identity_controllers

package
v0.0.0-...-767b333 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 5, 2024 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	DefaultExpirationRegistration  = 24 * time.Hour
	DefaultExpirationPasswordReset = 3 * time.Hour
	DefaultExpirationLoginDuration = 24 * time.Hour * 30
)
View Source 
var ErrAcceptTermsAndConditions = errors.New("please accept the terms and conditions")

ErrAcceptTermsAndConditions is returned when the user did not accept the terms and conditions

View Source 
var ErrCanNotChangePassword = errors.New("can not change password. please try again")

ErrCanNotChangePassword is returned when the user can not change the password

View Source 
var ErrCheckPassword = errors.New("please check your password")

ErrCheckPassword is returned when the password is wrong

View Source 
var ErrConfirmPassword = errors.New("new password and confirmation do not match")

ErrConfirmPassword is returned when the new password and confirmation do not match

View Source 
var ErrCouldNotCreateToken = errors.New("could not create token")

ErrCouldNotCreateToken is thrown when the token could not be created

View Source 
var ErrEmailAlreadyExists = errors.New("email already exists")

ErrEmailAlreadyExists is returned when the email address is already in use

View Source 
var ErrEmailIsAlreadyRegistered = errors.New("email is already registered")

ErrEmailIsAlreadyRegistered is returned when the email is already registered

View Source 
var ErrEmailNotVerified = errors.New("the email address is not confirmed yet")

ErrEmailNotVerified is returned when the user email is not verified

View Source 
var ErrExternalDelete = errors.New("user could not be deleted. Please try again later")

ErrExternalDelete is returned when the email address is already in use

View Source 
var ErrExternalIsAdmin = errors.New("error while checking if user is admin. Please try again later")

ErrExternalIsAdmin is returned if the user is an admin

View Source 
var ErrExternalLoginFailed = errors.New("login failed; please try again")

ErrExternalLoginFailed is returned when the login failed and the reason should not be exposed to the user

View Source 
var ErrExternalLoginFailedInvalidUserOrPassword = errors.New("login failed; Invalid user ID or password")

ErrExternalLoginFailedInvalidUserOrPassword is returned when the user or password is invalid

View Source 
var ErrExternalNoAdmin = errors.New("not an admin")

ErrExternalNoAdmin is returned if the user is not an admin

View Source 
var ErrExternalNoRegistrationToken = errors.New("no registration token found in the database. Please re-register")
View Source 
var ErrExternalNoTokensFound = errors.New("no tokens found")

ErrExternalNoTokensFound is returned when no tokens are found

View Source 
var ErrExternalUserBlocked = errors.New("this identity can not login. Please contact the support")

ErrExternalUserBlocked is returned when the user is blocked

View Source 
var ErrExternalUserCleared = errors.New("this identity can not login at the moment. It must be cleared by the admin first")

ErrExternalUserCleared is returned when the user is not cleared

View Source 
var ErrExternalUserLoginNotPossible = errors.New("login currently not possible. Please try again later")

ErrExternalUserLoginNotPossible is returned when the user can not log in

View Source 
var ErrGenericRegistration = errors.New("there was a problem during the registration process. Please try again")

ErrGenericRegistration message

View Source 
var ErrIdentityNotFound = errors.New("identity not found")

ErrIdentityNotFound is returned when the identity is not found

View Source 
var ErrInvalidPassword = errors.New("old password is incorrect")

ErrInvalidPassword is returned when the password is invalid

View Source 
var ErrInvalidUsername = errors.New("the username must be alphanumeric and longer than 3 chars")

ErrInvalidUsername is returned when the username is invalid

View Source 
var ErrLoginTokenExpirationInPast = errors.New("login token expiration date is in the past")

ErrLoginTokenExpirationInPast is returned when the login token expiration date is in the past

View Source 
var ErrNilEntity = errors.New("entity is nil")
View Source 
var ErrNilIdentityUID = errors.New("identity uid is nil")
View Source 
var ErrNilRelationType = errors.New("relation type is nil")
View Source 
var ErrNoEmail = errors.New("no email address")

ErrNoEmail is returned when no email is provided

View Source 
var ErrNoIdentity = errors.New("no identity found")

ErrNoIdentity is returned if no identity is found

View Source 
var ErrNoIdentityIdentification = errors.New("no identity identification provided. Please contact the administrator")

ErrNoIdentityIdentification is returned if no identification is provided

View Source 
var ErrNoPassword = errors.New("no password")

ErrNoPassword is returned when no password is provided

View Source 
var ErrNoUserFound = errors.New("no user has been found with this email")

ErrNoUserFound is returned when no user is found

View Source 
var ErrOldPasswordIsSame = errors.New("the old password is the same as the new password")

ErrOldPasswordIsSame is returned when the new password is the same as the old password

View Source 
var ErrRegistrationConfirmationExpired = errors.New("registration confirmation expired. Please re-register")

ErrRegistrationConfirmationExpired is returned when the registration confirmation has expired

View Source 
var ErrRegistrationIsNotAllowed = errors.New("registration is not allowed. Please contact the administrator")

ErrRegistrationIsNotAllowed is returned when the system does not allow registration

View Source 
var ErrTokenExpirationDateInPast = errors.New("token expiration date is in the past")

ErrTokenExpirationDateInPast is thrown when the token expiration date is in the past

View Source 
var ErrTokenExpired = errors.New("security token expired. Please initialize a new password reset")

ErrTokenExpired is returned when the token is expired

View Source 
var ErrTokenNameEmpty = errors.New("token name is empty")

ErrTokenNameEmpty is thrown when the token name is empty

View Source 
var ErrTokenNotFound = errors.New("security token not found. Please request a new password reset")

ErrTokenNotFound is returned when the token is not in the database

View Source 
var ErrTokenUsed = errors.New("security token already used. Please request a new password reset")

ErrTokenUsed is returned when the token was used

View Source 
var ErrUsernameLongerThan = errors.New("the username must be longer than 3 chars")

ErrUsernameLongerThan is returned when the username is shorter than 3 characters

View Source 
var ErrWrongPassword = errors.New("wrong password")

ErrWrongPassword is returned when the password is wrong

View Source 
var InvitationTimeout = time.Hour * 24 * 30 * 6 // 6 months

InvitationTimeout is the time after which an invitation expires

Functions

func AcceptTerms 

func AcceptTerms(service IdentityService, token string) (err error)

AcceptTerms accepts the terms and conditions uses a token to find the identity and sets the accept terms and conditions to true

func Activate 

func Activate(service IdentityService, user *identity_models.Identity) (err error)

Activate activates the user

func AddIdentityRelation 

func AddIdentityRelation(
	service IdentityService,
	identityUID uuid.UUID,
	relationType string,
	entity identity_models.IdentityRelationEntity,
) (err error)

AddIdentityRelation adds a relation between an identity and an entity

func AdminCreateIdentityAndInvite 

func AdminCreateIdentityAndInvite(service IdentityService, origin, subject, content, firstName, lastName, emailAddress string) (identity identity_models.Identity, err error)

AdminCreateIdentityAndInvite creates an identity and sends an invitation - create identity - create confirmation - reset password - send invite

func AdminDeleteIdentity 

func AdminDeleteIdentity(service IdentityService, uid uuid.UUID) (err error)

AdminDeleteIdentity deletes an identity - anonymizes the firstname and lastname - anonymizes the email and phone - deletes the account

func AnonymizeIdentity 

func AnonymizeIdentity(service IdentityService, uid uuid.UUID, password string) (err error)

AnonymizeIdentity anonymizes the first name, the last NameAndSave an account - gets the identity by uid - checks if the password is correct - anonymizes the identity - saves the identity

func AnonymizeString 

func AnonymizeString(s string) string

AnonymizeString provides a SHA1 hash of the request body

func AutoBlockUserFn 

func AutoBlockUserFn(origin string) bool

AutoBlockUserFn automatically clears a user

func AutoClearUserAfterRegistration 

func AutoClearUserAfterRegistration(origin string) bool

AutoClearUserAfterRegistration automatically clears a user

func Block 

func Block(service IdentityService, user *identity_models.Identity) (err error)

Block blocks a user

func ChangePassword 

func ChangePassword(service IdentityService, identityUID uuid.UUID, oldPassword, newPassword, newPasswordConfirmation string) (err error)

ChangePassword changes the user's password given the user object and the new password

func CheckIfEmailIsFree 

func CheckIfEmailIsFree(service IdentityService, email string) (isFree bool, err error)

CheckIfEmailIsFree checks if the username is still free

func CheckIfUsernameIsValid 

func CheckIfUsernameIsValid(userName string) (err error)

CheckIfUsernameIsValid check if the username is valid

func CheckUserLogin 

func CheckUserLogin(service IdentityService, email string, password string) (result bool, err error)

CheckUserLogin check if the credentials of a user are correct

func ConfirmNewEmail 

func ConfirmNewEmail(service IdentityService, token string)

func ConfirmOldEmail 

func ConfirmOldEmail(service IdentityService, token string)

func ConfirmResetPassword 

func ConfirmResetPassword(service IdentityService, token, password string) (err error)

func CreateApiToken 

func CreateApiToken(service IdentityService, identityUID uuid.UUID, tokenName string, utcTokenExpirationDate time.Time) (token *identity_models.IdentityApiToken, err error)

