Documentation ¶
Overview ¶
Package database manages database connections and ORM integration.
Index ¶
- Constants
- Variables
- func IsNotFound(err error) bool
- func NewTestDatabaseWithConfig(tb testing.TB) (*Database, *Config)
- type APIUserType
- type AuthorizedApp
- func (a *AuthorizedApp) BeforeSave(tx *gorm.DB) error
- func (a *AuthorizedApp) Disable(db *Database) error
- func (a *AuthorizedApp) Enable(db *Database) error
- func (a *AuthorizedApp) IsAdminType() bool
- func (a *AuthorizedApp) IsDeviceType() bool
- func (a *AuthorizedApp) Realm(db *Database) (*Realm, error)
- func (AuthorizedApp) TableName() string
- func (a *AuthorizedApp) UsageSummary(db *Database) (*AuthorizedAppStatsSummary, error)
- type AuthorizedAppStats
- type AuthorizedAppStatsSummary
- type CleanupStatus
- type Config
- type Database
- func (db *Database) ClaimCleanup(current *CleanupStatus, lockTime time.Duration) (*CleanupStatus, error)
- func (db *Database) ClaimToken(realmID uint, tokenID string, subject *Subject) error
- func (db *Database) Close() error
- func (db *Database) CreateCleanup(cType string) (*CleanupStatus, error)
- func (db *Database) CreateRealm(name string) (*Realm, error)
- func (db *Database) DeleteSMSConfig(s *SMSConfig) error
- func (db *Database) DeleteVerificationCode(code string) error
- func (db *Database) FindAuthorizedAppByAPIKey(apiKey string) (*AuthorizedApp, error)
- func (db *Database) FindCleanupStatus(cType string) (*CleanupStatus, error)
- func (db *Database) FindTokenByID(tokenID string) (*Token, error)
- func (db *Database) FindUser(id interface{}) (*User, error)
- func (db *Database) FindUserByEmail(email string) (*User, error)
- func (db *Database) FindVerificationCode(code string) (*VerificationCode, error)
- func (db *Database) FindVerificationCodeByUUID(uuid string) (*VerificationCode, error)
- func (db *Database) GenerateAPIKey(realmID uint) (string, error)
- func (db *Database) GenerateAPIKeySignature(key string) ([]byte, error)
- func (db *Database) GetAuthorizedAppStats(a *AuthorizedApp, r *Realm, t time.Time) (*AuthorizedAppStats, error)
- func (db *Database) GetAuthorizedAppStatsSummary(a *AuthorizedApp, r *Realm) (*AuthorizedAppStatsSummary, error)
- func (db *Database) GetRealm(realmID uint) (*Realm, error)
- func (db *Database) GetRealmByName(name string) (*Realm, error)
- func (db *Database) GetRealms() ([]*Realm, error)
- func (db *Database) GetUserStats(u *User, r *Realm, t time.Time) (*UserStats, error)
- func (db *Database) GetUserStatsSummary(u *User, r *Realm) (*UserStatsSummary, error)
- func (db *Database) MigrateTo(ctx context.Context, target string, rollback bool) error
- func (db *Database) Open(ctx context.Context) error
- func (db *Database) Ping(ctx context.Context) error
- func (db *Database) PurgeTokens(maxAge time.Duration) (int64, error)
- func (db *Database) PurgeVerificationCodes(maxAge time.Duration) (int64, error)
- func (db *Database) RunMigrations(ctx context.Context) error
- func (db *Database) SaveAuthorizedApp(r *AuthorizedApp) error
- func (db *Database) SaveRealm(r *Realm) error
- func (db *Database) SaveSMSConfig(s *SMSConfig) error
- func (db *Database) SaveUser(u *User) error
- func (db *Database) SaveVerificationCode(vc *VerificationCode, maxAge time.Duration) error
- func (db *Database) UpdateAuthorizedAppStats() error
- func (db *Database) UpdateUserStats() error
- func (db *Database) VerifyAPIKeySignature(key string) (string, uint, error)
- func (db *Database) VerifyCodeAndIssueToken(realmID uint, verCode string, acceptTypes api.AcceptTypes, ...) (*Token, error)
- type DurationSeconds
- type Errorable
- type Realm
- func (r *Realm) BeforeSave(tx *gorm.DB) error
- func (r *Realm) BuildSMSText(code, longCode string) string
- func (r *Realm) CreateAuthorizedApp(db *Database, app *AuthorizedApp) (string, error)
- func (r *Realm) FindAuthorizedApp(db *Database, id interface{}) (*AuthorizedApp, error)
- func (r *Realm) FindUser(db *Database, id interface{}) (*User, error)
- func (r *Realm) GetCodeDurationMinutes() int
- func (r *Realm) GetLongCodeDurationHours() int
- func (r *Realm) HasSMSConfig(db *Database) (bool, error)
- func (r *Realm) ListAuthorizedApps(db *Database) ([]*AuthorizedApp, error)
- func (r *Realm) ListUsers(db *Database) ([]*User, error)
- func (r *Realm) SMSConfig(db *Database) (*SMSConfig, error)
- func (r *Realm) SMSProvider(db *Database) (sms.Provider, error)
- func (r *Realm) ValidTestType(typ string) bool
- type SMSConfig
- type Subject
- type TestType
- type Token
- type User
- func (u *User) AddRealm(realm *Realm)
- func (u *User) AddRealmAdmin(realm *Realm)
- func (u *User) BeforeSave(tx *gorm.DB) error
- func (u *User) CanAdminRealm(realmID uint) bool
- func (u *User) CanViewRealm(realmID uint) bool
- func (u *User) GetRealm(realmID uint) *Realm
- func (u *User) RemoveRealm(realm *Realm)
- func (u *User) RemoveRealmAdmin(realm *Realm)
- type UserStats
- type UserStatsSummary
- type VerificationCode
Constants ¶
const ( SMSRegion = "[region]" SMSCode = "[code]" SMSExpires = "[expires]" SMSLongCode = "[longcode]" SMSLongExpires = "[longexpires]" )
const (
// MinCodeLength defines the minimum number of digits in a code.
MinCodeLength = 6
)
Variables ¶
var ( ErrVerificationCodeNotFound = errors.New("verification code not found") ErrVerificationCodeExpired = errors.New("verification code expired") ErrVerificationCodeUsed = errors.New("verification code used") ErrTokenExpired = errors.New("verification token expired") ErrTokenUsed = errors.New("verification token used") ErrTokenMetadataMismatch = errors.New("verification token test metadata mismatch") ErrUnsupportedTestType = errors.New("verification code has unsupported test type") )
var ( // ValidTestTypes is a map containing the valid test types. ValidTestTypes = map[string]struct{}{ "confirmed": {}, "likely": {}, "negative": {}, } ErrInvalidTestType = errors.New("invalid test type, must be confirmed, likely, or negative") ErrCodeAlreadyExpired = errors.New("code already expired") ErrCodeTooShort = errors.New("verification code must be at least 6 digits") ErrTestTooOld = errors.New("test date is more than 14 day ago") )
var CleanupName = "cleanup"
var (
ErrCleanupWrongGeneration = errors.New("cleanup wrong generation")
)
Functions ¶
func IsNotFound ¶ added in v0.3.0
IsNotFound determines if an error is a record not found.
func NewTestDatabaseWithConfig ¶
NewTestDatabaseWithConfig creates a new database suitable for use in testing. This should not be used outside of testing, but it is exposed in the main package so it can be shared with other packages.
All database tests can be skipped by running `go test -short` or by setting the `SKIP_DATABASE_TESTS` environment variable.
