fort

package module
v0.0.0-...-858afe4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 27, 2022 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source
const SKIP_TOTP_LOGIN = 654 // 0

Variables

View Source
var (
	GuardNameAlreadyExists = errors.New("guard already exists")
	GuardNotFound          = errors.New("guard not found")
	InvalidCredentials     = errors.New("invalid credentials")
	InvalidPassword        = errors.New("invalid password")
	HandlerNotAllowed      = errors.New("handler not allowed")
	EmptyHandler           = errors.New("handler has no value")

	Collision = errors.New("collision, too many records")

	IncorrectCredentials = errors.New("incorrect credentials")

	InvalidUserId = errors.New("invalid user id")

	MustValidateTOTP = errors.New("user must validate TOTP first")

	InvalidTOTPLogin  = errors.New("invalid TOTP login request")
	IncorrectTOTPCode = errors.New("incorrect TOTP code")

	TOTPLoginDisabled = errors.New("TOTP login is disabled")

	NotRefreshable = errors.New("refresh token disabled")

	InvalidAccessToken = errors.New("invalid access token")

	RefreshTokenExpired = errors.New("refresh token expired")

	RefreshTokenRevoked = errors.New("refresh token revoked")
)

Functions

This section is empty.

Types

type Auth

type Auth struct {
	Guard     string `json:"guard"`
	UserTable string `json:"user_table"`
	UserId    any    `json:"user_id"`

	UserStateHash string `json:"user_state_hash"`

	UniqueToken        string  `json:"unique_token"`         // plain, acts like primary key
	HashedRefreshToken *string `json:"hashed_refresh_token"` // one-way hash, null = un-refreshable

	UserAgent *string
	IPAddress *string

	ExpiresAt time.Time

	CreatedAt      time.Time
	UpdatedAt      *time.Time
	RevokedAt      *time.Time
	LastActivityAt time.Time // at init, = CreatedAt
}

type Fort

type Fort interface {
	NewGuard(name string, config *GuardConfig) (Guard, error)
	GetGuard(name string) (Guard, error)
}

func New

func New() Fort

type Guard

type Guard interface {
	Login(userAgent *string, ip *string, props map[string]any, params ...int) (LoginResult, error)
	LoginTOTP(userAgent *string, ip *string, token string, code string) (LoginResult, error)

	Refresh(userAgent *string, ip *string, accessToken, refreshToken string) (LoginResult, error)
}

type GuardConfig

type GuardConfig struct {
	UserStore   Store
	AuthStore   Store
	UserIdKey   string
	UsersTable  string // users, admins, mods ...
	AuthTable   string
	GetUserInfo func(map[string]any) UserInfo

	AESSecretKey []byte

	LoginConfig *LoginConfig
	TOTPConfig  *TOTPConfig
}

type JWTConfig

type JWTConfig struct {
	SecretKey          []byte
	AccessTokenTTLMins int
	Audience           string
	Issuer             string
	Algorithm          jwt.SigningMethod
}

type JwtResult

type JwtResult struct {
	AccessToken  string
	RefreshToken *string

	AccessTokenExpiresAt  time.Time
	RefreshTokenExpiresAt *time.Time
}

type LoginConfig

type LoginConfig struct {
	AllowedHandlers         []string // username, email, mobile ...
	PasswordsHasherComparer PasswordsHasherComparer

	TOTP                        bool
	TOTPIntermediateResponseTTL time.Duration

	ExpiresAfter time.Duration
	Refreshable  bool

	JWTConfig *JWTConfig
}

type LoginResult

type LoginResult interface {
	User() map[string]any
	UserInfo() *UserInfo

	TOTPToken() (*string, error)

	JWT(additionalInfo map[string]any) (*JwtResult, error)
}

type PasswordsHasherComparer

type PasswordsHasherComparer interface {
	Hash(plainPassword string) (string, error)
	Compare(plainPassword, hash string) bool
}

type Store

type Store interface {
	GetByProps(table string, whereKeyVals map[string]any, limit int, and bool) ([]map[string]any, error)
	Insert(table string, doc map[string]any) error
	Update(table string, whereKeyVals map[string]any, limit int, and bool, newVals map[string]any) error
}

type TOTPConfig

type TOTPConfig struct {
	Now func() time.Time

	// Number of seconds a TOTP hash is valid for. Defaults to 30 seconds.
	Period uint
	// Periods before or after the current time to allow.  Value of 1 allows up to Period
	// of either side of the specified time.  Defaults to 0 allowed skews.  Values greater
	// than 1 are likely sketchy.
	Skew uint
	// Digits as part of the input. Defaults to 6.
	Digits otp.Digits
	// Algorithm to use for HMAC. Defaults to SHA1.
	Algorithm otp.Algorithm
}

type UserInfo

type UserInfo struct {
	ID          any
	DisplayName string
	Email       string
	Mobile      string
	Password    string
	Scope       string
	Roles       []string

	TOTPSecretKey string
	TOTPActive    bool
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL