Documentation ¶
Index ¶
- Constants
- Variables
- func GetStaticFilePathByFilename(filename, staticFolder string) (filepath string, err error)
- func StrongPswd(pswd string) error
- type AdminAccountSettings
- type AdminPanelHandlers
- type AppData
- type AppStorage
- type AppType
- type AppleFiles
- type AppleInfo
- type AssetHandlers
- type AuthorizationWay
- type ConfigurationStorage
- type ConfigurationStorageSettings
- type ConfigurationStorageType
- type ConfigurationWatcher
- type ContextKey
- type CorsOptions
- type DatabaseSettings
- type DatabaseType
- type EmailService
- type EmailServiceSettings
- type EmailServiceType
- type EmailTemplater
- type Error
- type ExternalServicesSettings
- type FederatedIdentityProvider
- type GeneralServerSettings
- type JWTKeys
- type KeyStorage
- type KeyStorageSettings
- type KeyStorageType
- type LoggerSettings
- type LoginSettings
- type LoginWith
- type Router
- type SMSService
- type SMSServiceSettings
- type SMSServiceType
- type Server
- type ServerSettings
- type Session
- type SessionDuration
- type SessionManager
- type SessionService
- type SessionStorage
- type SessionStorageSettings
- type SessionStorageType
- type StaticFilesStorage
- type StaticFilesStorageSettings
- type StaticFilesStorageType
- type StaticPages
- type StorageSettings
- type TFAInfo
- type TFAStatus
- type TFAType
- type TokenBlacklist
- type TokenPayloadProvider
- type TokenPayloadServiceHttpSettings
- type TokenPayloadServicePluginSettings
- type TokenPayloadServiceType
- type TokenStorage
- type User
- type UserStorage
- type VerificationCodeStorage
Constants ¶
const ( // TFAStatusMandatory for mandatory TFA for all users. TFAStatusMandatory = "mandatory" // TFAStatusOptional for TFA that can be enabled/disabled for particular user. TFAStatusOptional = "optional" // TFAStatusDisabled is when the app does not support TFA. TFAStatusDisabled = "disabled" )
const ( // TokenPayloadServiceNone no service is used TokenPayloadServiceNone = "none" // TokenPayloadServicePlugin user local identifo plugin with specific name to retreive token payload TokenPayloadServicePlugin = "plugin" // TokenPayloadServiceHttp use external service to get token paylad TokenPayloadServiceHttp = "http" )
const ( PublicKeyName = "public.pem" PrivateKeyName = "private.pem" )
Key names.
const ( // ErrorInternal represents internal server error, used to mask real internal problem. ErrorInternal = Error("internal error") // ErrorNotFound is a general not found error. ErrorNotFound = Error("not found") // ErrorWrongDataFormat is for corrupted request data. ErrorWrongDataFormat = Error("wrong data format") // ErrorUserExists is for unwanted user entry presense. ErrorUserExists = Error("User already exists") // ErrorNotImplemented is for features that are not implemented yet. ErrorNotImplemented = Error("Not implemented") // ErrorPasswordShouldHave6Letters is for failed password strength check. ErrorPasswordShouldHave6Letters = Error("Password should have at least six letters") // ErrorPasswordNoUppercase is for failed password strength check. ErrorPasswordNoUppercase = Error("Password should have at least one uppercase symbol") // ErrorPasswordWrongSymbols is for failed password strength check. ErrorPasswordWrongSymbols = Error("Password contains wrong symbols") )
const ( // StaticFilesStorageTypeLocal is for storing static files locally. StaticFilesStorageTypeLocal = "local" // StaticFilesStorageTypeS3 is for storing static files in S3 bucket. StaticFilesStorageTypeS3 = "s3" // StaticFilesStorageTypeDynamoDB is for storing static files in DynamoDB table. StaticFilesStorageTypeDynamoDB = "dynamodb" )
const ( // SessionStorageMem means to store sessions in memory. SessionStorageMem = "memory" // SessionStorageRedis means to store sessions in Redis. SessionStorageRedis = "redis" // SessionStorageDynamoDB means to store sessions in DynamoDB. SessionStorageDynamoDB = "dynamodb" )
const ( // KeyStorageTypeLocal is for storing keys locally. KeyStorageTypeLocal = "local" // KeyStorageTypeS3 is for storing keys in the S3 bucket. KeyStorageTypeS3 = "s3" )
const ( // EmailServiceMailgun is a Mailgun service. EmailServiceMailgun = "mailgun" // EmailServiceAWS is an AWS SES service. EmailServiceAWS = "aws ses" // EmailServiceMock is an email service mock. EmailServiceMock = "mock" )
const ( AdminPanelBuildPath = "./admin_panel/build" PagesPath = "./html" EmailTemplatesPath = "./email_templates" AppleFilesPath = "./apple" )
These paths describe directories with static files. They are relative to the folder specified in the configuration file.
const ( // TokenTypeInvite is an invite token type value. TokenTypeInvite = "invite" // TokenTypeReset is an reset token type value. TokenTypeReset = "reset" // TokenTypeWebCookie is a web-cookie token type value. TokenTypeWebCookie = "web-cookie" // TokenTypeAccess is an access token type. TokenTypeAccess = "access" // TokenTypeRefresh is a refresh token type. TokenTypeRefresh = "refresh" // TokenTypeTFAPreauth is an 2fa preauth token type. TokenTypeTFAPreauth = "2fa-preauth" // TokenTFAPreauthScope preauth token scope for first step of TFA TokenTFAPreauthScope = "2fa" )
const RouteMobileRegionUAE = "uae"
RouteMobileRegionUAE is a regional UAE RouteMobileR platform.
Variables ¶
var ( // EmailRegexp is a regexp which all valid emails must match. EmailRegexp = regexp.MustCompile(`^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$`) // PhoneRegexp is a regexp which all valid phone numbers must match. PhoneRegexp = regexp.MustCompile(`^[\+][0-9]{9,15}$`) )
var AppleFilenames = AppleFiles{
DeveloperDomainAssociation: "apple-developer-domain-association.txt",
AppSiteAssociation: "apple-app-site-association",
}
AppleFilenames are names of the files related to Apple services.
var ErrSessionNotFound = errors.New("Session not found. ")
ErrSessionNotFound is when session not found.
var ErrUserNotFound = errors.New("User not found. ")
ErrUserNotFound is when user not found.
var StaticPagesNames = StaticPages{
DisableTFA: "disable-tfa.html",
DisableTFASuccess: "disable-tfa-success.html",
ForgotPassword: "forgot-password.html",
ForgotPasswordSuccess: "forgot-password-success.html",
InviteEmail: "invite-email.html",
Login: "login.html",
Misconfiguration: "misconfiguration.html",
Registration: "registration.html",
ResetPassword: "reset-password.html",
ResetPasswordEmail: "reset-password-email.html",
ResetPasswordSuccess: "reset-password-success.html",
ResetTFA: "reset-tfa.html",
ResetTFASuccess: "reset-tfa-success.html",
TFAEmail: "tfa-email.html",
TokenError: "token-error.html",
VerifyEmail: "verify-email.html",
WebMessage: "web-message.html",
WelcomeEmail: "welcome-email.html",
}
StaticPagesNames are the names of html pages.
Functions ¶
func GetStaticFilePathByFilename ¶
GetStaticFilePathByFilename returns filepath for given static file name.
Types ¶
type AdminAccountSettings ¶
type AdminAccountSettings struct { LoginEnvName string `yaml:"loginEnvName" json:"login_env_name,omitempty"` PasswordEnvName string `yaml:"passwordEnvName" json:"password_env_name,omitempty"` }
AdminAccountSettings are names of environment variables that store admin credentials.
type AdminPanelHandlers ¶
type AdminPanelHandlers struct { SrcHandler http.Handler ManagementHandler http.Handler BuildHandler http.Handler }
AdminPanelHandlers holds together admin panel handlers.
type AppData ¶
type AppData interface { ID() string Secret() string Active() bool Name() string Description() string // Scopes is the list of all allowed scopes. If it's empty, no limitations (opaque scope). Scopes() []string // Offline is a boolean value that indicates whether on not the app supports refresh tokens. // Do not use refresh tokens with apps that does not have secure storage. Offline() bool Type() AppType // RedirectURLs is the list of allowed urls where user will be redirected after successfull login. // Useful not only for web apps, mobile and desktop apps could use custom scheme for that. RedirectURLs() []string // TokenLifespan is a token lifespan in seconds, if 0 - default one is used. TokenLifespan() int64 // InviteTokenLifespan a inviteToken lifespan in seconds, if 0 - default one is used. InviteTokenLifespan() int64 // RefreshTokenLifespan is a refreshToken lifespan in seconds, if 0 - default one is used. RefreshTokenLifespan() int64 // Payload is a list of fields that are included in token. If it's empty, there are no fields in payload. TokenPayload() []string Sanitize() TFAStatus() TFAStatus DebugTFACode() string RegistrationForbidden() bool AnonymousRegistrationAllowed() bool AuthzWay() AuthorizationWay AuthzModel() string AuthzPolicy() string RolesWhitelist() []string RolesBlacklist() []string NewUserDefaultRole() string AppleInfo() *AppleInfo SetSecret(secret string) //Token payload related services TokenPayloadService() TokenPayloadServiceType TokenPayloadServicePluginSettings() TokenPayloadServicePluginSettings TokenPayloadServiceHttpSettings() TokenPayloadServiceHttpSettings }
AppData represents Application data information.
type AppStorage ¶
type AppStorage interface { AppByID(id string) (AppData, error) ActiveAppByID(appID string) (AppData, error) CreateApp(app AppData) (AppData, error) DisableApp(app AppData) error UpdateApp(appID string, newApp AppData) (AppData, error) FetchApps(filterString string, skip, limit int) ([]AppData, int, error) DeleteApp(id string) error ImportJSON(data []byte) error NewAppData() AppData TestDatabaseConnection() error Close() }
AppStorage is an abstract representation of applications data storage.
type AppleFiles ¶
type AppleFiles struct { DeveloperDomainAssociation string `yaml:"developerDomainAssociation,omitempty" json:"developer_domain_association,omitempty"` AppSiteAssociation string `yaml:"appSiteAssociation,omitempty" json:"app_site_association,omitempty"` }
AppleFiles holds together static files needed for supporting Apple services.
type AppleInfo ¶
type AppleInfo struct { ClientID string `json:"client_id,omitempty" bson:"client_id,omitempty"` ClientSecret string `json:"client_secret,omitempty" bson:"client_secret,omitempty"` }
AppleInfo represents the information needed for Sign In with Apple.
type AssetHandlers ¶
type AssetHandlers struct { StylesHandler http.Handler ScriptsHandler http.Handler ImagesHandler http.Handler FontsHandler http.Handler }
AssetHandlers holds together asset handlers.
type AuthorizationWay ¶
type AuthorizationWay string
AuthorizationWay is a way of authorization supported by the application.
const ( // NoAuthz is when the app does not require any authorization. NoAuthz AuthorizationWay = "no authorization" // Internal is for embedded authorization rules. Internal AuthorizationWay = "internal" // RolesWhitelist is the list of roles allowed to register and login into the application. RolesWhitelist AuthorizationWay = "whitelist" // RolesBlacklist is the list of roles forbidden to register and login into the application. RolesBlacklist AuthorizationWay = "blacklist" // External is for external authorization service. External AuthorizationWay = "external" )
type ConfigurationStorage ¶
type ConfigurationStorage interface { InsertConfig(key string, value interface{}) error LoadServerSettings(*ServerSettings) error InsertKeys(keys *JWTKeys) error LoadKeys(ijwt.TokenSignatureAlgorithm) (*JWTKeys, error) GetUpdateChan() chan interface{} CloseUpdateChan() }
ConfigurationStorage stores server configuration.
type ConfigurationStorageSettings ¶
type ConfigurationStorageSettings struct { Type ConfigurationStorageType `yaml:"type,omitempty" json:"type,omitempty"` SettingsKey string `yaml:"settingsKey,omitempty" json:"settings_key,omitempty"` Endpoints []string `yaml:"endpoints,omitempty" json:"endpoints,omitempty"` Bucket string `yaml:"bucket,omitempty" json:"bucket,omitempty"` Region string `yaml:"region,omitempty" json:"region,omitempty"` KeyStorage KeyStorageSettings `yaml:"keyStorage,omitempty" json:"key_storage,omitempty"` }
ConfigurationStorageSettings holds together configuration storage settings.
func (*ConfigurationStorageSettings) Validate ¶
func (css *ConfigurationStorageSettings) Validate() error
Validate validates configuration storage settings.
type ConfigurationStorageType ¶
type ConfigurationStorageType string
ConfigurationStorageType describes type of configuration storage.
const ( // ConfigurationStorageTypeEtcd is an etcd storage. ConfigurationStorageTypeEtcd ConfigurationStorageType = "etcd" // ConfigurationStorageTypeS3 is an AWS S3 storage. ConfigurationStorageTypeS3 ConfigurationStorageType = "s3" // ConfigurationStorageTypeFile is a config file. ConfigurationStorageTypeFile ConfigurationStorageType = "file" )
type ConfigurationWatcher ¶
type ConfigurationWatcher interface { Watch() WatchChan() chan interface{} Stop() }
ConfigurationWatcher is a global server configuration watcher.
type ContextKey ¶
type ContextKey int
ContextKey enumerates all context keys
const ( //AppDataContextKey context key to keep requested app data AppDataContextKey ContextKey = iota + 1 //TokenContextKey bearer token context key TokenContextKey //TokenRawContextKey bearer token context key in raw format TokenRawContextKey )
type CorsOptions ¶
CorsOptions are options for routers CORS.
type DatabaseSettings ¶
type DatabaseSettings struct { Type DatabaseType `yaml:"type,omitempty" json:"type,omitempty"` Name string `yaml:"name,omitempty" json:"name,omitempty"` Endpoint string `yaml:"endpoint,omitempty" json:"endpoint,omitempty"` Region string `yaml:"region,omitempty" json:"region,omitempty"` Path string `yaml:"path,omitempty" json:"path,omitempty"` }
DatabaseSettings holds together all settings applicable to a particular database.
func (*DatabaseSettings) Validate ¶
func (dbs *DatabaseSettings) Validate() error
Validate validates database settings.
type DatabaseType ¶
type DatabaseType string
DatabaseType is a type of database.
const ( // DBTypeBoltDB is for BoltDB. DBTypeBoltDB DatabaseType = "boltdb" // DBTypeMongoDB is for MongoDB. DBTypeMongoDB DatabaseType = "mongodb" // DBTypeDynamoDB is for DynamoDB. DBTypeDynamoDB DatabaseType = "dynamodb" // DBTypeFake is for in-memory storage. DBTypeFake DatabaseType = "fake" )
type EmailService ¶
type EmailService interface { SendMessage(subject, body, recipient string) error SendHTML(subject, html, recipient string) error SendTemplateEmail(subject, recipient string, template *template.Template, data interface{}) error SendResetEmail(subject, recipient string, data interface{}) error SendInviteEmail(subject, recipient string, data interface{}) error SendWelcomeEmail(subject, recipient string, data interface{}) error SendVerifyEmail(subject, recipient string, data interface{}) error SendTFAEmail(subject, recipient string, data interface{}) error Templater() *EmailTemplater }
EmailService manages sending emails.
type EmailServiceSettings ¶
type EmailServiceSettings struct { Type EmailServiceType `yaml:"type,omitempty" json:"type,omitempty"` Domain string `yaml:"domain,omitempty" json:"domain,omitempty"` PublicKey string `yaml:"publicKey,omitempty" json:"public_key,omitempty"` PrivateKey string `yaml:"privateKey,omitempty" json:"private_key,omitempty"` Sender string `yaml:"sender,omitempty" json:"sender,omitempty"` Region string `yaml:"region,omitempty" json:"region,omitempty"` }
EmailServiceSettings holds together settings for the email service.
func (*EmailServiceSettings) Validate ¶
func (ess *EmailServiceSettings) Validate() error
Validate validates email service settings.
type EmailServiceType ¶
type EmailServiceType string
EmailServiceType - how to send email to clients.
type EmailTemplater ¶
type EmailTemplater struct { WelcomeTemplate *template.Template ResetPasswordTemplate *template.Template InviteTemplate *template.Template VerifyTemplate *template.Template TFATemplate *template.Template }
EmailTemplater stores pointers to email templates.
func NewEmailTemplater ¶
func NewEmailTemplater(staticFilesStorage StaticFilesStorage) (*EmailTemplater, error)
NewEmailTemplater creates new email templater.
type ExternalServicesSettings ¶
type ExternalServicesSettings struct { EmailService EmailServiceSettings `yaml:"emailService,omitempty" json:"email_service,omitempty"` SMSService SMSServiceSettings `yaml:"smsService,omitempty" json:"sms_service,omitempty"` }
ExternalServicesSettings are settings for external services.
func (*ExternalServicesSettings) Validate ¶
func (ess *ExternalServicesSettings) Validate() error
Validate validates external services settings.
type FederatedIdentityProvider ¶
type FederatedIdentityProvider string
FederatedIdentityProvider is an external federated identity provider type. If you are missing the provider you need, please feel free to add it here.
var ( // FacebookIDProvider is a Facebook ID provider. FacebookIDProvider FederatedIdentityProvider = "FACEBOOK" // GoogleIDProvider is a Google ID provider. GoogleIDProvider FederatedIdentityProvider = "GOOGLE" // TwitterIDProvider is a Twitter ID provider. TwitterIDProvider FederatedIdentityProvider = "TWITTER" // AppleIDProvider is an Apple ID provider. AppleIDProvider FederatedIdentityProvider = "APPLE" )
func (FederatedIdentityProvider) IsValid ¶
func (fid FederatedIdentityProvider) IsValid() bool
IsValid has to be called everywhere input happens, otherwise you risk to operate on bad data - no guarantees.
type GeneralServerSettings ¶
type GeneralServerSettings struct { Host string `yaml:"host,omitempty" json:"host,omitempty"` Issuer string `yaml:"issuer,omitempty" json:"issuer,omitempty"` Algorithm string `yaml:"algorithm,omitempty" json:"algorithm,omitempty"` }
GeneralServerSettings are general server settings.
func (*GeneralServerSettings) Validate ¶
func (gss *GeneralServerSettings) Validate() error
Validate validates general services settings.
type JWTKeys ¶
type JWTKeys struct { Public interface{} Private interface{} Algorithm interface{} }
JWTKeys are keys used for signing and verifying JSON web tokens.
type KeyStorage ¶
type KeyStorage interface { InsertKeys(keys *JWTKeys) error LoadKeys(alg ijwt.TokenSignatureAlgorithm) (*JWTKeys, error) }
KeyStorage stores keys used for signing and verifying JWT tokens.
type KeyStorageSettings ¶
type KeyStorageSettings struct { Type KeyStorageType `yaml:"type,omitempty" json:"type,omitempty"` Folder string `yaml:"folder,omitempty" json:"folder,omitempty"` Region string `yaml:"region,omitempty" json:"region,omitempty"` Bucket string `yaml:"bucket,omitempty" json:"bucket,omitempty"` }
KeyStorageSettings are settings for the key storage.
func (*KeyStorageSettings) Validate ¶
func (kss *KeyStorageSettings) Validate() error
Validate validates key storage settings.
type LoggerSettings ¶ added in v1.2.3
type LoggerSettings struct {
DumpRequest bool `yaml:"dumpRequest,omitempty" json:"dumpRequest,omitempty"`
}
type LoginSettings ¶
type LoginSettings struct { LoginWith LoginWith `yaml:"loginWith,omitempty" json:"login_with,omitempty"` TFAType TFAType `yaml:"tfaType,omitempty" json:"tfa_type,omitempty"` }
LoginSettings are settings of login.
type LoginWith ¶
type LoginWith struct { Username bool `yaml:"username" json:"username,omitempty"` Phone bool `yaml:"phone" json:"phone,omitempty"` Federated bool `yaml:"federated" json:"federated,omitempty"` }
LoginWith is a type for configuring supported login ways.
type Router ¶
type Router interface {
ServeHTTP(http.ResponseWriter, *http.Request)
}
Router handles all incoming http requests.
type SMSService ¶
SMSService is an SMS sending service.