Types ¶
type APIUserType ¶
type APIUserType int
const ( APIUserTypeDevice APIUserType = 0 APIUserTypeAdmin APIUserType = 1 )
type AuthorizedApp ¶
type AuthorizedApp struct { gorm.Model Errorable // AuthorizedApps belong to exactly one realm. RealmID uint `gorm:"unique_index:realm_apikey_name"` // Name is the name of the authorized app. Name string `gorm:"type:varchar(100);unique_index:realm_apikey_name"` // APIKeyPreview is the first few characters of the API key for display // purposes. This can help admins in the UI when determining which API key is // in use. APIKeyPreview string `gorm:"type:varchar(32)"` // APIKey is the HMACed API key. APIKey string `gorm:"type:varchar(512);unique_index"` // APIKeyType s the API key type. APIKeyType APIUserType `gorm:"default:0"` }
AuthorizedApp represents an application that is authorized to verify verification codes and perform token exchanges. This is controlled via a generated API key.
Admin Keys are able to issue diagnosis keys and are not able to perticipate the verification protocol.
func (*AuthorizedApp) BeforeSave ¶ added in v0.4.0
func (a *AuthorizedApp) BeforeSave(tx *gorm.DB) error
BeforeSave runs validations. If there are errors, the save fails.
func (*AuthorizedApp) Disable ¶ added in v0.4.0
func (a *AuthorizedApp) Disable(db *Database) error
Disable disables the authorized app.
func (*AuthorizedApp) Enable ¶ added in v0.4.0
func (a *AuthorizedApp) Enable(db *Database) error
Enable enables the authorized app.
func (*AuthorizedApp) IsAdminType ¶
func (a *AuthorizedApp) IsAdminType() bool
func (*AuthorizedApp) IsDeviceType ¶
func (a *AuthorizedApp) IsDeviceType() bool
func (*AuthorizedApp) Realm ¶
func (a *AuthorizedApp) Realm(db *Database) (*Realm, error)
Realm returns the associated realm for this app.
func (AuthorizedApp) TableName ¶
func (AuthorizedApp) TableName() string
TableName definition for the authorized apps relation.
func (*AuthorizedApp) UsageSummary ¶ added in v0.3.0
func (a *AuthorizedApp) UsageSummary(db *Database) (*AuthorizedAppStatsSummary, error)
UsageSummary returns the usage summary for the authorized app (api key) over a 1d, 7d, and 30d period. This is expensive so callers should consider caching the value.
type AuthorizedAppStats ¶ added in v0.3.0
type AuthorizedAppStats struct { gorm.Model Date time.Time `gorm:"unique_index:idx_date_app_realm"` AuthorizedAppID uint `gorm:"unique_index:idx_date_app_realm"` RealmID uint `gorm:"unique_index:idx_date_app_realm"` CodesIssued uint64 }
AuthorizedAppStats represents statistics related to a user in the database.
func (AuthorizedAppStats) TableName ¶ added in v0.3.0
func (AuthorizedAppStats) TableName() string
TableName sets the AuthorizedAppStats table name
type AuthorizedAppStatsSummary ¶ added in v0.3.0
type AuthorizedAppStatsSummary struct { AuthorizedApp *AuthorizedApp Realm *Realm CodesIssued1d uint64 CodesIssued7d uint64 CodesIssued30d uint64 }
type CleanupStatus ¶
type CleanupStatus struct { gorm.Model Type string `gorm:"type:varchar(50);unique_index"` Generation uint NotBefore time.Time }
func (CleanupStatus) TableName ¶
func (CleanupStatus) TableName() string
TableName sets the CleanupStatus table name
type Config ¶
type Config struct { Name string `env:"DB_NAME" json:",omitempty"` User string `env:"DB_USER" json:",omitempty"` Host string `env:"DB_HOST, default=localhost" json:",omitempty"` Port string `env:"DB_PORT, default=5432" json:",omitempty"` SSLMode string `env:"DB_SSLMODE, default=require" json:",omitempty"` ConnectionTimeout uint `env:"DB_CONNECT_TIMEOUT" json:",omitempty"` Password string `env:"DB_PASSWORD" json:"-"` // ignored by zap's JSON formatter SSLCertPath string `env:"DB_SSLCERT" json:",omitempty"` SSLKeyPath string `env:"DB_SSLKEY" json:",omitempty"` SSLRootCertPath string `env:"DB_SSLROOTCERT" json:",omitempty"` // Debug is a boolean that indicates whether the database should log SQL // commands. Debug bool `env:"DB_DEBUG,default=false"` // CacheTTL is the amount of time to cache values. This is enabled on a // per-query basis. Not all query results are cached. CacheTTL time.Duration `env:"DB_CACHE_TTL, default=5m" json:",omitempty"` // Keys is the key management configuration. This is used to resolve values // that are encrypted via a KMS. Keys keys.Config // EncryptionKey is the reference to an encryption/decryption key to use when // for application-layer encryption before values are persisted to the // database. EncryptionKey string `env:"DB_ENCRYPTION_KEY,required"` // APIKeyDatabaseHMAC is the HMAC key to use for API keys before storing them // in the database. APIKeyDatabaseHMAC envconfig.Base64Bytes `env:"DB_APIKEY_DATABASE_KEY,required" json:"-"` // APIKeySignatureHMAC is the HMAC key to sign API keys before returning them // to the requestor. APIKeySignatureHMAC envconfig.Base64Bytes `env:"DB_APIKEY_SIGNATURE_KEY,required" json:"-"` // Secrets is the secret configuration. This is used to resolve values that // are actually pointers to secrets before returning them to the caller. The // table implementation is the source of truth for which values are secrets // and which are plaintext. Secrets secrets.Config }
Config represents the env var based configuration for database connections.
func (*Config) ConnectionString ¶
ConnectionString returns the postgresql connection string based on this config.
While this package could be adapted to different databases easily, this file and method in particular would need to change.
type Database ¶
type Database struct {
// contains filtered or unexported fields
}
Database is a handle to the database layer for the Exposure Notifications Verification Server.
func NewTestDatabase ¶
func (*Database) ClaimCleanup ¶
func (db *Database) ClaimCleanup(current *CleanupStatus, lockTime time.Duration) (*CleanupStatus, error)
ClaimCleanup attempts to obtain a lock for the specified `lockTime` so that that type of cleanup can be perofmed exclusively by the owner.
func (*Database) ClaimToken ¶
ClaimToken looks up the token by ID, verifies that it is not expired and that the specified subject matches the parameters that were configured when issued.
func (*Database) Close ¶
Close will close the database connection. Should be deferred right after Open.
func (*Database) CreateCleanup ¶
func (db *Database) CreateCleanup(cType string) (*CleanupStatus, error)
CreateCleanup is used to create a new 'cleanup' type/row in the database.
func (*Database) DeleteSMSConfig ¶
DeleteSMSConfig removes an SMS configuration record.
func (*Database) DeleteVerificationCode ¶
DeleteVerificationCode deletes the code if it exists. This is a hard delete.
func (*Database) FindAuthorizedAppByAPIKey ¶
func (db *Database) FindAuthorizedAppByAPIKey(apiKey string) (*AuthorizedApp, error)
FindAuthorizedAppByAPIKey located an authorized app based on API key. If no app exists for the given API key, it returns nil.
func (*Database) FindCleanupStatus ¶
func (db *Database) FindCleanupStatus(cType string) (*CleanupStatus, error)
FindCleanupStatus looks up the current cleanup state in the database by cleanup type.
func (*Database) FindUser ¶
FindUser finds a user by the given id, if one exists. The id can be a string or integer value. It returns an error if the record is not found.
func (*Database) FindUserByEmail ¶ added in v0.4.0
FindUserByEmail reads back a User struct by email address. It returns an error if the record is not found.
func (*Database) FindVerificationCode ¶
func (db *Database) FindVerificationCode(code string) (*VerificationCode, error)
FindVerificationCode find a verification code by the code number (can be short code or long code).
func (*Database) FindVerificationCodeByUUID ¶ added in v0.4.0
func (db *Database) FindVerificationCodeByUUID(uuid string) (*VerificationCode, error)
FindVerificationCodeByUUID find a verification codes by UUID.
func (*Database) GenerateAPIKey ¶ added in v0.3.0
GenerateAPIKey generates a new API key that is bound to the given realm. This API key is NOT stored in the database. API keys are of the format:
key:realmID:hex(hmac)
func (*Database) GenerateAPIKeySignature ¶ added in v0.3.0
GenerateAPIKeySignature signs the given API key using an HMAC shared secret.
func (*Database) GetAuthorizedAppStats ¶ added in v0.3.0
func (db *Database) GetAuthorizedAppStats(a *AuthorizedApp, r *Realm, t time.Time) (*AuthorizedAppStats, error)
func (*Database) GetAuthorizedAppStatsSummary ¶ added in v0.3.0
func (db *Database) GetAuthorizedAppStatsSummary(a *AuthorizedApp, r *Realm) (*AuthorizedAppStatsSummary, error)
func (*Database) GetUserStats ¶ added in v0.3.0
func (*Database) GetUserStatsSummary ¶ added in v0.3.0
func (db *Database) GetUserStatsSummary(u *User, r *Realm) (*UserStatsSummary, error)
func (*Database) Open ¶ added in v0.4.0
Open creates a database connection. This should only be called once.
func (*Database) PurgeTokens ¶
PurgeTokens will delete tokens that have expired since at least the provided maxAge ago. This is a hard delete, not a soft delete.
func (*Database) PurgeVerificationCodes ¶
PurgeVerificationCodes will delete verifications that have expired since at least the provided maxAge ago. This is a hard delete, not a soft delete.
func (*Database) RunMigrations ¶
RunMigrations will apply sequential, transactional migrations to the database
func (*Database) SaveAuthorizedApp ¶ added in v0.3.0
func (db *Database) SaveAuthorizedApp(r *AuthorizedApp) error
SaveAuthorizedApp saves the authorized app.
func (*Database) SaveSMSConfig ¶
SaveSMSConfig creates or updates an SMS configuration record.
func (*Database) SaveVerificationCode ¶
func (db *Database) SaveVerificationCode(vc *VerificationCode, maxAge time.Duration) error
SaveVerificationCode created or updates a verification code in the database. Max age represents the maximum age of the test date [optional] in the record.
func (*Database) UpdateAuthorizedAppStats ¶ added in v0.3.0
func (*Database) UpdateUserStats ¶ added in v0.3.0
func (*Database) VerifyAPIKeySignature ¶ added in v0.3.0
VerifyAPIKeySignature verifies the signature matches the expected value for the key. It does this by computing the expected signature and then doing a constant-time comparison against the provided signature.
func (*Database) VerifyCodeAndIssueToken ¶
func (db *Database) VerifyCodeAndIssueToken(realmID uint, verCode string, acceptTypes api.AcceptTypes, expireAfter time.Duration) (*Token, error)
VerifyCodeAndIssueToken takes a previously issed verification code and exchanges it for a long term token. The verification code must not have expired and must not have been previously used. Both acctions are done in a single database transaction. The verCode can be the "short code" or the "long code" which impacts expiry time.
The long term token can be used later to sign keys when they are submitted.
type DurationSeconds ¶ added in v0.4.0
DurationSeconds is a custom type for writing and reating a time.Duration to be stored as seconds in the database.
func (*DurationSeconds) Scan ¶ added in v0.4.0
func (d *DurationSeconds) Scan(src interface{}) error
Scan takes a int64 value in seconds and converts that to a time.Duration
type Errorable ¶ added in v0.4.0
type Errorable struct {
// contains filtered or unexported fields
}
Errorable defines an embeddable struct for managing errors on models.
func (*Errorable) ErrorMessages ¶ added in v0.4.0
ErrorMessages returns the list of error messages.
type Realm ¶
type Realm struct { gorm.Model Errorable // Name is the name of the realm. Name string `gorm:"type:varchar(200);unique_index"` // Code configuration RegionCode string `gorm:"type:varchar(5); not null; default: ''"` CodeLength uint `gorm:"type:smallint; not null; default: 8"` CodeDuration DurationSeconds `gorm:"type:bigint; not null; default: 900"` // default 15m (in seconds) LongCodeLength uint `gorm:"type:smallint; not null; default: 16"` LongCodeDuration DurationSeconds `gorm:"type:bigint; not null; default: 86400"` // default 24h // SMS Content SMSTextTemplate string `` /* 164-byte string literal not displayed */ // AllowedTestTypes is the type of tests that this realm permits. The default // value is to allow all test types. AllowedTestTypes TestType `gorm:"type:smallint; not null; default: 14"` // These are here for gorm to setup the association. You should NOT call them // directly, ever. Use the ListUsers function instead. The have to be public // for reflection. RealmUsers []*User `` /* 132-byte string literal not displayed */ RealmAdmins []*User `` /* 133-byte string literal not displayed */ // Relations to items that belong to a realm. Codes []*VerificationCode `gorm:"PRELOAD:false; SAVE_ASSOCIATIONS:false; ASSOCIATION_AUTOUPDATE:false, ASSOCIATION_SAVE_REFERENCE:false"` Tokens []*Token `gorm:"PRELOAD:false; SAVE_ASSOCIATIONS:false; ASSOCIATION_AUTOUPDATE:false, ASSOCIATION_SAVE_REFERENCE:false"` }
Realm represents a tenant in the system. Typically this corresponds to a geography or a public health authority scope. This is used to manage user logins.
func NewRealmWithDefaults ¶ added in v0.4.0
NewRealmWithDefaults initializes a new Realm with the default settings populated, and the provided name. It does NOT save the Realm to the database.
func (*Realm) BeforeSave ¶ added in v0.4.0
BeforeSave runs validations. If there are errors, the save fails.
func (*Realm) BuildSMSText ¶ added in v0.4.0
BuildSMSText replaces certain strings with the right values.
func (*Realm) CreateAuthorizedApp ¶ added in v0.4.0
func (r *Realm) CreateAuthorizedApp(db *Database, app *AuthorizedApp) (string, error)
CreateAuthorizedApp generates a new API key and assigns it to the specified app. Note that the API key is NOT stored in the database, only a hash. The only time the API key is available is as the string return parameter from invoking this function.
func (*Realm) FindAuthorizedApp ¶ added in v0.3.0
func (r *Realm) FindAuthorizedApp(db *Database, id interface{}) (*AuthorizedApp, error)
FindAuthorizedApp finds the authorized app by the given id associated to the realm.
func (*Realm) GetCodeDurationMinutes ¶ added in v0.4.0
GetCodeDurationMinutes is a helper for the HTML rendering to get a round minutes value.
func (*Realm) GetLongCodeDurationHours ¶ added in v0.4.0
GetLongCodeDurationHours is a helper for the HTML rendering to get a round hours value.
func (*Realm) HasSMSConfig ¶ added in v0.3.0
HasSMSConfig returns true if the realm has an SMS config, false otherwise. This does not perform the KMS encryption/decryption, so it's more efficient that loading the full SMS config.
func (*Realm) ListAuthorizedApps ¶ added in v0.4.0
func (r *Realm) ListAuthorizedApps(db *Database) ([]*AuthorizedApp, error)
ListAuthorizedApps gets all the authorized apps for the realm.
func (*Realm) SMSProvider ¶ added in v0.3.0
SMSProvider returns the SMS provider for the realm. If no sms configuration exists, it returns nil. If any errors occur creating the provider, they are returned.
func (*Realm) ValidTestType ¶ added in v0.4.0
ValidTestType returns true if the given test type string is valid for this realm, false otherwise.
type SMSConfig ¶
type SMSConfig struct { gorm.Model Errorable // SMS Config belongs to exactly one realm. RealmID uint `gorm:"unique_index"` // ProviderType is the SMS provider type - it's used to determine the // underlying configuration. ProviderType sms.ProviderType `gorm:"type:varchar(100)"` // Twilio configuration options. TwilioAccountSid string `gorm:"type:varchar(250)"` TwilioFromNumber string `gorm:"type:varchar(16)"` // TwilioAuthToken is encrypted/decrypted automatically by callbacks. The // cache fields exist as optimizations. TwilioAuthToken string `gorm:"type:varchar(250)" json:"-"` TwilioAuthTokenPlaintextCache string `gorm:"-" json:"-"` TwilioAuthTokenCiphertextCache string `gorm:"-" json:"-"` }
SMSConfig represents and SMS configuration.
type Subject ¶
Subject represents the data that is used in the 'sub' field of the token JWT.
func ParseSubject ¶
func (*Subject) SymptomInterval ¶
type TestType ¶ added in v0.4.0
type TestType int16
TestType is a test type in the database.
const ( TestTypeConfirmed TestType TestTypeLikely TestTypeNegative )
type Token ¶
type Token struct { gorm.Model // Tokens belong to one realm. RealmID uint TokenID string `gorm:"type:varchar(200); unique_index"` TestType string `gorm:"type:varchar(20)"` SymptomDate *time.Time Used bool `gorm:"default:false"` ExpiresAt time.Time }
Token represents an issued "long term" from a validated verification code.
func (*Token) FormatSymptomDate ¶
FormatSymptomDate returns YYYY-MM-DD formatted test date, or "" if nil.
type User ¶
type User struct { gorm.Model Errorable Email string `gorm:"type:varchar(250);unique_index"` Name string `gorm:"type:varchar(100)"` Admin bool `gorm:"default:false"` LastRevokeCheck time.Time Realms []*Realm `gorm:"many2many:user_realms"` AdminRealms []*Realm `gorm:"many2many:admin_realms"` }
User represents a user of the system
func (*User) AddRealmAdmin ¶ added in v0.4.0
AddRealmAdmin adds the user to the realm as an admin.
func (*User) BeforeSave ¶ added in v0.4.0
BeforeSave runs validations. If there are errors, the save fails.
func (*User) CanAdminRealm ¶
func (*User) CanViewRealm ¶
func (*User) RemoveRealm ¶ added in v0.4.0
RemoveRealm removes the user from the realm. It also removes the user as an admin of that realm. You must save the user to persist the changes.
func (*User) RemoveRealmAdmin ¶ added in v0.4.0
RemoveRealmAdmin removes the user from the realm. You must save the user to persist the changes.
type UserStats ¶ added in v0.3.0
type UserStats struct { gorm.Model Date time.Time `gorm:"unique_index:idx_date_user_realm"` UserID uint `gorm:"unique_index:idx_date_user_realm"` RealmID uint `gorm:"unique_index:idx_date_user_realm"` CodesIssued uint64 }
UserStats represents statistics related to a user in the database.
type UserStatsSummary ¶ added in v0.3.0
type VerificationCode ¶
type VerificationCode struct { gorm.Model RealmID uint // VerificationCodes belong to exactly one realm when issued. Code string `gorm:"type:varchar(20);unique_index"` LongCode string `gorm:"type:varchar(20);unique_index"` UUID string `gorm:"type:uuid;unique_index;default:null"` Claimed bool `gorm:"default:false"` TestType string `gorm:"type:varchar(20)"` SymptomDate *time.Time ExpiresAt time.Time LongExpiresAt time.Time IssuingUserID int IssuingUser *User IssuingAppID int IssuingApp *AuthorizedApp }
VerificationCode represents a verification code in the database.
func (*VerificationCode) FormatSymptomDate ¶
func (v *VerificationCode) FormatSymptomDate() string
FormatSymptomDate returns YYYY-MM-DD formatted test date, or "" if nil.
func (*VerificationCode) IsCodeExpired ¶ added in v0.4.0
func (v *VerificationCode) IsCodeExpired(code string) bool
IsCodeExpired checks to see if the actual code provides is the short or long code and deteriminies if it is expired based on that.
func (*VerificationCode) IsExpired ¶
func (v *VerificationCode) IsExpired() bool
IsExpired returns true if a verification code has expired.
func (VerificationCode) TableName ¶
func (VerificationCode) TableName() string
TableName sets the VerificationCode table name