Documentation
¶
Overview ¶
The auth package provides functions and types for dealing with logins, account registration and user authentication (including XSRF protection).
Index ¶
Constants ¶
const (
TokenFieldName = "xsrf_token"
)
Variables ¶
var (
ErrTokenNotFound = fmt.Errorf("token not found")
)
Errors returned from Token-related functions.
Functions ¶
func SaltAndHash ¶
SaltAndHash creates a SHA512 hash of a byte string salted with an internal array of random bytes.
func SaltAndHashString ¶
SaltAndHash creates a SHA512 hash of a string salted with an internal array of random bytes.
Types ¶
type Token ¶
type Token struct {
// Cryptographically random bytes.
Token []byte
// The ID string of the user who requested the token.
UserID string
// The path of the request for which the token is valid.
Path string
// The time after which the token is no longer valid.
Expiration time.Time
}
A Token is an unguessable challenge token sent along with requests to prevent CSRF attacks.
func NewToken ¶
NewToken creates a new Token for a user making a request which will expire 1 hour after the given time.
func TokenForRequest ¶
TokenForRequest returns the stored auth token for a user request. If the token could not be found, returns ErrTokenNotFound.
func (*Token) Encode ¶
Encode returns an encoded string of the token, suitable for embedding in an HTML form.
func (*Token) IsValid ¶
IsValid returns true if the token's encoding matches the given encoded token and its expiration is not after now.
Source Files