CreateApiToken creates a new api token for an identity

func DefaultAllowRegistration 

func DefaultAllowRegistration(origin string) bool

func DeleteApiToken 

func DeleteApiToken(service IdentityService, identityUID uuid.UUID, tokenUID uuid.UUID) (err error)

DeleteApiToken deletes an api token from the database

func DeleteIdentity 

func DeleteIdentity(service IdentityService, uid uuid.UUID, password string) (err error)

DeleteIdentity deletes an identity - gets the identity - checks if the password is correct - anonymizes the firstname and lastname - anonymizes the email and phone - deletes the account

func GenerateJWT 

func GenerateJWT(service IdentityService, user *identity_models.Identity) (result string, err error)

GenerateJWT generates a Json Web Token from the user object

func GetApiTokensByIdentity 

func GetApiTokensByIdentity(service IdentityService, identityUID uuid.UUID) (results []*identity_models.IdentityApiToken, err error)

GetApiTokensByIdentity retrieves the api tokens of an identity from the database

func GetIdentityByEmail 

func GetIdentityByEmail(service IdentityService, email string) (result *identity_models.Identity, err error)

GetIdentityByEmail retrieves the identity from the database

func GetIdentityByUID 

func GetIdentityByUID(service IdentityService, uid uuid.UUID) (result *identity_models.Identity, err error)

GetIdentityByUID retrieves the identity from the database

func InitChangeEmail 

func InitChangeEmail(service IdentityService, username, password string) (user *identity_models.Identity, err error)

func InitResetPassword 

func InitResetPassword(service IdentityService, emailAddress, userAgent, ip, origin string) (err error)

InitResetPassword inits the password reset process

func InvitationConfirmation 

func InvitationConfirmation(service IdentityService, token, newPassword, newPasswordConfirmation, userAgent, ip, origin string, acceptTermsAndConditions bool) (userToken string, err error)

InvitationConfirmation confirms an invitation - check if accept terms and conditions is true - reset password - confirm registration - accept terms and conditions

func InviteCSV 

func InviteCSV(service IdentityService, origin, filePath, subject, content, link string) (err error)

InviteCSV adds all users in a CSV file to the invite list

func InviteUser 

func InviteUser(service IdentityService, origin, subject, firstName, lastName, emailAddress, content, link string) (err error)

InviteUser invites a user to the system

func IsAdmin 

func IsAdmin(service IdentityService, identityUID uuid.UUID) (err error)

IsAdmin checks if the user is an admin

func Lock 

func Lock(service IdentityService, user *identity_models.Identity) (err error)

Lock locks an identity

func Login 

func Login(service IdentityService, emailAddress, password, userAgent, ip string) (token string, err error)

Login logs in a user and returns a JWT token

func Logout 

func Logout(service IdentityService, token string) (err error)

func LogoutAllDevices 

func LogoutAllDevices(service IdentityService, user *identity_models.Identity) (err error)

func ReadAllUsers 

func ReadAllUsers(service IdentityService, keyword string, offset, limit int, orderBy string) (results []*identity_models.Identity, amount int64, err error)

ReadAllUsers reads all users

func ReadIdentity 

func ReadIdentity(service IdentityService, identityUID uuid.UUID) (result *identity_models.Identity, err error)

ReadIdentity reads a specific user

func ReadIdentityLogins 

func ReadIdentityLogins(service IdentityService, keyword string, offset, limit int, orderBy string) (results []*identity_models.IdentityLogin, amount int64, err error)

ReadIdentityLogins reads the identity logins

func ReadIdentityRelation 

func ReadIdentityRelation(service IdentityService, identityUID uuid.UUID, relationType string, entity identity_models.IdentityRelationEntity) (result *identity_models.IdentityRelation, err error)

ReadIdentityRelation reads a relation between an identity and an entity

func ReadIdentityRelations 

func ReadIdentityRelations(service IdentityService, identityUID uuid.UUID, relationType string, entity identity_models.IdentityRelationEntity) (results []*identity_models.IdentityRelation, err error)

ReadIdentityRelations reads relations between an identity and an entity

func Register 

func Register(service IdentityService, emailAddress, password string, termAndConditions bool, userAgent, ip, origin string) (err error)

Register registers a new user

func RegistrationConfirmation 

func RegistrationConfirmation(service IdentityService, token, userAgent, ip string) (err error)

RegistrationConfirmation confirms a registration

func RemoveIdentityRelation 

func RemoveIdentityRelation(
	service IdentityService,
	identityUID uuid.UUID,
	relationType string,
	entity identity_models.IdentityRelationEntity,
) (err error)

RemoveIdentityRelation removes a relation between an identity and an entity

func ResetPassword 

func ResetPassword(service IdentityService, token, newPassword, newPasswordConfirmation, userAgent, ip, origin string) (err error)

ResetPassword resets the password

func SanitizeEmail 

func SanitizeEmail(emailAddress string) string

SanitizeEmail sanitizes an email address

func SetPasswordOfIdentity 

func SetPasswordOfIdentity(service IdentityService, user *identity_models.Identity, newPassword string) (err error)

SetPasswordOfIdentity set the password of a user by its email

func UnBlock 

func UnBlock(service IdentityService, user *identity_models.Identity) (err error)

UnBlock unblocks a user

func Unlock 

func Unlock(service IdentityService, user *identity_models.Identity) (err error)

Unlock unlocks an identity

func UpdateIdentity 

func UpdateIdentity(service IdentityService, newIdentity *identity_models.Identity) (err error)

UpdateIdentity updates the identity

func UpdateUser 

func UpdateUser(service IdentityService, identityUID uuid.UUID) (result *identity_models.Identity, err error)

UpdateUser updates a specific user

func VerifyPassword 

func VerifyPassword(service IdentityService, user *identity_models.Identity, password string) bool

VerifyPassword verifies the user's password given the user object and the password

Types

type AllowRegistrationFn 

type AllowRegistrationFn func(origin string) bool

AllowRegistrationFn checks if users can register

type ClearUserFn 

type ClearUserFn func(origin string) bool

ClearUserFn clears a user

type ControllerService 

type ControllerService struct {
	Issuer                    string
	Pepper                    string
	Audience                  string
	PrimaryIdentificationType IdentificationType
	// contains filtered or unexported fields
}

ControllerService is the identity service

func NewService 

func NewService(issuer string, senderEmailAddress mail.Address) *ControllerService

NewService inits a new identity service

func (*ControllerService) AllowRegistration 

func (s *ControllerService) AllowRegistration(origin string) bool

AllowRegistration checks if users can register

func (*ControllerService) AutoClearUserAfterRegistration 

func (s *ControllerService) AutoClearUserAfterRegistration(origin string) bool

AutoClearUserAfterRegistration checks if a user is automatically cleared after registration

func (*ControllerService) GetAdminEmail 

func (s *ControllerService) GetAdminEmail() string

GetAdminEmail returns the admin email

func (*ControllerService) GetAudience 

func (s *ControllerService) GetAudience() string

GetAudience returns the audience

func (*ControllerService) GetEmailTemplate 

func (s *ControllerService) GetEmailTemplate() email.GlobalTemplate

GetEmailTemplate returns the email template

func (ControllerService) GetExpirationLoginDuration 

func (s ControllerService) GetExpirationLoginDuration() time.Duration

func (ControllerService) GetExpirationPasswordReset 

func (s ControllerService) GetExpirationPasswordReset() time.Duration

func (ControllerService) GetExpirationRegistration 

func (s ControllerService) GetExpirationRegistration() time.Duration

func (*ControllerService) GetIssuer 

func (s *ControllerService) GetIssuer() string

GetIssuer returns the issuer

func (*ControllerService) GetLogger 

func (s *ControllerService) GetLogger() *slog.Logger

func (*ControllerService) GetPepper 

func (s *ControllerService) GetPepper() string

GetPepper returns the pepper

func (*ControllerService) GetSQLClient 

func (s *ControllerService) GetSQLClient() *gorm.DB

GetSQLClient returns the sql client

func (*ControllerService) GetSenderEmailAddress 

func (s *ControllerService) GetSenderEmailAddress() mail.Address

GetSenderEmailAddress returns the sender email address

func (*ControllerService) ResolveCreationInvitationEmailTemplate 

func (s *ControllerService) ResolveCreationInvitationEmailTemplate(origin, firstName, lastName, emailAddress, content, token string) email.CreationInvitationEmailTemplate

func (*ControllerService) ResolveInvitationEmailTemplate 

func (s *ControllerService) ResolveInvitationEmailTemplate(origin, firstName, lastName, emailAddress, content, link string) email.InvitationEmailTemplate

ResolveInvitationEmailTemplate returns the invitation email template

func (*ControllerService) ResolvePasswordResetEmailTemplate 

func (s *ControllerService) ResolvePasswordResetEmailTemplate(origin, emailAddress, confirmationUrl string) email.PasswordResetTemplate

