authentication

package

v1.9.6 Latest Latest Go to latest Published: Dec 18, 2024 License: AGPL-3.0 Imports: 13 Imported by: 0

Details

View Source

const CookieOauth = "state"

CookieOauth is the cookie name used for login

View Source

const Disabled = 3

Disabled authentication ignores all internal authentication procedures. A reverse proxy needs to restrict access

View Source

const Header = 2

Header authentication relies on a header from a reverse proxy to parse the username

View Source

const Internal = 0

Internal authentication method uses a user / password combination handled by Gokapi

View Source

const OAuth2 = 1

OAuth2 authentication retrieves the users email with Open Connect ID

This section is empty.

func CheckOauthUserAndRedirect(userInfo OAuthUserInfo, w http.ResponseWriter) error

CheckOauthUserAndRedirect checks if the user is allowed to use the Gokapi instance

func Init(config models.AuthenticationConfig)

Init needs to be called first to process the authentication configuration

func IsAuthenticated(w http.ResponseWriter, r *http.Request) bool

IsAuthenticated returns true if the user provides a valid authentication

func IsCorrectUsernameAndPassword(username, password string) bool

IsCorrectUsernameAndPassword checks if a provided username and password is correct

func IsEqualStringConstantTime(s1, s2 string) bool

IsEqualStringConstantTime uses ConstantTimeCompare to prevent timing attack.

func IsLogoutAvailable() bool

IsLogoutAvailable returns true if a logout button should be shown with the current form of authentication

func Logout(w http.ResponseWriter, r *http.Request)

Logout logs the user out and removes the session

type OAuthUserClaims interface {
	Claims(v interface{}) error
}

OAuthUserClaims contains the claims

type OAuthUserInfo struct {
	Subject    string
	Email      string
	ClaimsSent OAuthUserClaims
}

OAuthUserInfo is used to make testing easier. This results in an additional parameter for the subject unfortunately

Path	Synopsis
oauth
sessionmanager