appcontext

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 3, 2018 License: GPL-3.0 Imports: 9 Imported by: 9

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthPlzCtx 

type AuthPlzCtx struct {
	Global *AuthPlzGlobalCtx
	// contains filtered or unexported fields
}

AuthPlzCtx is the common per-request context Modules implement their own contexts that extend this as a base

func (*AuthPlzCtx) Bind2FARequest 

func (c *AuthPlzCtx) Bind2FARequest(rw web.ResponseWriter, req *web.Request, userID string, action string)

Bind2FARequest Bind a 2fa request and action for a user

func (*AuthPlzCtx) BindInst 

func (c *AuthPlzCtx) BindInst(rw web.ResponseWriter, req *web.Request, sessionKey, dataKey string, inst interface{}) error

BindInst Binds an object instance to a session key and writes to the browser session store TODO: Bindings should probably time out eventually

func (*AuthPlzCtx) BindRecoveryRequest 

func (c *AuthPlzCtx) BindRecoveryRequest(userID string, rw web.ResponseWriter, req *web.Request)

BindRecoveryRequest binds an authenticated recovery request to the session This should only be called after all [possible] authentication has been executed

func (*AuthPlzCtx) BindRedirect 

func (c *AuthPlzCtx) BindRedirect(url string, rw web.ResponseWriter, req *web.Request)

BindRedirect binds a redirect URL to the user session This is called post-login (or other action) to allow users to return to

func (*AuthPlzCtx) CanSudo 

func (c *AuthPlzCtx) CanSudo(rw web.ResponseWriter, req *web.Request) bool

CanSudo checks whether a user has a current sudo session

func (*AuthPlzCtx) ClearSudo 

func (c *AuthPlzCtx) ClearSudo(rw web.ResponseWriter, req *web.Request)

ClearSudo removes a sudo session from a user session

func (*AuthPlzCtx) DoRedirect 

func (c *AuthPlzCtx) DoRedirect(url string, rw web.ResponseWriter, req *web.Request)

DoRedirect writes a redirect to the client

func (*AuthPlzCtx) Get2FARequest 

func (c *AuthPlzCtx) Get2FARequest(rw web.ResponseWriter, req *web.Request) (string, string)

Get2FARequest Fetch a 2fa request and action for a user

func (*AuthPlzCtx) GetFlashMessage 

func (c *AuthPlzCtx) GetFlashMessage(rw web.ResponseWriter, req *web.Request) string

Helper function to get a flash message to display to the user

func (*AuthPlzCtx) GetIPMiddleware 

func (c *AuthPlzCtx) GetIPMiddleware(rw web.ResponseWriter, req *web.Request, next web.NextMiddlewareFunc)

GetIPMiddleware Middleware to grab IP & forwarding headers and store in session

func (*AuthPlzCtx) GetInst 

func (c *AuthPlzCtx) GetInst(rw web.ResponseWriter, req *web.Request, sessionKey, dataKey string) (interface{}, error)

GetInst Fetches an object instance by session key from the browser session store

func (*AuthPlzCtx) GetMeta 

func (c *AuthPlzCtx) GetMeta() map[string]string

func (*AuthPlzCtx) GetNamedSession 

func (c *AuthPlzCtx) GetNamedSession(rw web.ResponseWriter, req *web.Request, sessionKey string) (*sessions.Session, error)

GetNamedSession fetches a session by name

func (*AuthPlzCtx) GetRecoveryRequest 

func (c *AuthPlzCtx) GetRecoveryRequest(rw web.ResponseWriter, req *web.Request) string

GetRecoveryRequest fetches an authenticated recovery request from the session This allows a module to accept new password settings for the provided user id

func (*AuthPlzCtx) GetRedirect 

func (c *AuthPlzCtx) GetRedirect(rw web.ResponseWriter, req *web.Request) string

GetRedirect fetches a redirect from a user session to allow for post-login (or re-auth) user redirection

func (*AuthPlzCtx) GetSession 

func (c *AuthPlzCtx) GetSession() *sessions.Session

GetSession fetches the base user session instance Modules can use this base session or their own session instances

func (*AuthPlzCtx) GetUserID 

func (c *AuthPlzCtx) GetUserID() string

GetUserID Fetch user id from a session Blank if a user is not logged in

func (*AuthPlzCtx) LoginUser 

func (c *AuthPlzCtx) LoginUser(userid string, rw web.ResponseWriter, req *web.Request)

LoginUser Helper function to login a user

func (*AuthPlzCtx) LogoutUser 

func (c *AuthPlzCtx) LogoutUser(rw web.ResponseWriter, req *web.Request)

LogoutUser Helper function to logout a user

func (*AuthPlzCtx) RequireAccountMiddleware 

func (c *AuthPlzCtx) RequireAccountMiddleware(rw web.ResponseWriter, req *web.Request, next web.NextMiddlewareFunc)

RequireAccountMiddleware to ensure only logged in access to an endpoint

func (*AuthPlzCtx) SessionMiddleware 

func (c *AuthPlzCtx) SessionMiddleware(rw web.ResponseWriter, req *web.Request, next web.NextMiddlewareFunc)

SessionMiddleware User session layer Middleware matches user session if it exists and saves userid to the session object

func (*AuthPlzCtx) SetFlashMessage 

func (c *AuthPlzCtx) SetFlashMessage(message string, rw web.ResponseWriter, req *web.Request)

Helper function to set a flash message for display to the user

func (*AuthPlzCtx) SetSudo 

func (c *AuthPlzCtx) SetSudo(userID string, timeout time.Duration, rw web.ResponseWriter, req *web.Request)

SetSudo used to indicate a user has reauthorized to allow protected account actions TODO: could this be pinned to more things? (user agent, IP, real invalidation so it can't be reused if cancelled?) Guess re-use is a bit moot given there is no reason to cancel atm

func (*AuthPlzCtx) UserAction 

func (c *AuthPlzCtx) UserAction(userid, action string, rw web.ResponseWriter, req *web.Request)

UserAction executes a user action, such as `login` This is provided to allow modules to execute global actions as a given user across the API boundaries For example, this allows 2fa to be used to validate a user action TODO: a more elegant solution to this could be nice.

func (*AuthPlzCtx) WriteAPIResult 

func (c *AuthPlzCtx) WriteAPIResult(w http.ResponseWriter, code string)

WriteAPIResult Helper to write API result messages

func (*AuthPlzCtx) WriteAPIResultWithCode 

func (c *AuthPlzCtx) WriteAPIResultWithCode(w http.ResponseWriter, status int, code string)

WriteAPIResultWithCode Helper to write API result messsages while setting the HTTP response code

func (*AuthPlzCtx) WriteInternalError 

func (c *AuthPlzCtx) WriteInternalError(w http.ResponseWriter)

WriteInternalError helper to write internal error status and message

func (*AuthPlzCtx) WriteJSON 

func (c *AuthPlzCtx) WriteJSON(w http.ResponseWriter, i interface{})

WriteJSON Helper to write objects out as JSON

func (*AuthPlzCtx) WriteJSONWithStatus 

func (c *AuthPlzCtx) WriteJSONWithStatus(w http.ResponseWriter, status int, i interface{})

WriteJSON Helper to write objects out as JSON

func (*AuthPlzCtx) WriteUnauthorized 

func (c *AuthPlzCtx) WriteUnauthorized(w http.ResponseWriter)

WriteUnauthorized helper to write unauthorized status and message

type AuthPlzGlobalCtx 

type AuthPlzGlobalCtx struct {
	SessionStore *sessions.CookieStore
}

AuthPlzGlobalCtx Application global / static context

func NewGlobalCtx 

func NewGlobalCtx(sessionStore *sessions.CookieStore) AuthPlzGlobalCtx

NewGlobalCtx creates a new global context instance

type MiddlewareFunc 

type MiddlewareFunc func(c *AuthPlzCtx, rw web.ResponseWriter, req *web.Request, next web.NextMiddlewareFunc)

MiddlewareFunc Convenience type to describe middleware functions

func BindContext 

func BindContext(globalCtx *AuthPlzGlobalCtx) MiddlewareFunc

BindContext Helper to bind the global context object into the router context This is a closure to run over an instance of the global context

type SecondFactorRequest 

type SecondFactorRequest struct {
	UserID string
	Action string
}

SecondFactorRequest is a request for 2fa This is used to register a request that can be fetched by 2fa implementations

type SudoSession 

type SudoSession struct {
	UserID       string
	SessionStart time.Time
	SessionEnd   time.Time
}

SudoSession used to store user reauthorization sessions for protected account actions Such as password changes or 2fa alterations

type User 

type User interface {
	GetExtID() string
	IsAdmin() string
}

User is the user instance interface used in the app context

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.