the desired Redis server (can be blank for localhost) Also creates a new ConnectionPool. Returns an error if things go wrong.

func NewUserStateSimple Uses

func NewUserStateSimple() *UserState

NewUserStateSimple will create a new *UserState that can be used for managing users. The random number generator will be seeded after generating the cookie secret. A connection pool for the local Redis server (dbindex 0) will be created. Calls log.Fatal if things go wrong.

func NewUserStateSimple2 Uses

func NewUserStateSimple2() (*UserState, error)

NewUserStateSimple2 will create a new *UserState that can be used for managing users. The random number generator will be seeded after generating the cookie secret. A connection pool for the local Redis server (dbindex 0) will be created. Returns an error if things go wrong.

func NewUserStateWithPassword Uses

func NewUserStateWithPassword(hostname, password string) *UserState

NewUserStateWithPassword is the same as NewUserStateSimple, but also takes a Redis hostname and a Redis password. Use NewUserState for control over the database index and port number. Calls log.Fatal if things go wrong.

func NewUserStateWithPassword2 Uses

func NewUserStateWithPassword2(hostname, password string) (*UserState, error)

NewUserStateWithPassword2 is the same as NewUserStateSimple2, but takes a hostname and a password. Use NewUserState2 for control over the database index and port number. Returns an error if things go wrong.

func (*UserState) AddUnconfirmed Uses

func (state *UserState) AddUnconfirmed(username, confirmationCode string)

AddUnconfirmed adds a user that is registered but not confirmed.

func (*UserState) AddUser Uses

func (state *UserState) AddUser(username, password, email string)

AddUser creates a user and hashes the password, does not check for rights. The given data must be valid.

func (*UserState) AdminRights Uses

func (state *UserState) AdminRights(req *http.Request) bool

AdminRights checks if the current user is logged in and has administrator rights.

func (*UserState) AllUnconfirmedUsernames Uses

func (state *UserState) AllUnconfirmedUsernames() ([]string, error)

AllUnconfirmedUsernames returns a list of all registered users that are not yet confirmed.

func (*UserState) AllUsernames Uses

func (state *UserState) AllUsernames() ([]string, error)

AllUsernames retrieves a list of all usernames.

func (*UserState) AlreadyHasConfirmationCode Uses

func (state *UserState) AlreadyHasConfirmationCode(confirmationCode string) bool

AlreadyHasConfirmationCode runs through all confirmation codes of all unconfirmed users and checks if this confirmationCode is already in use.

func (*UserState) BooleanField Uses

func (state *UserState) BooleanField(username, fieldname string) bool

BooleanField returns the boolean value for a given username and field name. If the user or field is missing, false will be returned. Useful for states where it makes sense that the returned value is not true unless everything is in order.

func (*UserState) ClearCookie Uses

func (state *UserState) ClearCookie(w http.ResponseWriter)

ClearCookie will try to clear the user cookie by setting it to expired. Some browsers *may* be configured to keep cookies even after this, but that is highly unusual.

func (*UserState) Close Uses

func (state *UserState) Close()

Close the Redis connection pool.

func (*UserState) Confirm Uses

func (state *UserState) Confirm(username string)

Confirm removes the username from the list of unconfirmed users and mark the user as confirmed.

func (*UserState) ConfirmUserByConfirmationCode Uses

func (state *UserState) ConfirmUserByConfirmationCode(confirmationCode string) error

ConfirmUserByConfirmationCode takes a confirmation code and mark the corresponding unconfirmed user as confirmed.

func (*UserState) ConfirmationCode Uses

func (state *UserState) ConfirmationCode(username string) (string, error)

ConfirmationCode gets the confirmation code for a specific user.

func (*UserState) CookieSecret Uses

func (state *UserState) CookieSecret() string

CookieSecret returns the current cookie secret.

func (*UserState) CookieTimeout Uses

func (state *UserState) CookieTimeout(username string) int64

CookieTimeout gets how long a login cookie should last, in seconds.

func (*UserState) CorrectPassword Uses

func (state *UserState) CorrectPassword(username, password string) bool

CorrectPassword checks if a password is correct. username is needed because it is part of the hash.

func (*UserState) Creator Uses

func (state *UserState) Creator() pinterface.ICreator

Creator returns a struct for creating data structures with

func (*UserState) DatabaseIndex Uses

func (state *UserState) DatabaseIndex() int

DatabaseIndex gets the Redis database index.

func (*UserState) Email Uses

func (state *UserState) Email(username string) (string, error)

Email returns the email address for the given username.

func (*UserState) FindUserByConfirmationCode Uses

func (state *UserState) FindUserByConfirmationCode(confirmationCode string) (string, error)

FindUserByConfirmationCode can find the corresponding username in the list of unconfirmed users, given a unique confirmation code.

func (*UserState) GenerateUniqueConfirmationCode Uses

func (state *UserState) GenerateUniqueConfirmationCode() (string, error)

GenerateUniqueConfirmationCode will generate a unique confirmation code that can be used for confirming users after users have registered.

func (*UserState) GetToken Uses

func (state *UserState) GetToken(username string) (string, error)

GetToken retrieves the token for a user.

func (*UserState) HasEmail Uses

func (state *UserState) HasEmail(email string) (string, error)

HasEmail finds the user that has a given e-mail address. Returns the username and nil if found or a blank string and ErrNotFound if not.

func (*UserState) HasUser Uses

func (state *UserState) HasUser(username string) bool

HasUser checks if the given username exists.

func (*UserState) HasUser2 Uses

func (state *UserState) HasUser2(username string) (bool, error)

HasUser2 checks if the given username exists.

func (*UserState) HashPassword Uses

func (state *UserState) HashPassword(username, password string) string

HashPassword will hash the password (takes a username as well, it can be used for salting when using sha256).

func (*UserState) Host Uses

func (state *UserState) Host() pinterface.IHost

Host gets the Host (for qualifying for the IUserState interface)

func (*UserState) IsAdmin Uses

func (state *UserState) IsAdmin(username string) bool

IsAdmin checks if the given username is an administrator.

func (*UserState) IsConfirmed Uses

func (state *UserState) IsConfirmed(username string) bool

IsConfirmed checks if the given username is confirmed.

func (*UserState) IsLoggedIn Uses

func (state *UserState) IsLoggedIn(username string) bool

IsLoggedIn checks if the given username is logged in.

func (*UserState) Login Uses

func (state *UserState) Login(w http.ResponseWriter, username string) error

Login is a convenience function for logging a user in and storing the username in a cookie. Returns an error if the cookie could not be set.

func (*UserState) Logout Uses

func (state *UserState) Logout(username string)

Logout is a convenience function for logging a user out. This is the same as SetLoggedOut.

func (*UserState) MarkConfirmed Uses

func (state *UserState) MarkConfirmed(username string)

MarkConfirmed can mark a user as confirmed.

func (*UserState) PasswordAlgo Uses

func (state *UserState) PasswordAlgo() string

PasswordAlgo gets the current password hashing algorithm.

func (*UserState) PasswordHash Uses

func (state *UserState) PasswordHash(username string) (string, error)

PasswordHash returns the password hash for the given username.

func (*UserState) Pool Uses

func (state *UserState) Pool() *simpleredis.ConnectionPool

Pool gets the Redis connection pool.

func (*UserState) Properties Uses

func (state *UserState) Properties(username string) []string

Properties returns a list of user properties. Returns an empty list if the user has no properties, or if there are errors.

func (*UserState) RemoveAdminStatus Uses

func (state *UserState) RemoveAdminStatus(username string)

RemoveAdminStatus can remove administrator status from a user.

func (*UserState) RemoveToken Uses

func (state *UserState) RemoveToken(username string)

RemoveToken takes a username and removes the associated token.

func (*UserState) RemoveUnconfirmed Uses

func (state *UserState) RemoveUnconfirmed(username string)

RemoveUnconfirmed removes a user that is registered but not confirmed.

func (*UserState) RemoveUser Uses

func (state *UserState) RemoveUser(username string)

RemoveUser removes user and login status.

func (*UserState) SetAdminStatus Uses

func (state *UserState) SetAdminStatus(username string)

SetAdminStatus can make a user an administrator.

func (*UserState) SetBooleanField Uses

func (state *UserState) SetBooleanField(username, fieldname string, val bool)

SetBooleanField can store a boolean value for the given username and custom fieldname.

func (*UserState) SetCookieSecret Uses

func (state *UserState) SetCookieSecret(cookieSecret string)

SetCookieSecret will set the secret that is used when generating secure cookies.

func (*UserState) SetCookieTimeout Uses

func (state *UserState) SetCookieTimeout(cookieTime int64)

SetCookieTimeout will set how long a login cookie should last, in seconds.

func (*UserState) SetLoggedIn Uses

func (state *UserState) SetLoggedIn(username string)

SetLoggedIn will mark the user as logged in. Use the Login function instead, unless cookies are not involved.

func (*UserState) SetLoggedOut Uses

func (state *UserState) SetLoggedOut(username string)

SetLoggedOut will mark the user as logged out.

func (*UserState) SetMinimumConfirmationCodeLength Uses

func (state *UserState) SetMinimumConfirmationCodeLength(length int)

SetMinimumConfirmationCodeLength will set the minimum length of the user confirmation code. The default is 20.

func (*UserState) SetPassword Uses

func (state *UserState) SetPassword(username, password string)

SetPassword sets the password for a user. The given password string will be hashed. No validation or check of the given password is performed.

func (*UserState) SetPasswordAlgo Uses

func (state *UserState) SetPasswordAlgo(algorithm string) error

SetPasswordAlgo can set the password hashing algorithm that should be used. The default is "bcrypt+". Possible values are:

bcrypt  -> Store and check passwords with the bcrypt hash.
sha256  -> Store and check passwords with the sha256 hash.
bcrypt+ -> Store passwords with bcrypt, but check with both
           bcrypt and sha256, for backwards compatibility
           with old passwords that has been stored as sha256.

func (*UserState) SetToken Uses

func (state *UserState) SetToken(username, token string, expire time.Duration)

SetToken sets a token for a user, for a given expiry time.

func (*UserState) SetUsernameCookie Uses

func (state *UserState) SetUsernameCookie(w http.ResponseWriter, username string) error

SetUsernameCookie tries to store the given username in a cookie in the browser.

*
* The user must exist. Returns an error if the username is empty or does not exist.
* Returns nil if the cookie has been attempted to be set.
* To check if the cookie has actually been set, one must try to read it.

func (*UserState) SetUsernameCookieOnlyHTTPS Uses

func (state *UserState) SetUsernameCookieOnlyHTTPS(w http.ResponseWriter, username string) error

SetUsernameCookieOnlyHTTPS tries to store the given username in a cookie in the browser.

* This function will not set the cookie if over plain HTTP.
*
* The user must exist. Returns an error if the username is empty or does not exist.
* Returns nil if the cookie has been attempted to be set.
* To check if the cookie has actually been set, one must try to read it.

func (*UserState) UserRights Uses

func (state *UserState) UserRights(req *http.Request) bool

UserRights checks if the current user is logged in and has user rights.

func (*UserState) Username Uses

func (state *UserState) Username(req *http.Request) string

Username is a convenience function that will return a username (from the browser cookie) or an empty string.

func (*UserState) UsernameCookie Uses

func (state *UserState) UsernameCookie(req *http.Request) (string, error)

UsernameCookie retrieves the username that is stored in a cookie in the browser, if available.

func (*UserState) Users Uses

func (state *UserState) Users() pinterface.IHashMap

Users gets the users HashMap.

Package permissions imports 14 packages (graph) and is imported by 10 packages. Updated 2020-03-22. Refresh now. Tools for package owners.