Documentation ¶
Overview ¶
Simple cookie and password based logins. See Init for required schema.
Index ¶
- Constants
- Variables
- func Admin(handler http.Handler) http.Handler
- func CSRFWrap(handler http.Handler) http.Handler
- func CSRFWrapFunc(fn http.HandlerFunc) http.Handler
- func ChangePassword(w http.ResponseWriter, r *http.Request) error
- func ChangePostToHiddenMethod(next http.Handler) http.Handler
- func CheckCSRF(r *http.Request) bool
- func Checker(handler http.Handler) http.Handler
- func GenerateRandomString(n int) (string, error)
- func GetCSRF(r *http.Request) string
- func GetConfigValue(key string) (string, error)
- func GetCookieValue(r *http.Request, name string) (string, error)
- func GetFlash(w http.ResponseWriter, r *http.Request, name string) (string, error)
- func KeyByUserID(r *http.Request) (string, error)
- func LimitByRealIP(requestLimit int, windowLength time.Duration) func(next http.Handler) http.Handler
- func LimitByUser(requestLimit int, windowLength time.Duration) func(next http.Handler) http.Handler
- func LoginFunc(w http.ResponseWriter, r *http.Request)
- func LoginInit(args LoginInitArgs)
- func LogoutFunc(w http.ResponseWriter, r *http.Request)
- func Mod(handler http.Handler) http.Handler
- func NewTOTP(username string) error
- func PrepareStatements(db *sql.DB)
- func Required(handler http.Handler) http.Handler
- func Roles(handler http.Handler, roles []Role) http.Handler
- func SaveConfig(c Config) error
- func SendEmail()
- func Serve()
- func SetCookieValue(w http.ResponseWriter, name string, value string)
- func SetLoginCookie()
- func SetPassword(userid int, newpass string) error
- func SetupGoogleOAuth()
- func TokenRequired(handler http.Handler) http.Handler
- func UpdateConfig(key string, value any) error
- type Config
- type Forum
- type LoginInitArgs
- type Notification
- type Post
- type Role
- type SharedConfig
- type Thread
- type User
- type UserInfo
Constants ¶
const PageSize int = 50
Changing this will break existing URLs
const SoftwareVersion = "0.1.0"
Variables ¶
var DBPath = "fishbb.db"
var Port = ":8080"
non user-configurable config
var SingleInstance = false
TODO -- start gating features on self hosted or not
Functions ¶
func CSRFWrapFunc ¶
func CSRFWrapFunc(fn http.HandlerFunc) http.Handler
func ChangePassword ¶
func ChangePassword(w http.ResponseWriter, r *http.Request) error
Change password helper. Requires oldpass and newpass form values. Requires logout csrf token.
func ChangePostToHiddenMethod ¶
ChangePostToHiddenMethod looks for the _hidden attribute of forms so that we can use DELETE and PUT in <form> submissions. This is, of course, a non-standard "hack"
func GenerateRandomString ¶
GenerateRandomString returns a securely generated random string. It will return an error if the system's secure random number generator fails to function correctly, in which case the caller should not continue.
func GetConfigValue ¶
func GetCookieValue ¶
GetCookieValue gets a velue stored in a cookie
func LimitByRealIP ¶
func LimitByUser ¶
func LoginFunc ¶
func LoginFunc(w http.ResponseWriter, r *http.Request)
Default handler for /dologin Requires username and password form values. Redirects to / on success and /login on failure.
func LoginInit ¶
func LoginInit(args LoginInitArgs)
Init. Must be called with the database. Requires a users table with (id, username, hash) columns and a auth table with (userid, hash, expiry) columns. Requires a config table with (key, value) ('csrfkey', some secret).
func LogoutFunc ¶
func LogoutFunc(w http.ResponseWriter, r *http.Request)
Handler for /dologout route.
func PrepareStatements ¶
func Required ¶
Check for auth cookie. On failure redirects to /login. Must already be wrapped in Checker.
func SaveConfig ¶
func SetCookieValue ¶
func SetCookieValue(w http.ResponseWriter, name string, value string)
SetCookieValue is used to store some arbitrary value in a cookie
func SetLoginCookie ¶
func SetLoginCookie()
func SetPassword ¶
func SetupGoogleOAuth ¶
func SetupGoogleOAuth()
func TokenRequired ¶
Check that the form value "token" is valid auth token
func UpdateConfig ¶
Types ¶
type Config ¶
type Config struct { // Whether new signups require admin approval before users can post RequiresApproval bool // The title of the bulletin board (NOT CONFIGURABLE) BoardName string // The description of the bulletin board BoardDescription string // optional (for oauth) Domain string // todo not exactly GoogleOAuthClientID string GoogleOAuthClientSecret string // optional (but required for email sending) SMTPUsername string SMTPPassword string }
most of these don't work yet
func DefaultConfig ¶
func DefaultConfig() Config
type LoginInitArgs ¶
type Post ¶
type Post struct { ID int Content string // TODO markdown Author User // TODO less ad-hoc ThreadID string ThreadTitle string ThreadPostCount int Created time.Time Edited *time.Time }
func (Post) BuildReply ¶
type Role ¶
type Role string
var RoleAdmin Role = "admin"
Roles are hierarchical, admins can do everything mods can, and so on
var RoleInactive Role = "inactive"
var RoleMod Role = "mod"
var RoleNone Role = ""
Logged out, non-user
var RoleUser Role = "user"
type SharedConfig ¶
type SharedConfig struct { }
in multi-instance, config values that are shared by the cluster TODO