type SMSServiceSettings ¶
type SMSServiceSettings struct { Type SMSServiceType `yaml:"type,omitempty" json:"type,omitempty"` // Twilio related config. AccountSid string `yaml:"accountSid,omitempty" json:"account_sid,omitempty"` AuthToken string `yaml:"authToken,omitempty" json:"auth_token,omitempty"` ServiceSid string `yaml:"serviceSid,omitempty" json:"service_sid,omitempty"` // Nexmo related config. APIKey string `yaml:"apiKey,omitempty" json:"api_key,omitempty"` APISecret string `yaml:"apiSecret,omitempty" json:"api_secret,omitempty"` // RouteMobile related config. Username string `yaml:"username,omitempty" json:"username,omitempty"` Password string `yaml:"password,omitempty" json:"password,omitempty"` Source string `yaml:"source,omitempty" json:"source,omitempty"` Region string `yaml:"region,omitempty" json:"region,omitempty"` }
SMSServiceSettings holds together settings for SMS service.
func (*SMSServiceSettings) Validate ¶
func (sss *SMSServiceSettings) Validate() error
Validate validates SMS service settings.
type SMSServiceType ¶
type SMSServiceType string
SMSServiceType - service for sending sms messages.
const ( // SMSServiceTwilio is a Twillo SMS service. SMSServiceTwilio SMSServiceType = "twilio" // SMSServiceNexmo is a Nexmo SMS service. SMSServiceNexmo SMSServiceType = "nexmo" // SMSServiceRouteMobile is a RouteMobile SMS service. SMSServiceRouteMobile SMSServiceType = "routemobile" // SMSServiceMock is an SMS service mock. SMSServiceMock SMSServiceType = "mock" )
type Server ¶
type Server interface { Router() Router AppStorage() AppStorage UserStorage() UserStorage ConfigurationStorage() ConfigurationStorage ImportApps(filename string) error ImportUsers(filename string) error Close() }
Server holds together all dependencies.
type ServerSettings ¶
type ServerSettings struct { General GeneralServerSettings `yaml:"general,omitempty" json:"general,omitempty"` AdminAccount AdminAccountSettings `yaml:"adminAccount,omitempty" json:"admin_account,omitempty"` Storage StorageSettings `yaml:"storage,omitempty" json:"storage,omitempty"` ConfigurationStorage ConfigurationStorageSettings `yaml:"configurationStorage,omitempty" json:"configuration_storage,omitempty"` SessionStorage SessionStorageSettings `yaml:"sessionStorage,omitempty" json:"session_storage,omitempty"` StaticFilesStorage StaticFilesStorageSettings `yaml:"staticFilesStorage,omitempty" json:"static_files_storage,omitempty"` ExternalServices ExternalServicesSettings `yaml:"externalServices,omitempty" json:"external_services,omitempty"` Login LoginSettings `yaml:"login,omitempty" json:"login,omitempty"` Logger LoggerSettings `yaml:"logger,omitempty" json:"logger,omitempty"` }
ServerSettings are server settings.
func (*ServerSettings) GetPort ¶
func (ss *ServerSettings) GetPort() string
GetPort returns port on which host listens to incoming connections.
func (*ServerSettings) Validate ¶
func (ss *ServerSettings) Validate() error
Validate makes sure that all crucial fields are set.
type SessionDuration ¶
SessionDuration wraps time.Duration to implement custom yaml and json encoding and decoding.
func (SessionDuration) MarshalJSON ¶
func (sd SessionDuration) MarshalJSON() ([]byte, error)
MarshalJSON implements json.Marshaller.
func (SessionDuration) MarshalYAML ¶
func (sd SessionDuration) MarshalYAML() (interface{}, error)
MarshalYAML implements yaml.Marshaller.
func (*SessionDuration) UnmarshalJSON ¶
func (sd *SessionDuration) UnmarshalJSON(data []byte) error
UnmarshalJSON implements json.Unmarshaller.
func (*SessionDuration) UnmarshalYAML ¶
func (sd *SessionDuration) UnmarshalYAML(unmarshal func(interface{}) error) error
UnmarshalYAML implements yaml.Unmarshaller.
type SessionManager ¶
type SessionManager struct {
// contains filtered or unexported fields
}
SessionManager is a default session service.
func (*SessionManager) NewSession ¶
func (sm *SessionManager) NewSession() (Session, error)
NewSession creates new session and returns it.
func (*SessionManager) ProlongSession ¶
func (sm *SessionManager) ProlongSession(sessionID string) error
ProlongSession prolongs session duration.
func (*SessionManager) SessionDurationSeconds ¶
func (sm *SessionManager) SessionDurationSeconds() int
SessionDurationSeconds returns session duration in seconds.
type SessionService ¶
type SessionService interface { NewSession() (Session, error) SessionDurationSeconds() int ProlongSession(sessionID string) error }
SessionService manages sessions.
func NewSessionManager ¶
func NewSessionManager(sessionDuration SessionDuration, sessionStorage SessionStorage) SessionService
NewSessionManager creates new session manager and returns it.
type SessionStorage ¶
type SessionStorage interface { GetSession(id string) (Session, error) InsertSession(session Session) error DeleteSession(id string) error ProlongSession(id string, newDuration SessionDuration) error }
SessionStorage is an interface for session storage.
type SessionStorageSettings ¶
type SessionStorageSettings struct { Type SessionStorageType `yaml:"type,omitempty" json:"type,omitempty"` SessionDuration SessionDuration `yaml:"sessionDuration,omitempty" json:"session_duration,omitempty"` Address string `yaml:"address,omitempty" json:"address,omitempty"` Password string `yaml:"password,omitempty" json:"password,omitempty"` DB int `yaml:"db,omitempty" json:"db,omitempty"` Region string `yaml:"region,omitempty" json:"region,omitempty"` Endpoint string `yaml:"endpoint,omitempty" json:"endpoint,omitempty"` }
SessionStorageSettings holds together session storage settings.
func (*SessionStorageSettings) Validate ¶
func (sss *SessionStorageSettings) Validate() error
Validate validates admin session storage settings.
type SessionStorageType ¶
type SessionStorageType string
SessionStorageType - where to store admin sessions.
type StaticFilesStorage ¶
type StaticFilesStorage interface { GetFile(name string) ([]byte, error) UploadFile(name string, contents []byte) error ParseTemplate(templateName string) (*template.Template, error) GetAppleFile(name string) ([]byte, error) AssetHandlers() *AssetHandlers AdminPanelHandlers() *AdminPanelHandlers Close() }
StaticFilesStorage is a wrapper over static files storages.
type StaticFilesStorageSettings ¶
type StaticFilesStorageSettings struct { Type StaticFilesStorageType `yaml:"type,omitempty" json:"type,omitempty"` ServerConfigPath string `yaml:"serverConfigPath,omitempty" json:"server_config_path,omitempty"` Folder string `yaml:"folder,omitempty" json:"folder,omitempty"` Bucket string `yaml:"bucket,omitempty" json:"bucket,omitempty"` Region string `yaml:"region,omitempty" json:"region,omitempty"` Endpoint string `yaml:"endpoint,omitempty" json:"endpoint,omitempty"` ServeAdminPanel bool `yaml:"serveAdminPanel,omitempty" json:"serve_admin_panel,omitempty"` }
StaticFilesStorageSettings are settings for static files storage.
func (*StaticFilesStorageSettings) Validate ¶
func (sfs *StaticFilesStorageSettings) Validate() error
Validate validates static files storage settings.
type StaticFilesStorageType ¶
type StaticFilesStorageType string
StaticFilesStorageType is a type of static files storage.
type StaticPages ¶
type StaticPages struct { DisableTFA string DisableTFASuccess string ForgotPassword string ForgotPasswordSuccess string InviteEmail string Login string Misconfiguration string Registration string ResetPassword string ResetPasswordEmail string ResetPasswordSuccess string ResetTFA string ResetTFASuccess string TFAEmail string TokenError string VerifyEmail string WebMessage string WelcomeEmail string }
StaticPages holds together all paths to static pages.
type StorageSettings ¶
type StorageSettings struct { AppStorage DatabaseSettings `yaml:"appStorage,omitempty" json:"app_storage,omitempty"` UserStorage DatabaseSettings `yaml:"userStorage,omitempty" json:"user_storage,omitempty"` TokenStorage DatabaseSettings `yaml:"tokenStorage,omitempty" json:"token_storage,omitempty"` TokenBlacklist DatabaseSettings `yaml:"tokenBlacklist,omitempty" json:"token_blacklist,omitempty"` VerificationCodeStorage DatabaseSettings `yaml:"verificationCodeStorage,omitempty" json:"verification_code_storage,omitempty"` }
StorageSettings holds together storage settings for different services.
