Documentation ¶
Index ¶
- Constants
- Variables
- func TestRepo(ctx context.Context, t *testing.T, newRepo func() ReadWriter)
- type ActivateTOTPGuard
- type ActivateUsersGuard
- type Activated
- type AlreadySignedUp
- type ChangePasswordGuard
- type ChangeRolesGuard
- type ChangeTOTPTelGuard
- type ChoosePasswordGuard
- type CreateRoleGuard
- type DeleteRoleGuard
- type DisableTOTPGuard
- type Email
- type FacebookSignInBehaviour
- type GoogleSignInBehaviour
- type Hasher
- type InitialUserSignedUp
- type InviteUserGuard
- type Invited
- type MagicLinkSignInBehaviour
- type Password
- type PasswordChanged
- type PasswordChosen
- type PasswordReset
- type Permission
- type ReadWriter
- type Reader
- type RecoveryCode
- type RecoveryCodesRegenerated
- type RegenerateRecoveryCodesGuard
- type ResetPasswordGuard
- type ResetTOTPGuard
- type Role
- type RoleDesc
- type RoleFilter
- type RoleID
- type RoleName
- type RolesChanged
- type Service
- func (s *Service) ActivateTOTP(ctx context.Context, guard ActivateTOTPGuard, userID string) error
- func (s *Service) ActivateUser(ctx context.Context, guard ActivateUsersGuard, userID string) error
- func (s *Service) ApproveTOTPResetRequest(ctx context.Context, userID string) error
- func (s *Service) ChangePassword(ctx context.Context, guard ChangePasswordGuard, ...) error
- func (s *Service) ChangeRoles(ctx context.Context, guard ChangeRolesGuard, userID string, ...) error
- func (s *Service) ChangeTOTPTel(ctx context.Context, guard ChangeTOTPTelGuard, userID string, newTel string) error
- func (s *Service) CheckSignInThrottle(attempts int, lastAttemptAt time.Time) error
- func (s *Service) ChoosePassword(ctx context.Context, guard ChoosePasswordGuard, userID string, ...) error
- func (s *Service) CreateRole(ctx context.Context, guard CreateRoleGuard, roleID, name, description string, ...) error
- func (s *Service) DeleteRole(ctx context.Context, guard DeleteRoleGuard, roleID string) error
- func (s *Service) DenyTOTPResetRequest(ctx context.Context, userID string) error
- func (s *Service) DisableTOTP(ctx context.Context, guard DisableTOTPGuard, userID, password string) error
- func (s *Service) InviteUser(ctx context.Context, guard InviteUserGuard, email string) error
- func (s *Service) RegenerateRecoveryCodes(ctx context.Context, guard RegenerateRecoveryCodesGuard, userID, totp string) ([]string, error)
- func (s *Service) RequestTOTPReset(ctx context.Context, email string) error
- func (s *Service) ResetPassword(ctx context.Context, guard ResetPasswordGuard, userID string, ...) error
- func (s *Service) ResetTOTP(ctx context.Context, guard ResetTOTPGuard, userID, password string) error
- func (s *Service) SetupTOTP(ctx context.Context, guard SetupTOTPGuard, userID string) error
- func (s *Service) SignInWithFacebook(ctx context.Context, email string, behaviour FacebookSignInBehaviour) (bool, error)
- func (s *Service) SignInWithGoogle(ctx context.Context, email string, behaviour GoogleSignInBehaviour) (bool, error)
- func (s *Service) SignInWithMagicLink(ctx context.Context, email string, behaviour MagicLinkSignInBehaviour) (bool, error)
- func (s *Service) SignInWithPassword(ctx context.Context, email, password string) error
- func (s *Service) SignInWithRecoveryCode(ctx context.Context, userID, recoveryCode string) error
