Documentation
¶
Index ¶
- type OtpToken
- type UI
- func (ui *UI) GenerateOTPSecret(w http.ResponseWriter, req *http.Request)
- func (ui *UI) HandleIndex(w http.ResponseWriter, req *http.Request)
- func (ui *UI) HandlePayloadByID(w http.ResponseWriter, req *http.Request)
- func (ui *UI) LoggingMiddleware(next http.Handler) http.Handler
- func (ui *UI) Login(w http.ResponseWriter, req *http.Request)
- func (ui *UI) Logout(w http.ResponseWriter, r *http.Request)
- func (ui *UI) RegisterOTP(w http.ResponseWriter, req *http.Request)
- func (ui *UI) Routes(router *mux.Router)
- func (ui *UI) Serve(router *mux.Router)
- func (ui *UI) ServeUI(w http.ResponseWriter, r *http.Request)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type OtpToken ¶
type OtpToken struct {
Token string `json:"token,omitempty"`
Secret string `json:"secret,omitempty"`
}
OtpToken reprensent the One Time Password token AND secret
type UI ¶
type UI struct {
// contains filtered or unexported fields
}
UI is the interface/struct for the web server (excluding the APIs)
func New ¶
func New() *UI
New return a new UI struct. It's already set up and have create a new *local* api.
func (*UI) GenerateOTPSecret ¶
func (ui *UI) GenerateOTPSecret(w http.ResponseWriter, req *http.Request)
GenerateOTPSecret generates a new secrets (80 bit base32 encoded) FIXME: Shouldn't this only be done client side ? Maybe dont trust client side crypto ? idk
func (*UI) HandleIndex ¶
func (ui *UI) HandleIndex(w http.ResponseWriter, req *http.Request)
HandleIndex differenciate request to be able to send the correct response If there is no subdomain, send the user interface (React app) Else, return the payload (if it exist, otherwise 404)
func (*UI) HandlePayloadByID ¶
func (ui *UI) HandlePayloadByID(w http.ResponseWriter, req *http.Request)
HandlePayloadByID Serve payload by its ID (used only in subpath)
func (*UI) LoggingMiddleware ¶
LoggingMiddleware print all the http requests done by the application on a standard format
func (*UI) Login ¶
func (ui *UI) Login(w http.ResponseWriter, req *http.Request)
Login is the http handler function for user login
func (*UI) Logout ¶
func (ui *UI) Logout(w http.ResponseWriter, r *http.Request)
Logout is the http handler function. Login out with JWT is a bit tricky since there is no real way of invalidating a JWT. We might want to add blacklisting but it's overkill for this usage IMO There MUST be an enforcement in the validity duration of each token tho.
func (*UI) RegisterOTP ¶
func (ui *UI) RegisterOTP(w http.ResponseWriter, req *http.Request)
RegisterOTP recieve a new shared secret for TOTP and saves it for a given user
func (*UI) Routes ¶
Routes defines the non-api routes (User interface and Payload serving using path)
Source Files