func (*StorageSettings) Validate ¶
func (ss *StorageSettings) Validate() error
Validate validates storage settings.
type TFAInfo ¶
type TFAInfo struct { IsEnabled bool `bson:"is_enabled,omitempty" json:"is_enabled,omitempty"` HOTPCounter int `json:"hotp_counter,omitempty" bson:"hotp_counter,omitempty"` HOTPExpiredAt time.Time `json:"hotp_expired_at,omitempty" bson:"hotp_expired_at,omitempty"` Secret string `bson:"secret,omitempty" json:"secret,omitempty"` }
TFAInfo encapsulates two-factor authentication user info.
type TFAType ¶
type TFAType string
TFAType is a type of two-factor authentication for apps that support it.
type TokenBlacklist ¶
TokenBlacklist is a storage for blacklisted tokens.
type TokenPayloadProvider ¶ added in v1.2.3
type TokenPayloadProvider interface {
TokenPayloadForApp(appId, appName, userId string) (map[string]interface{}, error)
}
TokenPayloadProvider provides additional user payload to include to the token
type TokenPayloadServiceHttpSettings ¶ added in v1.2.3
type TokenPayloadServiceHttpSettings struct { URL string `json:"url,omitempty" bson:"url,omitempty"` Secret string `json:"secret,omitempty" bson:"secret,omitempty"` }
TokenPayloadServiceHttpSettings settings for token payload service
type TokenPayloadServicePluginSettings ¶ added in v1.2.3
type TokenPayloadServicePluginSettings struct {
Name string `json:"name,omitempty" bson:"name,omitempty"`
}
TokenPayloadServicePluginSettings settings for token payload service
type TokenPayloadServiceType ¶ added in v1.2.3
type TokenPayloadServiceType string
TokenPayloadServiceType service to allow fetch additional data to include to access token
type TokenStorage ¶
type TokenStorage interface { SaveToken(token string) error HasToken(token string) bool DeleteToken(token string) error Close() }
TokenStorage is a storage for issued refresh tokens.
type User ¶
type User interface { ID() string Username() string SetUsername(string) Email() string SetEmail(string) Phone() string TFAInfo() TFAInfo SetTFAInfo(TFAInfo) PasswordHash() string Active() bool AccessRole() string Sanitize() Deanonimize() }
User is an abstract representation of the user in auth layer. Everything can be User, we do not depend on any particular implementation.
type UserStorage ¶
type UserStorage interface { UserByPhone(phone string) (User, error) AddUserByPhone(phone, role string) (User, error) UserByID(id string) (User, error) UserByEmail(email string) (User, error) IDByName(name string) (string, error) AttachDeviceToken(id, token string) error DetachDeviceToken(token string) error UserByNamePassword(name, password string) (User, error) AddUserByNameAndPassword(username, password, role string, isAnonymous bool) (User, error) UserExists(name string) bool UserByFederatedID(provider FederatedIdentityProvider, id string) (User, error) AddUserWithFederatedID(provider FederatedIdentityProvider, id, role string) (User, error) UpdateUser(userID string, newUser User) (User, error) ResetPassword(id, password string) error DeleteUser(id string) error FetchUsers(search string, skip, limit int) ([]User, int, error) NewUser() User RequestScopes(userID string, scopes []string) ([]string, error) Scopes() []string ImportJSON(data []byte) error UpdateLoginMetadata(userID string) Close() }
UserStorage is an abstract user storage.
Source Files ¶
- app_storage.go
- configuration_storage.go
- configuration_watcher.go
- cors_options.go
- email_service.go
- errors.go
- federated_identity_provider.go
- http_context.go
- password.go
- server.go
- server_settings.go
- server_settings_validation.go
- session.go
- session_service.go
- session_storage.go
- sms_service.go
- static_files_storage.go
- token.go
- token_storage.go
- user_data_provider.go
- user_storage.go
- verification_code_storage.go