- func (s *Service) SignInWithTOTP(ctx context.Context, userID, totp string) error
- func (s *Service) SignUp(ctx context.Context, email string) error
- func (s *Service) SignUpInitialUser(ctx context.Context, email, password, passwordCheck string, roleIDs []string) error
- func (s *Service) SuspendUser(ctx context.Context, guard SuspendUsersGuard, userID, suspendedReason string) error
- func (s *Service) UnsuspendUser(ctx context.Context, guard UnsuspendUsersGuard, userID string) error
- func (s *Service) UpdateRole(ctx context.Context, guard UpdateRoleGuard, roleID, name, description string, ...) error
- func (s *Service) VerifyTOTP(ctx context.Context, guard VerifyTOTPGuard, userID, totp, totpMethod string) ([]string, error)
- func (s *Service) VerifyUser(ctx context.Context, email, password, passwordCheck string, ...) error
- type SetupTOTPGuard
- type SignInAttemptLog
- type SignInThrottleError
- type SignedIn
- type SignedUp
- type SuspendUsersGuard
- type Suspended
- type SuspendedReason
- type SuspendedReasonChanged
- type TOTP
- type TOTPDisabled
- type TOTPKey
- type TOTPMethod
- type TOTPReset
- type TOTPResetRequestApproved
- type TOTPResetRequestDenied
- type TOTPResetRequested
- type TOTPTelChanged
- type Tel
- type UnsuspendUsersGuard
- type Unsuspended
- type UpdateRoleGuard
- type User
- func (u *User) Activate() error
- func (u *User) ActivateTOTP() error
- func (u *User) ApproveTOTPResetRequest() error
- func (u *User) ChangePassword(oldPassword, newPassword Password, hasher Hasher) error
- func (u *User) ChangeRoles(roles []*Role, grants, denials []Permission)
- func (u *User) ChangeTOTPTel(newTel Tel) error
- func (u *User) ChoosePassword(newPassword Password, hasher Hasher) error
- func (u *User) DenyTOTPResetRequest() error
- func (u *User) DisableTOTP(password Password, hasher Hasher) error
- func (u *User) GenerateTOTP() (string, error)
- func (u *User) HasActivatedTOTP() bool
- func (u *User) HasSetupTOTP() bool
- func (u *User) HasSignedIn() bool
- func (u *User) HasVerifiedTOTP() bool
- func (u *User) Invite(system string) error
- func (u *User) IsActivated() bool
- func (u *User) IsSuspended() bool
- func (u *User) IsVerified() bool
- func (u *User) Permissions() []string
- func (u *User) RegenerateRecoveryCodes(totp TOTP) ([]string, error)
- func (u *User) RequestTOTPReset() error
- func (u *User) ResetPassword(newPassword Password, hasher Hasher) error
- func (u *User) ResetTOTP(password Password, hasher Hasher) error
- func (u *User) SetupTOTP() error
- func (u *User) SignInWithFacebook(system string) error
- func (u *User) SignInWithGoogle(system string) error
- func (u *User) SignInWithMagicLink(system string) error
- func (u *User) SignInWithPassword(system string, password Password, hasher Hasher) (bool, error)
- func (u *User) SignInWithRecoveryCode(system string, code RecoveryCode) error
- func (u *User) SignInWithTOTP(system string, totp TOTP) error
- func (u *User) SignUp(system string)
- func (u *User) SignUpAsInitialUser(system string, roles []*Role, password Password, hasher Hasher) error
- func (u *User) SignUpWithFacebook(system string)
- func (u *User) SignUpWithGoogle(system string)
- func (u *User) SignUpWithMagicLink(system string)
- func (u *User) Suspend(reason SuspendedReason)
- func (u *User) Unsuspend()
- func (u *User) Verify(password Password, hasher Hasher) error
- func (u *User) VerifyTOTP(totp TOTP, method TOTPMethod) ([]string, error)
- type UserFilter
- type UserID
- type Verified
- type VerifyTOTPGuard
- type VerifyUserBehaviour
- type Writer
Constants ¶
View Source
const ( MaxFreeSignInAttempts = 3 MaxSignInThrottleDelay = app.SignInThrottleTTL / 2 )
View Source
const ( SignInMethodNone = "" SignInMethodPassword = "password" SignInMethodMagicLink = "magic link" SignInMethodGoogle = "google" SignInMethodFacebook = "facebook" )
View Source
const ( SignUpMethodNone = "" SignUpMethodSystemSetup = "system setup" SignUpMethodWebForm = "web form" SignUpMethodMagicLink = "magic link" SignUpMethodGoogle = "google" SignUpMethodFacebook = "facebook" SignUpMethodInvite = "invite" )
Variables ¶
View Source
var ( ErrNotVerified = errors.New("account is not verified") ErrNotActivated = errors.New("account is not activated") ErrSuspended = errors.New("account is suspended") ErrInvalidPassword = errors.New("invalid password") )
View Source
var ErrAuth = errors.New("auth")
View Source
var ErrFacebookSignUpDisabled = errors.New("Facebook sign up disabled")
View Source
var ErrGoogleSignUpDisabled = errors.New("Google sign up disabled")
View Source
var ErrMagicLinkSignUpDisabled = errors.New("magic link sign up disabled")
View Source
var ErrSignInThrottled = errors.New("sign in throttled")
Functions ¶
Types ¶
type ActivateTOTPGuard ¶
type ActivateUsersGuard ¶
type ActivateUsersGuard interface {
CanActivateUsers() bool
}
type AlreadySignedUp ¶
type ChangePasswordGuard ¶
type ChangeRolesGuard ¶
type ChangeTOTPTelGuard ¶
type ChoosePasswordGuard ¶
type CreateRoleGuard ¶
type CreateRoleGuard interface {
CanCreateRoles() bool
}
type DeleteRoleGuard ¶
type DeleteRoleGuard interface {
CanDeleteRoles() bool
}
type DisableTOTPGuard ¶
type FacebookSignInBehaviour ¶
type FacebookSignInBehaviour byte
const ( FacebookSignInOnly FacebookSignInBehaviour = iota FacebookAllowSignUp FacebookAllowSignUpActivate )
type GoogleSignInBehaviour ¶
type GoogleSignInBehaviour byte
const ( GoogleSignInOnly GoogleSignInBehaviour = iota GoogleAllowSignUp GoogleAllowSignUpActivate )
type InitialUserSignedUp ¶
type InviteUserGuard ¶
type InviteUserGuard interface {
CanInviteUsers() bool
}
type MagicLinkSignInBehaviour ¶
type MagicLinkSignInBehaviour byte
const ( MagicLinkSignInOnly MagicLinkSignInBehaviour = iota MagicLinkAllowSignUp MagicLinkAllowSignUpActivate )
type Password ¶
type Password struct {
// contains filtered or unexported fields
}
func NewPassword ¶
type PasswordChanged ¶
type PasswordChanged struct {
Email string
}
type PasswordChosen ¶
type PasswordChosen struct {
Email string
}
type PasswordReset ¶
type PasswordReset struct {
Email string
}
type Permission ¶
type Permission string
func NewPermission ¶
func NewPermission(name string) (Permission, error)
func (Permission) String ¶
func (n Permission) String() string
type ReadWriter ¶
type Reader ¶
type Reader interface { NextRoleID(ctx context.Context) (RoleID, error) ParseRoleID(str string) (RoleID, error) FindRoleByID(ctx context.Context, id string) (*Role, error) NextUserID(ctx context.Context) (UserID, error) ParseUserID(str string) (UserID, error) CountUsers(ctx context.Context) (int, error) FindUserByID(ctx context.Context, id string) (*User, error) FindUserByEmail(ctx context.Context, email string) (*User, error) FindSignInAttemptLogByEmail(ctx context.Context, email string) (*SignInAttemptLog, error) }