ResolvePasswordResetEmailTemplate returns the password reset email template

func (*ControllerService) ResolveRegistrationEmailTemplate 

func (s *ControllerService) ResolveRegistrationEmailTemplate(origin, emailAddress, confirmationUrl string) email.RegistrationEmailTemplate

ResolveRegistrationEmailTemplate returns the registration email template

func (*ControllerService) SendEmail 

func (s *ControllerService) SendEmail(senderAddress mail.Address, receiverAddress mail.Address, subject, content string) error

SendEmail sends an email

func (*ControllerService) SendSMS 

func (s *ControllerService) SendSMS(address string, content string) error

SendSMS sends an sms

func (*ControllerService) SetAdminEmail 

func (s *ControllerService) SetAdminEmail(email string) *ControllerService

SetAdminEmail sets the admin email

func (*ControllerService) SetClearUserAfterRegistrationResolver 

func (s *ControllerService) SetClearUserAfterRegistrationResolver(fn ClearUserFn) *ControllerService

SetClearUserAfterRegistrationResolver sets clear after registration resolver

func (*ControllerService) SetLogger 

func (s *ControllerService) SetLogger(logger *slog.Logger) *ControllerService

SetLogger sets the logger

func (*ControllerService) SetPepper 

func (s *ControllerService) SetPepper(pepper string)

SetPepper sets the pepper

func (*ControllerService) SetRegistrationEmailResolver 

func (s *ControllerService) SetRegistrationEmailResolver(fn ResolveRegistrationEmailTemplate) *ControllerService

SetRegistrationEmailResolver sets the registration email resolver

func (*ControllerService) SetSQLClient 

func (s *ControllerService) SetSQLClient(client *gorm.DB) *ControllerService

SetSQLClient sets the sql client

type IdentificationType 

type IdentificationType string

IdentificationType is the type of the identification 

const (
	// EmailIdentificationType is the type of identification that is used to identify a user by email
	EmailIdentificationType IdentificationType = "email"
	// PhoneIdentificationType is the type of identification that is used to identify a user by phone number
	PhoneIdentificationType IdentificationType = "phone"
)

type IdentityService 

type IdentityService interface {
	GetLogger() *slog.Logger
	// SQL
	GetSQLClient() *gorm.DB
	// Security
	GetPepper() string
	GetIssuer() string
	GetAudience() string
	// Admin
	GetAdminEmail() string
	// Communication
	GetSenderEmailAddress() mail.Address
	SendEmail(senderAddress mail.Address, receiverAddress mail.Address, subject, content string) error
	SendSMS(receiver string, content string) (err error)
	ResolveRegistrationEmailTemplate(origin, emailAddress, confirmationUrl string) email.RegistrationEmailTemplate
	ResolvePasswordResetEmailTemplate(origin, emailAddress, confirmationUrl string) email.PasswordResetTemplate
	ResolveInvitationEmailTemplate(origin, firstName, lastName, emailAddress, content, link string) email.InvitationEmailTemplate
	ResolveCreationInvitationEmailTemplate(origin, firstName, lastName, emailAddress, content, link string) email.CreationInvitationEmailTemplate
	// Registration
	AutoClearUserAfterRegistration(origin string) bool // checks if a user should be automatically cleared after registration
	AllowRegistration(origin string) bool              // checks if a user should be automatically cleared after registration
	GetExpirationRegistration() time.Duration
	GetExpirationPasswordReset() time.Duration
	GetExpirationLoginDuration() time.Duration
}

type ResolveCreationInvitationEmailTemplate 

type ResolveCreationInvitationEmailTemplate func(origin, firstName, lastName, emailAddress, content, token string) email.CreationInvitationEmailTemplate

ResolveCreationInvitationEmailTemplate resolves the creation invitation email template sends a link to the newly created identity to select a password and confirm the email address and the terms of service

type ResolveInvitationEmailTemplate 

type ResolveInvitationEmailTemplate func(origin, firstName, lastName, emailAddress, content, link string) email.InvitationEmailTemplate

ResolveInvitationEmailTemplate resolves the invitation email template sends a link to the user to register

type ResolvePasswordResetEmailTemplate 

type ResolvePasswordResetEmailTemplate func(origin, emailAddress, token string) email.PasswordResetTemplate

ResolvePasswordResetEmailTemplate resolves the password reset email template

type ResolveRegistrationEmailTemplate 

type ResolveRegistrationEmailTemplate func(origin, emailAddress, token string) email.RegistrationEmailTemplate

ResolveRegistrationEmailTemplate resolves the registration email template

type SendMailFn 

type SendMailFn func(mail.Address, mail.Address, string, string) error

SendMailFn is the function that sends an email

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.