Documentation ¶
Index ¶
- Constants
- Variables
- func GenerateCode() string
- type CreateRecoveryCodeParams
- type CreateVerificationCodeParams
- type FlowMethod
- type RecoveryCode
- type RecoveryCodePersistenceProvider
- type RecoveryCodePersister
- type RecoveryCodeType
- type Sender
- func (s *Sender) SendRecoveryCode(ctx context.Context, r *http.Request, f *recovery.Flow, ...) error
- func (s *Sender) SendRecoveryCodeTo(ctx context.Context, i *identity.Identity, codeString string, ...) error
- func (s *Sender) SendVerificationCode(ctx context.Context, f *verification.Flow, via identity.VerifiableAddressType, ...) error
- func (s *Sender) SendVerificationCodeTo(ctx context.Context, f *verification.Flow, i *identity.Identity, ...) error
- type SenderProvider
- type Strategy
- func (s *Strategy) HandleRecoveryError(w http.ResponseWriter, r *http.Request, flow *recovery.Flow, ...) error
- func (s *Strategy) PopulateRecoveryMethod(r *http.Request, f *recovery.Flow) error
- func (s *Strategy) PopulateVerificationMethod(r *http.Request, f *verification.Flow) error
- func (s *Strategy) Recover(w http.ResponseWriter, r *http.Request, f *recovery.Flow) (err error)
- func (s *Strategy) RecoveryNodeGroup() node.UiNodeGroup
- func (s *Strategy) RecoveryStrategyID() string
- func (s *Strategy) RegisterAdminRecoveryRoutes(admin *x.RouterAdmin)
- func (s *Strategy) RegisterAdminVerificationRoutes(admin *x.RouterAdmin)
- func (s *Strategy) RegisterPublicRecoveryRoutes(public *x.RouterPublic)
- func (s *Strategy) RegisterPublicVerificationRoutes(public *x.RouterPublic)
- func (s *Strategy) SendVerificationEmail(ctx context.Context, f *verification.Flow, i *identity.Identity, ...) (err error)
- func (s *Strategy) VerificationNodeGroup() node.UiNodeGroup
- func (s *Strategy) VerificationStrategyID() string
- func (s *Strategy) Verify(w http.ResponseWriter, r *http.Request, f *verification.Flow) (err error)
- type VerificationCode
- type VerificationCodePersistenceProvider
- type VerificationCodePersister
Constants ¶
const CodeLength = 6
const (
RouteAdminCreateRecoveryCode = "/recovery/code"
)
Variables ¶
var ( ErrCodeNotFound = herodot.ErrNotFound.WithReasonf("unknown code") ErrCodeAlreadyUsed = herodot.ErrBadRequest.WithReasonf("The code was already used. Please request another code.") ErrCodeSubmittedTooOften = herodot.ErrBadRequest.WithReasonf("The request was submitted too often. Please request another code.") )
var ErrUnknownAddress = herodot.ErrNotFound.WithReason("recovery requested for unknown address")
Functions ¶
func GenerateCode ¶
func GenerateCode() string
Types ¶
type CreateRecoveryCodeParams ¶
type CreateRecoveryCodeParams struct { // Code represents the recovery code RawCode string // CodeType is the type of the code - either "admin" or "selfservice" CodeType RecoveryCodeType // ExpiresAt is the time (UTC) when the code expires. // required: true ExpiresIn time.Duration // RecoveryAddressID is a helper struct field for gobuffalo.pop. RecoveryAddress *identity.RecoveryAddress // FlowID is a helper struct field for gobuffalo.pop. FlowID uuid.UUID IdentityID uuid.UUID }
type CreateVerificationCodeParams ¶
type CreateVerificationCodeParams struct { // Code represents the recovery code RawCode string // ExpiresIn is the lifetime of the code ExpiresIn time.Duration // VerifiableAddress is the address to be verified VerifiableAddress *identity.VerifiableAddress // FlowID is the id of the current verification flow FlowID uuid.UUID }
type FlowMethod ¶
FlowMethod contains the configuration for this selfservice strategy.
type RecoveryCode ¶
type RecoveryCode struct { // ID represents the code's unique ID. // // required: true // type: string // format: uuid ID uuid.UUID `json:"id" db:"id" faker:"-"` // CodeHMAC represents the HMACed value of the recovery code CodeHMAC string `json:"-" db:"code"` // UsedAt is the timestamp of when the code was used or null if it wasn't yet UsedAt sql.NullTime `json:"-" db:"used_at"` // RecoveryAddress links this code to a recovery address. // required: true RecoveryAddress *identity.RecoveryAddress `json:"recovery_address" belongs_to:"identity_recovery_addresses" fk_id:"RecoveryAddressID"` // CodeType is the type of the code - either "admin" or "selfservice" CodeType RecoveryCodeType `json:"-" faker:"-" db:"code_type"` // ExpiresAt is the time (UTC) when the code expires. // required: true ExpiresAt time.Time `json:"expires_at" faker:"time_type" db:"expires_at"` // IssuedAt is the time (UTC) when the code was issued. // required: true IssuedAt time.Time `json:"issued_at" faker:"time_type" db:"issued_at"` // CreatedAt is a helper struct field for gobuffalo.pop. CreatedAt time.Time `json:"-" faker:"-" db:"created_at"` // UpdatedAt is a helper struct field for gobuffalo.pop. UpdatedAt time.Time `json:"-" faker:"-" db:"updated_at"` // RecoveryAddressID is a helper struct field for gobuffalo.pop. RecoveryAddressID uuid.NullUUID `json:"-" faker:"-" db:"identity_recovery_address_id"` // FlowID is a helper struct field for gobuffalo.pop. FlowID uuid.UUID `json:"-" faker:"-" db:"selfservice_recovery_flow_id"` NID uuid.UUID `json:"-" faker:"-" db:"nid"` IdentityID uuid.UUID `json:"identity_id" faker:"-" db:"identity_id"` }
func (RecoveryCode) IsExpired ¶
func (f RecoveryCode) IsExpired() bool
func (RecoveryCode) IsValid ¶
func (f RecoveryCode) IsValid() bool
func (RecoveryCode) WasUsed ¶
func (r RecoveryCode) WasUsed() bool
type RecoveryCodePersistenceProvider ¶
type RecoveryCodePersistenceProvider interface {
RecoveryCodePersister() RecoveryCodePersister
}
type RecoveryCodePersister ¶
type RecoveryCodeType ¶
type RecoveryCodeType int
const ( RecoveryCodeTypeAdmin RecoveryCodeType = iota + 1 RecoveryCodeTypeSelfService )
type Sender ¶
type Sender struct {
// contains filtered or unexported fields
}
func (*Sender) SendRecoveryCode ¶
func (s *Sender) SendRecoveryCode(ctx context.Context, r *http.Request, f *recovery.Flow, via identity.VerifiableAddressType, to string) error
SendRecoveryCode sends a recovery code to the specified address. If the address does not exist in the store, an email is still being sent to prevent account enumeration attacks. In that case, this function returns the ErrUnknownAddress error.
func (*Sender) SendRecoveryCodeTo ¶
func (*Sender) SendVerificationCode ¶
func (s *Sender) SendVerificationCode(ctx context.Context, f *verification.Flow, via identity.VerifiableAddressType, to string) error
SendVerificationCode sends a verification link to the specified address. If the address does not exist in the store, an email is still being sent to prevent account enumeration attacks. In that case, this function returns the ErrUnknownAddress error.
func (*Sender) SendVerificationCodeTo ¶
func (s *Sender) SendVerificationCodeTo(ctx context.Context, f *verification.Flow, i *identity.Identity, codeString string, code *VerificationCode) error
type SenderProvider ¶
type SenderProvider interface {
CodeSender() *Sender
}
type Strategy ¶
type Strategy struct {
// contains filtered or unexported fields
}
func NewStrategy ¶
func NewStrategy(deps strategyDependencies) *Strategy
func (*Strategy) HandleRecoveryError ¶
func (*Strategy) PopulateRecoveryMethod ¶
func (*Strategy) PopulateVerificationMethod ¶
func (*Strategy) RecoveryNodeGroup ¶
func (s *Strategy) RecoveryNodeGroup() node.UiNodeGroup
func (*Strategy) RecoveryStrategyID ¶
func (*Strategy) RegisterAdminRecoveryRoutes ¶
func (s *Strategy) RegisterAdminRecoveryRoutes(admin *x.RouterAdmin)
func (*Strategy) RegisterAdminVerificationRoutes ¶
func (s *Strategy) RegisterAdminVerificationRoutes(admin *x.RouterAdmin)
func (*Strategy) RegisterPublicRecoveryRoutes ¶
func (s *Strategy) RegisterPublicRecoveryRoutes(public *x.RouterPublic)
func (*Strategy) RegisterPublicVerificationRoutes ¶
func (s *Strategy) RegisterPublicVerificationRoutes(public *x.RouterPublic)
func (*Strategy) SendVerificationEmail ¶
func (s *Strategy) SendVerificationEmail(ctx context.Context, f *verification.Flow, i *identity.Identity, a *identity.VerifiableAddress) (err error)
func (*Strategy) VerificationNodeGroup ¶
func (s *Strategy) VerificationNodeGroup() node.UiNodeGroup
func (*Strategy) VerificationStrategyID ¶
func (*Strategy) Verify ¶
func (s *Strategy) Verify(w http.ResponseWriter, r *http.Request, f *verification.Flow) (err error)
type VerificationCode ¶
type VerificationCode struct { // ID represents the code's unique ID. // // required: true // type: string // format: uuid ID uuid.UUID `json:"id" db:"id" faker:"-"` // CodeHMAC represents the HMACed value of the verification code CodeHMAC string `json:"-" db:"code_hmac"` // UsedAt is the timestamp of when the code was used or null if it wasn't yet UsedAt sql.NullTime `json:"-" db:"used_at"` // VerifiableAddress links this code to a verification address. // required: true VerifiableAddress *identity.VerifiableAddress `json:"verification_address" belongs_to:"identity_verifiable_addresses" fk_id:"VerificationAddVerifiableAddressIDressID"` // ExpiresAt is the time (UTC) when the code expires. // required: true ExpiresAt time.Time `json:"expires_at" faker:"time_type" db:"expires_at"` // IssuedAt is the time (UTC) when the code was issued. // required: true IssuedAt time.Time `json:"issued_at" faker:"time_type" db:"issued_at"` // CreatedAt is a helper struct field for gobuffalo.pop. CreatedAt time.Time `json:"-" faker:"-" db:"created_at"` // UpdatedAt is a helper struct field for gobuffalo.pop. UpdatedAt time.Time `json:"-" faker:"-" db:"updated_at"` // VerifiableAddressID is a helper struct field for gobuffalo.pop. VerifiableAddressID uuid.NullUUID `json:"-" faker:"-" db:"identity_verifiable_address_id"` // FlowID is a helper struct field for gobuffalo.pop. FlowID uuid.UUID `json:"-" faker:"-" db:"selfservice_verification_flow_id"` NID uuid.UUID `json:"-" faker:"-" db:"nid"` }
func (*VerificationCode) Validate ¶
func (f *VerificationCode) Validate() error
Validate validates the state of the verification code
- If the code is expired, `flow.ExpiredError` is returned - If the code was already used `ErrCodeAlreadyUsed` is returnd - Otherwise, `nil` is returned
type VerificationCodePersistenceProvider ¶
type VerificationCodePersistenceProvider interface {
VerificationCodePersister() VerificationCodePersister
}