account

package
v0.0.0-...-1f8de80 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2024 License: MIT Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MaxFreeSignInAttempts  = 3
	MaxSignInThrottleDelay = app.SignInThrottleTTL / 2
)
View Source 
const (
	SignInMethodNone      = ""
	SignInMethodPassword  = "password"
	SignInMethodMagicLink = "magic link"
	SignInMethodGoogle    = "google"
	SignInMethodFacebook  = "facebook"
)
View Source 
const (
	SignUpMethodNone        = ""
	SignUpMethodSystemSetup = "system setup"
	SignUpMethodWebForm     = "web form"
	SignUpMethodMagicLink   = "magic link"
	SignUpMethodGoogle      = "google"
	SignUpMethodFacebook    = "facebook"
	SignUpMethodInvite      = "invite"
)

Variables

View Source 
var (
	ErrNotVerified     = errors.New("account is not verified")
	ErrNotActivated    = errors.New("account is not activated")
	ErrSuspended       = errors.New("account is suspended")
	ErrInvalidPassword = errors.New("invalid password")
)
View Source 
var ErrAuth = errors.New("auth")
View Source 
var ErrFacebookSignUpDisabled = errors.New("Facebook sign up disabled")
View Source 
var ErrGoogleSignUpDisabled = errors.New("Google sign up disabled")
View Source 
var ErrMagicLinkSignUpDisabled = errors.New("magic link sign up disabled")
View Source 
var ErrSignInThrottled = errors.New("sign in throttled")

Functions

func TestRepo 

func TestRepo(ctx context.Context, t *testing.T, newRepo func() ReadWriter)

Types

type ActivateTOTPGuard 

type ActivateTOTPGuard interface {
	CanActivateTOTP(userID string) bool
}

type ActivateUsersGuard 

type ActivateUsersGuard interface {
	CanActivateUsers() bool
}

type Activated 

type Activated struct {
	Email       string
	System      string
	Method      string
	HasPassword bool
}

type AlreadySignedUp 

type AlreadySignedUp struct {
	Email       string
	System      string
	Method      string
	HasPassword bool
}

type ChangePasswordGuard 

type ChangePasswordGuard interface {
	CanChangePassword(userID string) bool
}

type ChangeRolesGuard 

type ChangeRolesGuard interface {
	CanChangeRoles(userID string) bool
}

type ChangeTOTPTelGuard 

type ChangeTOTPTelGuard interface {
	CanChangeTOTPTel(userID string) bool
}

type ChoosePasswordGuard 

type ChoosePasswordGuard interface {
	CanChoosePassword(userID string) bool
}

type CreateRoleGuard 

type CreateRoleGuard interface {
	CanCreateRoles() bool
}

type DeleteRoleGuard 

type DeleteRoleGuard interface {
	CanDeleteRoles() bool
}

type DisableTOTPGuard 

type DisableTOTPGuard interface {
	CanDisableTOTP(userID string) bool
}

type Email 

type Email string

func NewEmail 

func NewEmail(email string) (Email, error)

func (Email) String 

func (e Email) String() string

type FacebookSignInBehaviour 

type FacebookSignInBehaviour byte
const (
	FacebookSignInOnly FacebookSignInBehaviour = iota
	FacebookAllowSignUp
	FacebookAllowSignUpActivate
)

type GoogleSignInBehaviour 

type GoogleSignInBehaviour byte
const (
	GoogleSignInOnly GoogleSignInBehaviour = iota
	GoogleAllowSignUp
	GoogleAllowSignUpActivate
)

type Hasher 

type Hasher interface {
	EncodedPasswordHash(password []byte) ([]byte, error)
	CheckPasswordHash(password, encodedHash []byte) (ok, rehash bool, err error)
	CheckDummyPasswordHash() error
}

type InitialUserSignedUp 

type InitialUserSignedUp struct {
	Email  string
	System string
	Method string
}

type InviteUserGuard 

type InviteUserGuard interface {
	CanInviteUsers() bool
}

type Invited 

type Invited struct {
	Email  string
	System string
	Method string
}

type MagicLinkSignInBehaviour 

type MagicLinkSignInBehaviour byte
const (
	MagicLinkSignInOnly MagicLinkSignInBehaviour = iota
	MagicLinkAllowSignUp
	MagicLinkAllowSignUpActivate
)

type Password 

type Password struct {
	// contains filtered or unexported fields
}

func NewPassword 

func NewPassword(password string) (zero Password, _ error)

func (Password) Equal 

func (p Password) Equal(rhs Password) bool

func (Password) String 

func (p Password) String() string

type PasswordChanged 

type PasswordChanged struct {
	Email string
}

type PasswordChosen 

type PasswordChosen struct {
	Email string
}

type PasswordReset 

type PasswordReset struct {
	Email string
}

type Permission 

type Permission string

func NewPermission 

func NewPermission(name string) (Permission, error)

func (Permission) String 

func (n Permission) String() string

type ReadWriter 

type ReadWriter interface {
	Reader
	Writer
}

type Reader 

type Reader interface {
	NextRoleID(ctx context.Context) (RoleID, error)
	ParseRoleID(str string) (RoleID, error)
	FindRoleByID(ctx context.Context, id string) (*Role, error)

	NextUserID(ctx context.Context) (UserID, error)
	ParseUserID(str string) (UserID, error)
	CountUsers(ctx context.Context) (int, error)
	FindUserByID(ctx context.Context, id string) (*User, error)
	FindUserByEmail(ctx context.Context, email string) (*User, error)

	FindSignInAttemptLogByEmail(ctx context.Context, email string) (*SignInAttemptLog, error)
}

type RecoveryCode 

type RecoveryCode string

func NewRandomRecoveryCode 

func NewRandomRecoveryCode() (RecoveryCode, error)

func NewRecoveryCode 

func NewRecoveryCode(code string) (RecoveryCode, error)

func (RecoveryCode) EqualHash 

func (c RecoveryCode) EqualHash(rhs []byte) bool

func (RecoveryCode) String 

func (c RecoveryCode) String() string

type RecoveryCodesRegenerated 

type RecoveryCodesRegenerated struct {
	Email string
}

type RegenerateRecoveryCodesGuard 

type RegenerateRecoveryCodesGuard interface {
	CanRegenerateRecoveryCodes(userID string) bool
}

type ResetPasswordGuard 

type ResetPasswordGuard interface {
	CanResetPassword(userID string) bool
}

type ResetTOTPGuard 

type ResetTOTPGuard interface {
	CanResetTOTP(userID string) bool
}

type Role 

type Role struct {
	aggregate.Root

	ID          string
	Name        string
	Description string
	Permissions []string
}

func NewRole 

func NewRole(id RoleID, name RoleName, description RoleDesc, permissions []Permission) *Role

type RoleDesc 

type RoleDesc string

func NewRoleDesc 

func NewRoleDesc(desc string) (RoleDesc, error)

func (RoleDesc) String 

func (d RoleDesc) String() string

type RoleFilter 

type RoleFilter struct {
	ID     *string
	UserID *string
	Name   *string
	Search *string

	SortTopID string
	Sorts     []string

	Limit  int
	Offset int
}

type RoleID 

type RoleID string

func (RoleID) String 

func (id RoleID) String() string

type RoleName 

type RoleName string

func NewRoleName 

func NewRoleName(name string) (RoleName, error)

func (RoleName) String 

func (n RoleName) String() string

type RolesChanged 

type RolesChanged struct {
	Email string
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func NewService 

func NewService(broker event.Broker, repo ReadWriter, hasher Hasher, system string) (*Service, error)

func (*Service) ActivateTOTP 

func (s *Service) ActivateTOTP(ctx context.Context, guard ActivateTOTPGuard, userID string) error

func (*Service) ActivateUser 

func (s *Service) ActivateUser(ctx context.Context, guard ActivateUsersGuard, userID string) error

func (*Service) ApproveTOTPResetRequest 

func (s *Service) ApproveTOTPResetRequest(ctx context.Context, userID string) error

func (*Service) ChangePassword 

func (s *Service) ChangePassword(ctx context.Context, guard ChangePasswordGuard, userID, oldPassword, newPassword, newPasswordCheck string) error

func (*Service) ChangeRoles 

func (s *Service) ChangeRoles(ctx context.Context, guard ChangeRolesGuard, userID string, roleIDs, grants, denials []string) error

func (*Service) ChangeTOTPTel 

func (s *Service) ChangeTOTPTel(ctx context.Context, guard ChangeTOTPTelGuard, userID string, newTel string) error

func (*Service) CheckSignInThrottle 

func (s *Service) CheckSignInThrottle(attempts int, lastAttemptAt time.Time) error

func (*Service) ChoosePassword 

func (s *Service) ChoosePassword(ctx context.Context, guard ChoosePasswordGuard, userID string, newPassword, newPasswordCheck string) error

func (*Service) CreateRole 

func (s *Service) CreateRole(ctx context.Context, guard CreateRoleGuard, roleID, name, description string, permissions []string) error

func (*Service) DeleteRole 

func (s *Service) DeleteRole(ctx context.Context, guard DeleteRoleGuard, roleID string) error

func (*Service) DenyTOTPResetRequest 

func (s *Service) DenyTOTPResetRequest(ctx context.Context, userID string) error

func (*Service) DisableTOTP 

func (s *Service) DisableTOTP(ctx context.Context, guard DisableTOTPGuard, userID, password string) error

func (*Service) InviteUser 

func (s *Service) InviteUser(ctx context.Context, guard InviteUserGuard, email string) error

func (*Service) RegenerateRecoveryCodes 

func (s *Service) RegenerateRecoveryCodes(ctx context.Context, guard RegenerateRecoveryCodesGuard, userID, totp string) ([]string, error)

func (*Service) RequestTOTPReset 

func (s *Service) RequestTOTPReset(ctx context.Context, email string) error

func (*Service) ResetPassword 

func (s *Service) ResetPassword(ctx context.Context, guard ResetPasswordGuard, userID string, newPassword, newPasswordCheck string) error

func (*Service) ResetTOTP 

func (s *Service) ResetTOTP(ctx context.Context, guard ResetTOTPGuard, userID, password string) error

func (*Service) SetupTOTP 

func (s *Service) SetupTOTP(ctx context.Context, guard SetupTOTPGuard, userID string) error

func (*Service) SignInWithFacebook 

func (s *Service) SignInWithFacebook(ctx context.Context, email string, behaviour FacebookSignInBehaviour) (bool, error)

func (*Service) SignInWithGoogle 

func (s *Service) SignInWithGoogle(ctx context.Context, email string, behaviour GoogleSignInBehaviour) (bool, error)
func (s *Service) SignInWithMagicLink(ctx context.Context, email string, behaviour MagicLinkSignInBehaviour) (bool, error)

func (*Service) SignInWithPassword 

func (s *Service) SignInWithPassword(ctx context.Context, email, password string) error

func (*Service) SignInWithRecoveryCode 

func (s *Service) SignInWithRecoveryCode(ctx context.Context, userID, recoveryCode string) error

func (*Service) SignInWithTOTP 

func (s *Service) SignInWithTOTP(ctx context.Context, userID, totp string) error

func (*Service) SignUp 

func (s *Service) SignUp(ctx context.Context, email string) error

func (*Service) SignUpInitialUser 

func (s *Service) SignUpInitialUser(ctx context.Context, email, password, passwordCheck string, roleIDs []string) error

func (*Service) SuspendUser 

func (s *Service) SuspendUser(ctx context.Context, guard SuspendUsersGuard, userID, suspendedReason string) error

func (*Service) UnsuspendUser 

func (s *Service) UnsuspendUser(ctx context.Context, guard UnsuspendUsersGuard, userID string) error

func (*Service) UpdateRole 

func (s *Service) UpdateRole(ctx context.Context, guard UpdateRoleGuard, roleID, name, description string, permissions []string) error

func (*Service) VerifyTOTP 

func (s *Service) VerifyTOTP(ctx context.Context, guard VerifyTOTPGuard, userID, totp, totpMethod string) ([]string, error)

func (*Service) VerifyUser 

func (s *Service) VerifyUser(ctx context.Context, email, password, passwordCheck string, behaviour VerifyUserBehaviour) error

type SetupTOTPGuard 

type SetupTOTPGuard interface {
	CanSetupTOTP(userID string) bool
}

type SignInAttemptLog 

type SignInAttemptLog struct {
	aggregate.Root

	Email         string
	Attempts      int
	LastAttemptAt time.Time
}

type SignInThrottleError 

type SignInThrottleError struct {
	InLast   time.Duration
	Delay    time.Duration
	UnlockAt time.Time
	UnlockIn time.Duration
}

func (SignInThrottleError) Error 

func (t SignInThrottleError) Error() string

type SignedIn 

type SignedIn struct {
	Email  string
	System string
	Method string
}

type SignedUp 

type SignedUp struct {
	Email      string
	System     string
	Method     string
	IsVerified bool
}

type SuspendUsersGuard 

type SuspendUsersGuard interface {
	CanSuspendUsers() bool
}

type Suspended 

type Suspended struct {
	Email  string
	Reason string
}

type SuspendedReason 

type SuspendedReason string

func NewSuspendedReason 

func NewSuspendedReason(reason string) (SuspendedReason, error)

func (SuspendedReason) String 

func (s SuspendedReason) String() string

type SuspendedReasonChanged 

type SuspendedReasonChanged struct {
	Email  string
	Reason string
}

type TOTP 

type TOTP string

func NewTOTP 

func NewTOTP(totp string) (TOTP, error)

func (TOTP) String 

func (t TOTP) String() string

type TOTPDisabled 

type TOTPDisabled struct {
	Email string
}

type TOTPKey 

type TOTPKey struct {
	// contains filtered or unexported fields
}

func NewTOTPKey 

func NewTOTPKey(algorithm otp.Algorithm) (zero TOTPKey, _ error)

type TOTPMethod 

type TOTPMethod string
const (
	TOTPMethodNone TOTPMethod = ""
	TOTPMethodApp  TOTPMethod = "app"
	TOTPMethodSMS  TOTPMethod = "sms"
)

func NewTOTPMethod 

func NewTOTPMethod(method string) (TOTPMethod, error)

func (TOTPMethod) String 

func (t TOTPMethod) String() string

type TOTPReset 

type TOTPReset struct {
	Email string
}

type TOTPResetRequestApproved 

type TOTPResetRequestApproved struct {
	Email string
}

type TOTPResetRequestDenied 

type TOTPResetRequestDenied struct {
	Email string
}

type TOTPResetRequested 

type TOTPResetRequested struct {
	Email string
}

type TOTPTelChanged 

type TOTPTelChanged struct {
	Email  string
	OldTel string
	NewTel string
}

type Tel 

type Tel string

func NewTel 

func NewTel(tel string) (Tel, error)

func (Tel) String 

func (t Tel) String() string

type UnsuspendUsersGuard 

type UnsuspendUsersGuard interface {
	CanUnsuspendUsers() bool
}

type Unsuspended 

type Unsuspended struct {
	Email string
}

type UpdateRoleGuard 

type UpdateRoleGuard interface {
	CanUpdateRoles() bool
}

type User 

type User struct {
	aggregate.Root

	ID                      string
	Email                   string
	HashedPassword          []byte
	TOTPMethod              string
	TOTPTel                 string
	TOTPKey                 []byte
	TOTPAlgorithm           string
	TOTPDigits              int
	TOTPPeriod              time.Duration
	TOTPVerifiedAt          time.Time
	TOTPActivatedAt         time.Time
	TOTPResetRequestedAt    time.Time
	TOTPResetApprovedAt     time.Time
	InvitedAt               time.Time
	SignedUpAt              time.Time
	SignedUpSystem          string
	SignedUpMethod          string
	VerifiedAt              time.Time
	ActivatedAt             time.Time
	LastSignInAttemptAt     time.Time
	LastSignInAttemptSystem string
	LastSignInAttemptMethod string
	LastSignedInAt          time.Time
	LastSignedInSystem      string
	LastSignedInMethod      string
	SuspendedAt             time.Time
	SuspendedReason         string
	HashedRecoveryCodes     [][]byte
	Roles                   []*Role
	Grants                  []string
	Denials                 []string
}

func NewUser 

func NewUser(id UserID, email Email) *User

func (*User) Activate 

func (u *User) Activate() error

func (*User) ActivateTOTP 

func (u *User) ActivateTOTP() error

func (*User) ApproveTOTPResetRequest 

func (u *User) ApproveTOTPResetRequest() error

func (*User) ChangePassword 

func (u *User) ChangePassword(oldPassword, newPassword Password, hasher Hasher) error

func (*User) ChangeRoles 

func (u *User) ChangeRoles(roles []*Role, grants, denials []Permission)

func (*User) ChangeTOTPTel 

func (u *User) ChangeTOTPTel(newTel Tel) error

func (*User) ChoosePassword 

func (u *User) ChoosePassword(newPassword Password, hasher Hasher) error

func (*User) DenyTOTPResetRequest 

func (u *User) DenyTOTPResetRequest() error

func (*User) DisableTOTP 

func (u *User) DisableTOTP(password Password, hasher Hasher) error

func (*User) GenerateTOTP 

func (u *User) GenerateTOTP() (string, error)

func (*User) HasActivatedTOTP 

func (u *User) HasActivatedTOTP() bool

func (*User) HasSetupTOTP 

func (u *User) HasSetupTOTP() bool

func (*User) HasSignedIn 

func (u *User) HasSignedIn() bool

func (*User) HasVerifiedTOTP 

func (u *User) HasVerifiedTOTP() bool

func (*User) Invite 

func (u *User) Invite(system string) error

func (*User) IsActivated 

func (u *User) IsActivated() bool

func (*User) IsSuspended 

func (u *User) IsSuspended() bool

func (*User) IsVerified 

func (u *User) IsVerified() bool

func (*User) Permissions 

func (u *User) Permissions() []string

func (*User) RegenerateRecoveryCodes 

func (u *User) RegenerateRecoveryCodes(totp TOTP) ([]string, error)

func (*User) RequestTOTPReset 

func (u *User) RequestTOTPReset() error

func (*User) ResetPassword 

func (u *User) ResetPassword(newPassword Password, hasher Hasher) error

func (*User) ResetTOTP 

func (u *User) ResetTOTP(password Password, hasher Hasher) error

func (*User) SetupTOTP 

func (u *User) SetupTOTP() error

func (*User) SignInWithFacebook 

func (u *User) SignInWithFacebook(system string) error

func (*User) SignInWithGoogle 

func (u *User) SignInWithGoogle(system string) error
func (u *User) SignInWithMagicLink(system string) error

func (*User) SignInWithPassword 

func (u *User) SignInWithPassword(system string, password Password, hasher Hasher) (bool, error)

func (*User) SignInWithRecoveryCode 

func (u *User) SignInWithRecoveryCode(system string, code RecoveryCode) error

func (*User) SignInWithTOTP 

func (u *User) SignInWithTOTP(system string, totp TOTP) error

func (*User) SignUp 

func (u *User) SignUp(system string)

func (*User) SignUpAsInitialUser 

func (u *User) SignUpAsInitialUser(system string, roles []*Role, password Password, hasher Hasher) error

func (*User) SignUpWithFacebook 

func (u *User) SignUpWithFacebook(system string)

func (*User) SignUpWithGoogle 

func (u *User) SignUpWithGoogle(system string)
func (u *User) SignUpWithMagicLink(system string)

func (*User) Suspend 

func (u *User) Suspend(reason SuspendedReason)

func (*User) Unsuspend 

func (u *User) Unsuspend()

func (*User) Verify 

func (u *User) Verify(password Password, hasher Hasher) error

func (*User) VerifyTOTP 

func (u *User) VerifyTOTP(totp TOTP, method TOTPMethod) ([]string, error)

type UserFilter 

type UserFilter struct {
	ID     *string
	Email  *string
	Search *string
	RoleID *string

	SortTopID string
	Sorts     []string

	Limit  int
	Offset int
}

type UserID 

type UserID string

func (UserID) String 

func (id UserID) String() string

type Verified 

type Verified struct {
	Email string
}

type VerifyTOTPGuard 

type VerifyTOTPGuard interface {
	CanVerifyTOTP(userID string) bool
}

type VerifyUserBehaviour 

type VerifyUserBehaviour byte
const (
	VerifyUserOnly VerifyUserBehaviour = iota
	VerifyUserActivate
)

type Writer 

type Writer interface {
	AddRole(ctx context.Context, role *Role) error
	SaveRole(ctx context.Context, role *Role) error
	RemoveRole(ctx context.Context, roleID string) error

	AddUser(ctx context.Context, user *User) error
	SaveUser(ctx context.Context, user *User) error

	SaveSignInAttemptLog(ctx context.Context, log *SignInAttemptLog) error
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.