auth

package

v2.22.0 Latest Latest Go to latest Published: Aug 21, 2024 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/France-ioi/AlgoreaBackend

Links

Open Source Insights

Documentation ¶

Overview ¶

Package auth provides user authentication.

Index ¶

Constants
func BearerTokenFromContext(ctx context.Context) string
func CreateNewTempSession(s *database.DataStore, userID int64) (accessToken string, expiresIn int32, err error)
func GenerateKey() (string, error)
func GetOAuthConfig(config *viper.Viper) *oauth2.Config
func MockUserMiddleware(user *database.User) func(next http.Handler) http.Handler
func RefreshTempUserSession(s *database.DataStore, userID, sessionID int64) (accessToken string, expiresIn int32, err error)
func SessionIDFromContext(ctx context.Context) int64
func UserFromContext(ctx context.Context) *database.User
func UserMiddleware(service GetStorer) func(next http.Handler) http.Handler
func ValidatesUserAuthentication(service GetStorer, w http.ResponseWriter, r *http.Request) (ctx context.Context, authorized bool, reason string, err error)
type GetStorer
type SessionCookieAttributes
- func ParseSessionCookie(r *http.Request) (accessToken string, cookieAttributes SessionCookieAttributes)
- func SessionCookieAttributesFromContext(ctx context.Context) *SessionCookieAttributes
- func (attributes *SessionCookieAttributes) SessionCookie(token string, secondsUntilExpiry int32) *http.Cookie

Constants ¶

View Source

const MockCtxSessionID = int64(1)

MockCtxSessionID is a fixed session ID to be used by the mock user middleware.

View Source

const TemporaryUserSessionLifetimeInSeconds = int32(2 * time.Hour / time.Second) // 2 hours (7200 seconds)

TemporaryUserSessionLifetimeInSeconds specifies the lifetime of the access token for a temporary user.

Variables ¶

This section is empty.

Functions ¶

func BearerTokenFromContext ¶

func BearerTokenFromContext(ctx context.Context) string

BearerTokenFromContext retrieves a bearer token from a context set by the middleware.

func CreateNewTempSession ¶

func CreateNewTempSession(s *database.DataStore, userID int64) (
	accessToken string, expiresIn int32, err error,
)

CreateNewTempSession creates a new session for a temporary user.

func GenerateKey ¶

func GenerateKey() (string, error)

GenerateKey generate a random string that can be used as an access token for a temporary user's session. The entropy of the generated string (assuming "crypto/rand" is well implemented) is 36^32, so ~165 bits.

func GetOAuthConfig ¶

func GetOAuthConfig(config *viper.Viper) *oauth2.Config

GetOAuthConfig generates the OAuth2 config from a configuration.

func MockUserMiddleware ¶

func MockUserMiddleware(user *database.User) func(next http.Handler) http.Handler

MockUserMiddleware is a middleware to be used to mock a fixed user in the context.

func RefreshTempUserSession ¶

func RefreshTempUserSession(s *database.DataStore, userID, sessionID int64) (accessToken string, expiresIn int32, err error)

RefreshTempUserSession refreshes the session of a temporary user.

func SessionIDFromContext ¶

func SessionIDFromContext(ctx context.Context) int64

SessionIDFromContext retrieves the session id from a context set by the middleware.

func UserFromContext ¶

func UserFromContext(ctx context.Context) *database.User

UserFromContext retrieves a user from a context set by the middleware.

func UserMiddleware ¶

func UserMiddleware(service GetStorer) func(next http.Handler) http.Handler

UserMiddleware is a middleware retrieving a user from the request content. It takes the access token from the 'Authorization' header and loads the user info from the DB.

func ValidatesUserAuthentication ¶

func ValidatesUserAuthentication(service GetStorer, w http.ResponseWriter, r *http.Request) (
	ctx context.Context, authorized bool, reason string, err error,
)

ValidatesUserAuthentication checks the authentication in the Authorization header and in the "access_token" cookie. It returns:

A request context with the user authenticated on success
Whether the authentication was a success
The reason why the user couldn't be authenticated

Types ¶

type GetStorer ¶

type GetStorer interface {
	GetStore(r *http.Request) *database.DataStore
}

GetStorer is an interface allowing to get a data store bound to the context of the given request.

type SessionCookieAttributes ¶

type SessionCookieAttributes struct {
	UseCookie bool
	Secure    bool
	SameSite  bool
	Domain    string
	Path      string
}

SessionCookieAttributes represents attributes of the session cookie.

func ParseSessionCookie ¶

func ParseSessionCookie(r *http.Request) (accessToken string, cookieAttributes SessionCookieAttributes)

ParseSessionCookie parses the 'access_token' cookie (if given) and returns the access token among with cookie attributes.

func SessionCookieAttributesFromContext ¶

func SessionCookieAttributesFromContext(ctx context.Context) *SessionCookieAttributes

SessionCookieAttributesFromContext retrieves session cookie attributes from a context set by the middleware. The nil result means the middleware hasn't been called.

func (*SessionCookieAttributes) SessionCookie ¶

func (attributes *SessionCookieAttributes) SessionCookie(token string, secondsUntilExpiry int32) *http.Cookie

SessionCookie constructs a session cookie with the given attributes.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL