Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrInvalidPassword is returned when provided password does not check our with stored hash ErrInvalidPassword = errors.New("auth error: password does not check out with stored value") // ErrMustChangePassword is returned when newly created user tries to login with default pass ErrMustChangePassword = errors.New("auth error: user is required to change password") // ErrSamePassword is returned when trying to replace user password with the same password ErrSamePassword = errors.New("auth error: old password and new password must not match") // ErrUserExists is returned when trying to add user with existing username ErrUserExists = errors.New("auth error: user already exists") )
var ( // ErrNoSuchSession is returned when user is not logged in ErrNoSuchSession = errors.New("auth error: user is not logged in") // ErrInvalidToken is returned when token does not check out ErrInvalidToken = errors.New("auth error: invalid token") )
Functions ¶
func RegisterHasher ¶
func RegisterHasher(h PasswordHasher)
RegisterHasher allows to use any other package inmplementing password hashing and basicauth.PasswordHasher interface You can do it like this like this: include the following in your package code import "github.com/dmfed/basicauth"
func init() {
//initialize your hasher (which need to implement basicauth.PasswordHasher)
myhasher = New()
// This will run before init() in basicauth setting your hasher as default
basicauth.RegisterHasher(myhasher)
}
Then you can use your custom hashing package with basicauth like this:
import (
_ "path/to/yourpackage" // this will set basicauth's hasher to use your package "github.com/dmfed/basicauth"
) This way the init() in your custom package will override the default bcrypt implemented here. RegisterHasher can NOT be used once basicauth package is already inititalized. This is done to avoid possible confusion.
Types ¶
type Account ¶
type Account struct {
UserName string
PasswordHash string
DateCreated time.Time `json:",omitempty"`
DateChanged time.Time `json:",omitempty"`
Lastlogin time.Time `json:",omitempty"`
FailedLoginAttempts int `json:",omitempty"`
MustChangePassword bool `json:",omitempty"`
User UserInfo `json:",omitempty"`
}
type AdminInterface ¶
type AdminInterface interface {
AdminAddAccount(username string) error //Change to return random password
AdminDelAccount(username string) error
AdminGetAccount(username string) (Account, error)
AdminUpdAccount(Account) error
AdminResetUserPassword(username string) error
}
AdminInterface defines methods to add, delete and update user info it does not require user password to perform where possible.
func NewAdminInterface ¶
func NewAdminInterface(st UserAccountStorage) (AdminInterface, error)
NewAdminInterface creates instance of AdminInterface
type AppInterface ¶
type AppInterface interface {
CheckUserPassword(username string, password string) error
AddUser(username string, password string) error
ChangeUserPassword(username string, oldpassword string, newpassword string) error
DelUser(username string, password string) error
GetUserInfo(username, password string) (UserInfo, error)
UpdateUserInfo(username, password string, newinfo UserInfo) error
}
ExposedInterface is an interface intended to be exposed to outside world / client application It requires current user password for any interaction. It can only add/change/delete userinfo. For keepeing login sessions see LoginManager interface
func NewAppInterface ¶
func NewAppInterface(st UserAccountStorage) (AppInterface, error)
NewExposedInterface creates instnce of Exposed
type LoginInterface ¶
type LoginInterface interface {
Login(username, password string) (token string, err error)
Logout(username string) error
CheckUserLoggedIn(username, token string) error
CheckUserPassword(username, password string) error
AddUser(username, password string) error
DelUser(username, password string) error
ChangeUserPassword(username, oldpassword, newpassword string) error
GetUserInfo(username, password string) (UserInfo, error)
UpdateUserInfo(username, password string, newinfo UserInfo) error
}
LoginManager implements similar functionality to ExposedInterface but keeps track of session tokens.
func NewLoginManager ¶
func NewLoginManager(st UserAccountStorage, sessionDuration time.Duration) (LoginInterface, error)
NewLoginManager return instance of LoginManager interface
type PasswordHasher ¶
type PasswordHasher interface {
// CheckUserPassword must return nil if hash and password match
CompareUserPasswordWithHash(hash string, password string) error
// HashPassword takes password as string and returns hash
HashPassword(password string) (hash string, err error)
}
PasswordHasher creates hash of pasword and checks hashes against passwords
type TokenKeeper ¶
type TokenKeeper interface {
NewUserToken(username string) (token string, err error)
GetUserToken(username string) (token string, err error)
DelUserToken(username string) error
}
TokenKeeper is an interface to whatever token storage we have
func NewMemTokenKeeper ¶
func NewMemTokenKeeper(sessionduration time.Duration) (TokenKeeper, error)
NewMemSessionTokenKeeper creates new in-memory token keeper
type UserAccountStorage ¶
type UserAccountStorage interface {
Get(username string) (Account, error)
Put(Account) error
Del(username string) error
Upd(Account) error
// Close is intended for use in cases when we need to
// explicitly close network/db connection
Close() error
}
UserInfoStorage is required to keep UserInfo this can be either local file, a DB or any remote storage. basicauth/jsonstorage contains simple implementation with JSON file as storage
Source Files
Directories