auth

package
v0.1.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 2, 2021 License: MIT Imports: 3 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrAffiliationNameEmpty           = errors.New("auth: affiliation name is empty")
	ErrAffiliationOwnerUserIDEmpty    = errors.New("auth: affiliation owner user id is empty")
	ErrAffiliationSharedWalletIDEmpty = errors.New("auth: affiliation shared wallet id is empty")
	ErrAffiliationStreetAddressEmpty  = errors.New("auth: affiliation street address is empty")
	ErrAffiliationCityEmpty           = errors.New("auth: affiliation city is empty")
	ErrAffiliationStateEmpty          = errors.New("auth: affiliation state is empty")
	ErrAffiliationCountryISOEmpty     = errors.New("auth: affiliation country iso is empty")
	ErrAffiliationZipCodeEmpty        = errors.New("auth: affiliation zip code is empty")
	ErrAffiliationContactEmailEmpty   = errors.New("auth: affiliation contact email is empty")
)
View Source
var (
	ErrMFAInstanceUnknown = errors.New("auth: Unknown MFA instance")
)

*************** Aggregator ***************

Functions

func CheckoutMFA

func CheckoutMFA(userID uint64, extentionType string) (string, error)

Read

func ClearMFA

func ClearMFA(userID uint64, extentionType string) error

Delete

func ConfirmMFA

func ConfirmMFA(userID uint64, extentionType string) error

Update

func CreateAffiliation

func CreateAffiliation(affiliation *Affiliation) error

func DeleteTmpEntry

func DeleteTmpEntry(userID uint64, extentionType, indexKey string) error

Delete

func EnabledMFA

func EnabledMFA(userID uint64) ([]string, error)

func InitMFA

func InitMFA(userID uint64, extentionType, extentionData string) error

Create

func InsertTmpEntry

func InsertTmpEntry(userID uint64, extentionType, indexKey, storedValue string) error

*********** Temporary Database *********** Create

func ListUserID added in v0.1.7

func ListUserID() ([]uint64, error)

func ListUserIDByAffiliationID added in v0.1.7

func ListUserIDByAffiliationID(affiliationID uint64) ([]uint64, error)

func MFACompleteSignUp added in v0.1.7

func MFACompleteSignUp(MFAType string, userID uint64, mfaConf map[string]string) error

func MFAEnabled

func MFAEnabled(userID uint64, extentionType string) (bool, error)

Read

func MFAInitSignUp added in v0.1.8

func MFAInitSignUp(MFAType string, userID uint64, username string) (map[string]interface{}, error)

func MFANewChallenge added in v0.1.7

func MFANewChallenge(MFAType string, userID uint64) (map[string]interface{}, error)

func MFARegistered added in v0.1.7

func MFARegistered(MFAType string, userID uint64) bool

func MFARemove added in v0.1.7

func MFARemove(MFAType string, userID uint64) error

func MFASubmitChallenge added in v0.1.7

func MFASubmitChallenge(MFAType string, userID uint64, challengeResponse map[string]string) error

func PurgeExpiredTmpEntry added in v0.1.6

func PurgeExpiredTmpEntry() error

func ReadTmpEntry

func ReadTmpEntry(userID uint64, extentionType, indexKey string) (string, error)

Read

func RegMFAInstance added in v0.1.7

func RegMFAInstance(MFAType string, instance MultiFactorAuthentication)

func Setup

func Setup(dbConn *sql.DB, tblPrefixOverride string)

func UpdateMFA

func UpdateMFA(userID uint64, extentionType, extentionData string) error

Update

func UpdateTmpEntry

func UpdateTmpEntry(userID uint64, extentionType, indexKey, storedValue string) error

Update

Types

type Affiliation

type Affiliation struct {
	Name           string
	ParentID       uint64
	OwnerUserID    uint64 // must be a valid user id with a wallet (to be shared among users with permission)
	SharedWalletID uint64 // must be a valid wallet id
	StreetAddress  string
	Suite          string
	City           string
	State          string
	CountryISO     string
	ZipCode        string
	ContactEmail   string
	// contains filtered or unexported fields
}

func GetAffiliationByID

func GetAffiliationByID(id uint64) (*Affiliation, error)

func (*Affiliation) ParentAffiliation added in v0.1.7

func (affiliation *Affiliation) ParentAffiliation() (*Affiliation, error)

func (*Affiliation) UpdateAffiliation

func (affiliation *Affiliation) UpdateAffiliation() error

type MultiFactorAuthentication

type MultiFactorAuthentication interface {
	Registered(userID uint64) bool

	// Register associate a MFA credential to user
	InitSignUp(userID uint64, username string) (map[string]interface{}, error)
	CompleteSignUp(userID uint64, mfaConf map[string]string) error

