user

package
v0.0.13 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 1, 2022 License: BSD-2-Clause Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInviteOnly = errors.New(
		"behaivoural setting is set to only accept invited members",
	)
	ErrTokenGenTimeout         = errors.New("could not generate a token within given cycles")
	ErrEntityAlreadyExists     = errors.New("entity already exists in system")
	ErrTokenExpired            = errors.New("supplied token has expired")
	ErrEntityInvalidTransition = errors.New("entity does not support transition")
	ErrPasswordGuidelines      = errors.New("password doesnt match password guidlines")
)
View Source 
var (
	ErrEntityDoesNotExist       = errors.New("entity does not exist")
	ErrEntityOperationForbidden = errors.New("entity does not support operation")
	ErrInvalidCredentials       = errors.New("invalid credentials")
	ErrMFARequired              = errors.New("entity requires mfa")
	ErrInvalidOTP               = errors.New(
		"supplied one time password was not correct or already consumed",
	)
)

Functions

This section is empty.

Types

type Dispatcher 

type Dispatcher interface {
	Dispatch(event events.Event)
}

type LoginStorer 

type LoginStorer interface {
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func New 

func New(store *db.DataStore,
	logger *zap.Logger,
	cfg *config.Configuration,
	mailer *mailing.Mailer,
	dispatcher Dispatcher,
	manager *manage.UserService) *Service

func (*Service) ChangeEmail 

func (g *Service) ChangeEmail(ctx context.Context, id uuid.UUID, email string) error

ChangeEmail changes the users email address, this will not trigger a reconfirm, be vary of that

func (*Service) ChangePassword 

func (g *Service) ChangePassword(ctx context.Context, id uuid.UUID, password string) error

ChangePassword sets a new password for the supplied user id

func (*Service) ConfirmUser 

func (g *Service) ConfirmUser(ctx context.Context, token string) error

ConfirmUser confirms a user account with the supplied token

func (*Service) DisableMFA 

func (g *Service) DisableMFA(ctx context.Context, userID uuid.UUID) error

DisableMFA disables multi factor for a user IF the user has multifactor enabled

func (*Service) EmailToID 

func (g *Service) EmailToID(ctx context.Context, email string) (uuid.UUID, bool)

func (*Service) EnableMFA 

func (g *Service) EnableMFA(ctx context.Context, userID uuid.UUID, secret string) (string, error)

EnableMFA enables multi factor auth for a user, this should only be called after ProvisionMFA it returns a recovery code which the user should note in case of device loss to still access his account

func (*Service) InRole 

func (g *Service) InRole(ctx context.Context, id uuid.UUID, role string) bool

InRole check if given user id is in role

func (*Service) InviteUser 

func (g *Service) InviteUser(ctx context.Context, email string) error

InviteUser is a user initiaized invite without roles and apps

func (*Service) IsMFAEnabled 

func (g *Service) IsMFAEnabled(ctx context.Context, userID uuid.UUID) bool

IsMFAEnabled check if user has mfa enabled

func (*Service) ProvisionMFA 

func (g *Service) ProvisionMFA(ctx context.Context, userID uuid.UUID) (string, string, error)

ProvisionMFA returns a new secret and a otpauth:// url if success

func (*Service) RecoverPassword 

func (g *Service) RecoverPassword(
	ctx context.Context,
	email string,
	token string,
) (uuid.UUID, error)

RecoverPassword is used to reset the password from the token obtained from the recovery mail

func (*Service) RegisterFromInvite 

func (g *Service) RegisterFromInvite(
	ctx context.Context,
	email string,
	password string,
	phone *string,
	inviteCode string,
) (uuid.UUID, error)

RegisterFromInvite registers a user from an invite, which means the user will automatically be granted roles and application permissions from the invite

func (*Service) RegisterUser 

func (g *Service) RegisterUser(
	ctx context.Context,
	email string,
	password string,
	phone *string,
) (uuid.UUID, error)

RegisterUser registers a user from user supplied data

func (*Service) TriggerPasswordRecovery 

func (g *Service) TriggerPasswordRecovery(ctx context.Context, id uuid.UUID) error

TriggerPasswordRecovery takes all step necassary to recover a user password if successful it will send a email to the user

type SignedInUser 

type SignedInUser struct {
	UserID uuid.UUID
	Email  string
	Roles  []string
}

type SigninService 

type SigninService struct {
	// contains filtered or unexported fields
}

func NewSignInService 

func NewSignInService(store *db.DataStore,
	log *zap.Logger,
	cfg *config.BehaviourConfiguration,
	dispatcher Dispatcher,
	userLocker UserLocker) *SigninService

func (*SigninService) CanLogin 

func (g *SigninService) CanLogin(ctx context.Context, userID uuid.UUID) (bool, error)

CanLogin checks if a user is eligble to login (not lockedout, not banned, not unconfirmed)

func (*SigninService) InitializeMFA 

func (g *SigninService) InitializeMFA(ctx context.Context, email string) error

InitializeMFA marks a otp as pending

func (*SigninService) SignIn 

func (g *SigninService) SignIn(
	ctx context.Context,
	email string,
	password string,
) (*SignedInUser, error)

SignIn signs in a user with the supplied credentials

func (*SigninService) SignInByIDFromToken 

func (g *SigninService) SignInByIDFromToken(
	ctx context.Context,
	userID uuid.UUID,
	tokenType string,
) (*SignedInUser, error)

SignInByIDFromToken creates a signed in user after the supplied token type has been validated - do not use this without validating the token before!

func (*SigninService) SignInMFA 

func (g *SigninService) SignInMFA(
	ctx context.Context,
	email string,
	password string,
	otp string,
) (*SignedInUser, error)

SignInMFA signs in the user with the credentials and the OTP

func (*SigninService) UserFromSubject 

func (g *SigninService) UserFromSubject(
	ctx context.Context,
	userID uuid.UUID,
) (*SignedInUser, error)

UserFromSubject returns a user by id, this should be only used in special cases

func (*SigninService) Validate 

func (g *SigninService) Validate(ctx context.Context, id uuid.UUID, password string) error

Validate validates a password, this is used for user settings which require reentering the password to change those things this method is exclusively only to be used for this not any other things as it doesnt increase lockout counts and check MFA settings

type UserLocker 

type UserLocker interface {
	LockUser(ctx context.Context, id uuid.UUID, until time.Time) error
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.