type RecoveryCode ¶
type RecoveryCode string
func NewRandomRecoveryCode ¶
func NewRandomRecoveryCode() (RecoveryCode, error)
func NewRecoveryCode ¶
func NewRecoveryCode(code string) (RecoveryCode, error)
func (RecoveryCode) EqualHash ¶
func (c RecoveryCode) EqualHash(rhs []byte) bool
func (RecoveryCode) String ¶
func (c RecoveryCode) String() string
type RecoveryCodesRegenerated ¶
type RecoveryCodesRegenerated struct {
Email string
}
type ResetPasswordGuard ¶
type ResetTOTPGuard ¶
type RoleFilter ¶
type RolesChanged ¶
type RolesChanged struct {
Email string
}
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
func NewService ¶
func (*Service) ActivateTOTP ¶
func (*Service) ActivateUser ¶
func (*Service) ApproveTOTPResetRequest ¶
func (*Service) ChangePassword ¶
func (*Service) ChangeRoles ¶
func (*Service) ChangeTOTPTel ¶
func (*Service) CheckSignInThrottle ¶
func (*Service) ChoosePassword ¶
func (*Service) CreateRole ¶
func (*Service) DeleteRole ¶
func (*Service) DenyTOTPResetRequest ¶
func (*Service) DisableTOTP ¶
func (*Service) InviteUser ¶
func (*Service) RegenerateRecoveryCodes ¶
func (*Service) RequestTOTPReset ¶
func (*Service) ResetPassword ¶
func (*Service) SignInWithFacebook ¶
func (*Service) SignInWithGoogle ¶
func (*Service) SignInWithMagicLink ¶
func (*Service) SignInWithPassword ¶
func (*Service) SignInWithRecoveryCode ¶
func (*Service) SignInWithTOTP ¶
func (*Service) SignUpInitialUser ¶
func (*Service) SuspendUser ¶
func (*Service) UnsuspendUser ¶
func (*Service) UpdateRole ¶
func (*Service) VerifyTOTP ¶
func (*Service) VerifyUser ¶
type SetupTOTPGuard ¶
type SignInAttemptLog ¶
type SignInThrottleError ¶
type SignInThrottleError struct { InLast time.Duration Delay time.Duration UnlockAt time.Time UnlockIn time.Duration }
func (SignInThrottleError) Error ¶
func (t SignInThrottleError) Error() string
type SuspendUsersGuard ¶
type SuspendUsersGuard interface {
CanSuspendUsers() bool
}
type SuspendedReason ¶
type SuspendedReason string
func NewSuspendedReason ¶
func NewSuspendedReason(reason string) (SuspendedReason, error)
func (SuspendedReason) String ¶
func (s SuspendedReason) String() string
type SuspendedReasonChanged ¶
type TOTPDisabled ¶
type TOTPDisabled struct {
Email string
}
type TOTPMethod ¶
type TOTPMethod string
const ( TOTPMethodNone TOTPMethod = "" TOTPMethodApp TOTPMethod = "app" TOTPMethodSMS TOTPMethod = "sms" )
func NewTOTPMethod ¶
func NewTOTPMethod(method string) (TOTPMethod, error)
func (TOTPMethod) String ¶
func (t TOTPMethod) String() string
type TOTPResetRequestApproved ¶
type TOTPResetRequestApproved struct {
Email string
}
type TOTPResetRequestDenied ¶
type TOTPResetRequestDenied struct {
Email string
}
type TOTPResetRequested ¶
type TOTPResetRequested struct {
Email string
}
type TOTPTelChanged ¶
type UnsuspendUsersGuard ¶
type UnsuspendUsersGuard interface {
CanUnsuspendUsers() bool
}
type Unsuspended ¶
type Unsuspended struct {
Email string
}
type UpdateRoleGuard ¶
type UpdateRoleGuard interface {
CanUpdateRoles() bool
}
type User ¶
type User struct { aggregate.Root ID string Email string HashedPassword []byte TOTPMethod string TOTPTel string TOTPKey []byte TOTPAlgorithm string TOTPDigits int TOTPPeriod time.Duration TOTPVerifiedAt time.Time TOTPActivatedAt time.Time TOTPResetRequestedAt time.Time TOTPResetApprovedAt time.Time InvitedAt time.Time SignedUpAt time.Time SignedUpSystem string SignedUpMethod string VerifiedAt time.Time ActivatedAt time.Time LastSignInAttemptAt time.Time LastSignInAttemptSystem string LastSignInAttemptMethod string LastSignedInAt time.Time LastSignedInSystem string LastSignedInMethod string SuspendedAt time.Time SuspendedReason string HashedRecoveryCodes [][]byte Roles []*Role Grants []string Denials []string }
func (*User) ActivateTOTP ¶
func (*User) ApproveTOTPResetRequest ¶
func (*User) ChangePassword ¶
func (*User) ChangeRoles ¶
func (u *User) ChangeRoles(roles []*Role, grants, denials []Permission)
func (*User) ChangeTOTPTel ¶
func (*User) ChoosePassword ¶
func (*User) DenyTOTPResetRequest ¶
func (*User) GenerateTOTP ¶
func (*User) HasActivatedTOTP ¶
func (*User) HasSetupTOTP ¶
func (*User) HasSignedIn ¶
func (*User) HasVerifiedTOTP ¶
func (*User) IsActivated ¶
func (*User) IsSuspended ¶
func (*User) IsVerified ¶
func (*User) Permissions ¶
func (*User) RegenerateRecoveryCodes ¶
func (*User) RequestTOTPReset ¶
func (*User) ResetPassword ¶
func (*User) SignInWithFacebook ¶
func (*User) SignInWithGoogle ¶
func (*User) SignInWithMagicLink ¶
func (*User) SignInWithPassword ¶
func (*User) SignInWithRecoveryCode ¶
func (u *User) SignInWithRecoveryCode(system string, code RecoveryCode) error
func (*User) SignUpAsInitialUser ¶
func (*User) SignUpWithFacebook ¶
func (*User) SignUpWithGoogle ¶
func (*User) SignUpWithMagicLink ¶
func (*User) Suspend ¶
func (u *User) Suspend(reason SuspendedReason)
func (*User) VerifyTOTP ¶
func (u *User) VerifyTOTP(totp TOTP, method TOTPMethod) ([]string, error)
type UserFilter ¶
type VerifyTOTPGuard ¶
type VerifyUserBehaviour ¶
type VerifyUserBehaviour byte
const ( VerifyUserOnly VerifyUserBehaviour = iota VerifyUserActivate )
type Writer ¶
type Writer interface { AddRole(ctx context.Context, role *Role) error SaveRole(ctx context.Context, role *Role) error RemoveRole(ctx context.Context, roleID string) error AddUser(ctx context.Context, user *User) error SaveUser(ctx context.Context, user *User) error SaveSignInAttemptLog(ctx context.Context, log *SignInAttemptLog) error }
Source Files ¶
- activate_totp.go
- activate_user.go
- approve_totp_reset_request.go
- change_password.go
- change_roles.go
- change_totp_telephone.go
- choose_password.go
- create_role.go
- delete_role.go
- deny_totp_reset_request.go
- disable_totp.go
- email.go
- events.go
- invite_user.go
- password.go
- permission.go
- recovery_code.go
- regen_recovery_codes.go
- repo.go
- request_totp_reset.go
- reset_password.go
- reset_totp.go
- role.go
- role_desc.go
- role_name.go
- service.go
- setup_totp.go
- sign_in_attempt_log.go
- sign_in_facebook.go
- sign_in_google.go
- sign_in_magic_link.go
- sign_in_password.go
- sign_in_recovery_code.go
- sign_in_totp.go
- sign_up.go
- sign_up_initial_user.go
- suspend.go
- suspend_reason.go
- tel.go
- totp.go
- totp_key.go
- totp_method.go
- unsuspend.go
- update_role.go
- user.go
- verify_totp.go
- verify_user.go
Click to show internal directories.
Click to hide internal directories.