	// Challenge is called when user try to verify identity using the selected MFA.
	NewChallenge(userID uint64) (map[string]interface{}, error)
	SubmitChallenge(userID uint64, challengeResponse map[string]string) error

	// Remove the MFA credential from the database
	Remove(userID uint64) error
}

*************** Interface ***************

type Role

type Role uint32
const (
	ROLELESS Role = 0

	/************ Global Role ************/
	GLOBAL_EVALUATION_USER Role = 1 << (iota - 1) // EVALUATION_USER is a global role. In principle it is mutual exclusive against PRODUCTION_USER.
	GLOBAL_PRODUCTION_USER                        // PRODUCTION_USER is a global role. In principle it is mutual exclusive against EVALUATION_USER.
	GLOBAL_INTERNAL_USER                          // INTERNAL_USER may order products free of charge
	GLOBAL_ADMIN                                  // ADMIN owns all access to management interface

	/************ Exemptional Role ************/
	EXEMPT_MARKETING_CONTACT // User won't be contacted for marketing purposes
	EXEMPT_BILLING_CONTACT   // User won't be notified for billing updates
	EXEMPT_SUPPORT_CONTACT   // User won't be notified for supporting case updates

	/************ Affiliation Role ************/
	// Affiliations (enterprises) may purchase products and set them
	// to be shared by users
	AFFILIATION_ACCOUNT_USER  // ACCOUNT_USER is a user belong to an enterprise
	AFFILIATION_ACCOUNT_ADMIN // ACCOUNT_ADMIN may create users and manage users (assigning roles, etc)

	AFFILIATION_PRODUCT_USER  // PRODUCT_USER may only view(and use) products
	AFFILIATION_PRODUCT_ADMIN // PRODUCT_ADMIN may create and edit shared products

	AFFILIATION_BILLING_USER  // BILLING_USER may purchase products with Affiliation-owned wallet
	AFFILIATION_BILLING_ADMIN // BILLING_ADMIN may deposit funds into Affiliation-owned wallet and view/manage associated products
)

Known roles as unambiguous binary flags allowing cascading

func Roles

func Roles(roles ...Role) Role

Roles() merge input roles into one single role. repeated entry will be ignored.

func (Role) AddRole

func (r Role) AddRole(role Role) Role

AddRole() add a role to the current role. repeated entry will be ignored.

func (Role) Includes

func (r Role) Includes(other Role) bool

Includes() checks if the input role is included in current role.

func (Role) RemoveRole

func (r Role) RemoveRole(role Role) Role

RemoveRole() remove a role from the current role.

type User

type User struct {
	Email         string `json:"email"`
	Password      string `json:"password"` // HMAC-Hashed
	Role          Role   `json:"role"`
	AffiliationID uint64 `json:"affiliation"`
	// contains filtered or unexported fields
}

func GetUserByEmailPassword

func GetUserByEmailPassword(email, password string) (*User, error)

GetUserByEmail should be called for user login return nil, err when error/mismatch

func GetUserByID

func GetUserByID(id uint64) (*User, error)

GetUserByID should be called only after the user has been authenticated (Token validated)

func GetUsersByAffiliationID

func GetUsersByAffiliationID(affiliationID uint64) ([]*User, error)

func (*User) Create added in v0.1.7

func (user *User) Create() error

CreateUser should be called when registering a new user

func (*User) CreateInfo added in v0.1.7

func (user *User) CreateInfo(info *UserInfo) error

func (*User) EmailExists added in v0.1.7

func (user *User) EmailExists() (bool, error)

UserEmailExists should be called before submitting user creation form.

func (*User) ID added in v0.1.3

func (user *User) ID() uint64

func (*User) Info

func (user *User) Info() (*UserInfo, error)

func (*User) Update added in v0.1.7

func (user *User) Update() error

UpdateUser

func (*User) UpdateInfo

func (user *User) UpdateInfo(info *UserInfo) error

func (*User) Wipe added in v0.1.7

func (user *User) Wipe() error

Wipe User Data

type UserInfo

type UserInfo struct {
	// Personal Info - Mandatory
	FirstName string `json:"first_name"` // Preferred First Name
	LastName  string `json:"last_name"`  // Preferred Last Name

	// Billing Info - Optional
	StreetAddress string `json:"street_address"`
	Suite         string `json:"suite"`
	City          string `json:"city"`
	State         string `json:"state"`
	CountryISO    string `json:"country_iso"`
	ZipCode       string `json:"zip_code"`
}

Directories

Path Synopsis
examples
mfa

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL