jwt_auth

package
v1.0.56 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 17, 2024 License: MIT Imports: 45 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrHttpStatusInternalServerError = errors.New("Internal Server Error")
View Source
var GinSetupTable = []GinLoginType{

	{Method: "POST", Path: "/api/v1/auth/login", Fx: authHandleLogin, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/xlogin/:seid", Fx: authHandleLogin, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/register", Fx: authHandleRegister, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/register-client-admin", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/register-using-auth-token", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall},

	{Method: "POST", Path: "/api/v1/auth/create-user-admin", Fx: authHandleRegister, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/validate-2fa-token", Fx: authHandleValidate2faToken, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/auth/email-confirm", Fx: authHandlerEmailConfirm, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/validate-email-confirm", Fx: authHandlerValidateEmailConfirm, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/recover-password-01-setup", Fx: authHandleRecoverPassword01Setup, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/auth/recover-password-01-setup", Fx: authHandleRecoverPassword01Setup, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/recover-password-02-fetch-info", Fx: authHandleRecoverPassword02FetchInfo, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/auth/recover-password-02-fetch-info", Fx: authHandleRecoverPassword02FetchInfo, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/recover-password-03-set-password", Fx: authHandleRecoverPassword03SetPassword, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/auth/no-login-status", Fx: authHandleNoLoginStatus, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/no-login-status", Fx: authHandleNoLoginStatus, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/auth/2fa-has-been-setup", Fx: authHandle2faHasBeenSetup, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/auth/email-has-been-validated", Fx: authHandleEmailHasBeenSetup, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/auth/acct-status", Fx: authHandleAcctHasBeenSetup, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/id.json", Fx: loginTrackingJsonHandler, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/set-debug-flag", Fx: authHandlerSetDebugFlag, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/resend-registration-email", Fx: authHandleResendRegistrationEmail, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/auth/setup.js", Fx: authHandlerGetXsrfIdFile, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/auth/setup", Fx: authHandlerGetXsrfIdFileJSON, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/generate-qr-for-secret", Fx: authHandleGenerateQRForSecret, UseLogin: PublicApiCall},
	{Method: "GET", Path: "/api/v1/auth/requires-2fa", Fx: authHandlerRequires2fa, UseLogin: PublicApiCall},
	{Method: "POST", Path: "/api/v1/auth/requires-2fa", Fx: authHandlerRequires2fa, UseLogin: PublicApiCall},

	{Method: "GET", Path: "/api/v1/auth/logout", Fx: authHandleLogout, UseLogin: LoginOptional},
	{Method: "POST", Path: "/api/v1/auth/logout", Fx: authHandleLogout, UseLogin: LoginOptional},

	{Method: "POST", Path: "/api/v1/auth/login-status", Fx: authHandleLoginStatus, UseLogin: LoginRequired},
	{Method: "GET", Path: "/api/v1/auth/login-status", Fx: authHandleLoginStatus, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/change-password", Fx: authHandleChangePassword, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/delete-acct", Fx: authHandleDeleteAccount, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/regen-otp", Fx: authHandleRegenOTP, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/register-un-pw", Fx: authHandleRegisterUnPw, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/register-token", Fx: authHandleRegisterToken, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/change-email-address", Fx: authHandleChangeEmailAddress, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/change-account-info", Fx: authHandleChangeAccountInfo, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/change-password-admin", Fx: authHandleChangePasswordAdmin, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/refresh-token", Fx: authHandleRefreshToken, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/validate-token", Fx: authHandleValidateToken, UseLogin: LoginRequired},
	{Method: "GET", Path: "/api/v1/auth/get-user-config", Fx: authHandleGetUserConfig, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/get-user-config", Fx: authHandleGetUserConfig, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/set-user-config", Fx: authHandleSetUserConfig, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/create-client", Fx: authHandleCreateClient, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/create-registration-token", Fx: authHandleCreateRegistrationToken, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/get-registration-token", Fx: authHandleGetRegistrationToken, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/auth-token-delete-admin", Fx: authHandleAuthTokenDeleteAdmin, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/get-acct-state", Fx: authHandlerGetAcctState, UseLogin: LoginRequired},
	{Method: "POST", Path: "/api/v1/auth/update-acct-state", Fx: authHandlerUpdateAcctState, UseLogin: LoginRequired},
}
View Source
var PrivilegedNames = []string{"__is_logged_in__", "__user_id__", "__auth_token__", "__privs__", "__privs_map__", "__jwt_token__", "__email_hmac_password__", "__user_password__", "__client_id__"}
View Source
var XDbOn = make(map[string]bool)
View Source
var XDbOnLock = sync.RWMutex{}

Functions

func AppendOneToSecurityTable

func AppendOneToSecurityTable(method, path string, fx func(c *gin.Context), useLogin LoginType)

func AppendStructToZapLog

func AppendStructToZapLog(fields []zapcore.Field, input interface{}) []zapcore.Field

------------------------------------------------------------------------------------------------------------------------- fields = AppendStructToZapLog ( fields, rvStatus ) fields := []zapcore.Field{

func AppendToSecurityTable

func AppendToSecurityTable(x ...GinLoginType)

-------------------------------------------------------------------------------------------------------------------------

func BindFormOrJSON

func BindFormOrJSON(c *gin.Context, bindTo interface{}) (err error)

func BindFormOrJSONOptional

func BindFormOrJSONOptional(c *gin.Context, bindTo interface{}) (err error)

func CallDatabaseFunction added in v1.0.30

func CallDatabaseFunction(c *gin.Context, out interface{}, fCall string, encPat string, data ...interface{}) (err error)

CallDatabaseFunction will call the named function with output data placed in 'out'. 'out' is the address of a data type suitable to be passed to json.Unmarshal to decode the data.

func CallDatabaseJSONFunction

func CallDatabaseJSONFunction(c *gin.Context, fCall string, encPat string, data ...interface{}) (rv string, err error)

func CallDatabaseJSONFunctionNoErr

func CallDatabaseJSONFunctionNoErr(c *gin.Context, fCall string, encPat string, data ...interface{}) (rv string, err error)

func CheckTmpAuthToken added in v1.0.20

func CheckTmpAuthToken(c *gin.Context, AToken string) (UserId, AuthToken string, err error)

func Confirm2faSetupAccount

func Confirm2faSetupAccount(c *gin.Context, UserId string)

-------------------------------------------------------------------------------------------------------------------------

func ConfirmEmailAccount

func ConfirmEmailAccount(c *gin.Context, EmailVerifyToken string) (rv, stmt string, err error)

-------------------------------------------------------------------------------------------------------------------------

ConfirmEmailAccount uses the token to lookup a user and confirms that the email that received the token is real.

func ConnectToDb

func ConnectToDb()

func ConvPrivs

func ConvPrivs(perReqLog *os.File, Privileges string) (rv string, mr map[string]bool)

Input : [{"priv_name":"May Change Password"}, {"priv_name":"May Password"}] Outupt : {"May Change Password":true, "May Password":true}

func ConvPrivs2

func ConvPrivs2(perReqLog *os.File, Privileges []string) (rv string, mr map[string]bool)

Input : ["May Change Password", "May Do Whatever"] Outupt : {"May Change Password":true, "May Do Whatever":true}

func CookieHeaderAuthMiddleware

func CookieHeaderAuthMiddleware(ginSetupTable []GinLoginType) gin.HandlerFunc

func CreateJWTSignedCookie

func CreateJWTSignedCookie(c *gin.Context, DBAuthToken, email_addr, NoCookie string) (rv string, err error)

func CreateJWTSignedCookieNoErr

func CreateJWTSignedCookieNoErr(c *gin.Context, DBAuthToken, email_addr string) (rv string, err error)

func CreateTmpAuthToken added in v1.0.20

func CreateTmpAuthToken(c *gin.Context, UserId string) (AToken string, err error)

func DecryptText

func DecryptText(key, text []byte) ([]byte, error)

func DisConnectToDb

func DisConnectToDb()

DisConnectToDb() closes connection to databse.

func DumpParamsToLog

func DumpParamsToLog(when string, c *gin.Context)

func EmptyDflt

func EmptyDflt(s, d string) string

EmptyDflt if s is empty, then return d. Creates a default value for parametrs

func EncryptText

func EncryptText(key, text []byte) ([]byte, error)

func EncryptTextIndexable

func EncryptTextIndexable(key, xiv, text []byte) ([]byte, error)

func EncryptTextToB64

func EncryptTextToB64(key, text []byte) string

func EncryptTextToB64Indexable

func EncryptTextToB64Indexable(key, iv, text []byte) string

func GenUUID

func GenUUID() string

GenUUID generates a UUID and returns it.

func GenerateSecret

func GenerateSecret() string

-------------------------------------------------------------------------------------------------------------------------

func GetAuthToken

func GetAuthToken(c *gin.Context) (UserId, Email, AuthToken string)

func GetMapKeys

func GetMapKeys[K comparable, V any](m map[K]V) []K

GetMapKeys Get all the keys from any typed map. (generic)

func GetUserId

func GetUserId(c *gin.Context) (UserId string, err error)

GetUserId will return a UserID - if the user is currently logged in then it is from __user_id__ in the context. If the user is not logged in then 0 will be returned.

func GinInitAuthPaths

func GinInitAuthPaths(router *gin.Engine)

-------------------------------------------------------------------------------------------------------------------------

func HasCookie

func HasCookie(cookieName string, c *gin.Context) (has bool, val string)

HasCookie returns true, `has` and a value if the cookie exists. If not then it returns false.

func HeaderFingerprint

func HeaderFingerprint(c *gin.Context) (hashOfHeaders string)

------------------------------------------------------------------------------------------------------------------------- HeaderFingerprint takes a set of headers and hashes the set strings and returns it.

  1. Add in server-side hash of headers on login to validate For added security our server keeps track of the browser fingerprint. At the moment we use the following headers: HTTP_ACCEPT_* headers HTTP_USER_AGENT

    There are a few HTTP headers which can be used to create a fingerprint about a user. Here are some of the main ones:

    User-Agent provides information about the browser and its operating system (including its versions). Accept tells the server what content types the browser can render and send, and Content-Encoding provides data about the content compression. Content-Language and Accept-Language both indicate the user's (and browser's) preferred language.

func IsLoggedIn

func IsLoggedIn(c *gin.Context) (ItIs bool)

------------------------------------------------------------------------------------------------------------------------- IsLoggedIn returns true if the user is currently logged in or if the user can be logged in. The login can be determined with a cookie or an berrer auth token. This call has side-effects - it will add authentication information to the context like, __is_logged_in__. See GetAuthToken().

This is the fucntion to call to login a user.

func IsTLS

func IsTLS(c *gin.Context) bool

func IsXDBOn

func IsXDBOn(name string) (b bool)

func LogJsonReturned

func LogJsonReturned(perReqLog *os.File, x interface{}) interface{}

func MintQRPng

func MintQRPng(c *gin.Context, InputString string) (qrurl string)

-------------------------------------------------------------------------------------------------------------------------

func ParseBool

func ParseBool(s string) (b bool)

ParseBool convers a string to bool based on the table of trueValues.

func ReadJson

func ReadJson(fn string, x interface{}) (err error)

ReadJson read in a JSON file into a go data structure.

func RedisBrodcast added in v1.0.43

func RedisBrodcast(AuthToken string, data string)

func RedisCacheAuthTokens added in v1.0.46

func RedisCacheAuthTokens(AuthToken, UserdataPassword string, v2 []*SQLUserIdPrivsType, perReqLog *os.File)

func ResetLogFile added in v1.0.40

func ResetLogFile(newFp *os.File)

func RmExt

func RmExt(filename string) string

RmExt removes the extenstion from a file name if it exits. if filename is "bc.js", then "bc" will be retuend.

func SVar

func SVar(v interface{}) string

SVar return the JSON encoded version of the data.

func SVarI

func SVarI(v interface{}) string

SVarI return the JSON encoded version of the data with tab indentation.

func SaveState

func SaveState(cookieValue string, UserId string, c *gin.Context) (err error)

-------------------------------------------------------------------------------------------------------------------------

func SelectString

func SelectString(c *gin.Context, stmt string, encPat string, data ...interface{}) (rv string, err error)

func SetCookie

func SetCookie(cookieName, cookieValue string, c *gin.Context)

SetCookie sets the header to create a cookie. If using TLS then this will be a secure HTTP-Only cookie.

func SetDefaultRunner

func SetDefaultRunner()

func SetInsecureCookie

func SetInsecureCookie(cookieName, cookieValue string, c *gin.Context)

func SetJsonHdr

func SetJsonHdr(c *gin.Context)

SetJsonHdr will set a content-type header to "application/json; charset=utf-8"

func SetupConnectToJwtAuth

func SetupConnectToJwtAuth(xctx context.Context, xconn *pgxpool.Pool, gcfg *data.BaseConfigType, acfg *data.AppConfig, qcfg *data.QRConfig, log *os.File, xem email.EmailSender, lgr *zap.Logger, xmd *metrics.MetricsData, xrdb *redis.Client)

func SetupNewInstall

func SetupNewInstall() (err error)

SetupNewInstall should be called once to setup the database using the encryption keys. This function will call "q_auth_v1_setup_startup_one_time" with the keys and create a single row that is encrypted. The row is used to validate that you do not start an applicaiton with an invalid set of keys. Running with incorrect keys will result in a split-brain database.

func SortSlice

func SortSlice[T constraints.Ordered](s []T)

SortSlice will Sort a slice of any type. (generic)

func SortedMapKeys

func SortedMapKeys[K constraints.Ordered, V any](m map[K]V) []K

SortMapKeys will sort the keys on a map and return a slice of sorted keys (generic)

func SqlRunStmt

func SqlRunStmt(c *gin.Context, stmt string, encPat string, data ...interface{}) (rv []map[string]interface{}, err error)

-------------------------------------------------------------------------------------------------------------------------

func StatusSuccess

func StatusSuccess(s string, c *gin.Context) string

StatusSuccess prepends to a JSON return value with a status:success. This will also set the "Content-Type" to "application/json; charset=utf-8".

func TestSendEmail

func TestSendEmail(SendTestEmail, SendTestEmailTemplateToRun, AdditionalData string)

func TokenAuthMiddleware

func TokenAuthMiddleware() gin.HandlerFunc

func UrlEscapePeriod added in v1.0.41

func UrlEscapePeriod(s string) (rv string)

func UrlGetServer

func UrlGetServer(s string) (rv string, err error)

func loginTrackingGifHandler(c *gin.Context) {

output, _ := base64.StdEncoding.DecodeString(base64GifPixel)
// output_len = len(output)
var newId string

inm := c.Request.Header.Get("If-None-Match")
dbgo.Printf("%(Yellow)Header Tags: %(Green)If-None-Match ->%s<- at:%(LF)\n", inm)
if inm != "" {
	dbgo.Printf("At:%(LF)\n")
	// RFC 7232 section 4.1:
	// a sender SHOULD NOT generate representation metadata other than the
	// above listed fields unless said metadata exists for the purpose of
	// guiding cache updates (e.g., Last-Modified might be useful if the
	// response does not have an ETag field).

	if inm != "" {
		dbgo.Printf("At:%(LF) ---------- if none match ------------\n")
		dbgo.Fprintf(os.Stderr, "ETag(If-None-Match): %s previous\n", inm)
		newId = GenUUID()
		stmt := "q_auth_v1_etag_seen ( $1, $2, $3, $4 )"
		rv, e0 := CallDatabaseJSONFunction(c, stmt, "..!!", newId, inm, aCfg.EncryptionPassword, aCfg.UserdataPassword)
		if e0 != nil {
			dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF), err:%s\n", e0)
			goto gen
		}

		// File: /Users/philip/go/src/github.com/pschlump/qr_svr2/gin-upload/jwt_auth/clear_gif.go LineNo:58:
		// rv={"status":"success", "user_id":"", "id":"8343616b-d8be-48d4-787c-f69ce98c7aa0"}
		dbgo.Fprintf(os.Stderr, "%(cyan)%(LF): rv=%s\n", rv)
		type rvEtagData struct {
			Status string `json:"status"`
			UserId int    `json:"user_id"`
			RowId  string `json:"id"`
			Msg    string `json:"msg"`
		}
		var rvData rvEtagData
		err := json.Unmarshal([]byte(rv), &rvData)
		if err != nil {
			dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF), err:%s\n", err)
			goto gen
		}
		dbgo.Fprintf(os.Stderr, "%(cyan)%(LF): parsed data=%s\n", dbgo.SVarI(rvData))
		if rvData.Msg == "created" {
			dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF) %(red) -- If-None-Match Value Not Found! -- sending back a 200\n")
			goto gen
		}

		h := c.Writer.Header()
		delete(h, "Content-Type")
		delete(h, "Content-Length")
		delete(h, "Last-Modified")
		delete(h, "ETag")
		h.Set("ETag", inm)
		h.Set("Cache-Control", "max-age=31536000") // 1 year
		c.Writer.WriteHeader(http.StatusNotModified)
		dbgo.Printf("At:%(LF)\n")
		return

	}

}

gen:

	newId = GenUUID()
	output = append(output, []byte(newId)...) // tack ID on the end.
	hash_output := append(output, []byte(aCfg.EtagPassword)...)
	etag := fmt.Sprintf("%x", HashStrings.HashBytes(hash_output))[0:20] // Hash the file
	dbgo.Printf("%(cyan)Generate Etag at:%(LF) ->%s<-\n", etag)         // Dump so we can see what we are inserting
	if db100 {
		stmt := "q_auth_v1_etag_seen ( $1, $2, $3, $4 )"
		rv, e0 := CallDatabaseJSONFunction(c, stmt, "..!!", newId, etag, aCfg.EncryptionPassword, aCfg.UserdataPassword)
		if e0 != nil {
			dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF), err:%s\n", e0)
		}
		dbgo.Fprintf(logFilePtr, "%(LF): rv=%s\n", rv)
	}
	h := c.Writer.Header()
	h.Set("Content-Type", "image/gif")
	h.Set("ETag", etag)
	h.Set("Cache-Control", "max-age=31536000") // 1 year
	io.WriteString(c.Writer, string(output))
}

2. Just keep the http[s]://Name/ section

func UrlJoinPath added in v1.0.41

func UrlJoinPath(t string, s ...string) (rv string)

func UrlShortCreateHandler

func UrlShortCreateHandler(c *gin.Context)

func UrlShortHandler

func UrlShortHandler(c *gin.Context)

func ValidateHmacAuthKey added in v1.0.56

func ValidateHmacAuthKey(c *gin.Context, AuthKey string) bool

func ValidateHmacForError added in v1.0.56

func ValidateHmacForError() bool

xyzzyFailedToGptSvr -- in front end www/index.js

func ValidatePasswords

func ValidatePasswords() (err error)

ValidatePasswords is the 2nd 1/2 of the pair - this is used to validate that the encryption keys are correct. It should be called on startup of a server and checks that you have the correct keys at that time.

func ValidateXsrfId

func ValidateXsrfId(c *gin.Context, XsrfId string) (err error)

func XArgs

func XArgs(v ...interface{}) string

XArgs convers a variable set of arguments into a JSON string and returns it.

Types

type AcctSetupSuccess

type AcctSetupSuccess struct {
	Status         string `json:"status"`
	X2faValidated  string `json:"x2fa_validated,omitempty"`
	EmailValidated string `json:"email_validated,omitempty"`
	Msg            string `json:"msg,omitempty"`
}

Output returned

type ApiAdminChangePassword

type ApiAdminChangePassword struct {
	Email       string `json:"email"  form:"email"  binding:"required,email"`
	NewPassword string `json:"new_password"  form:"new_password"  binding:"new_password"`
}

type ApiAuthChangeAccountInfo added in v1.0.43

type ApiAuthChangeAccountInfo struct {
	FirstName string `json:"first_name" form:"first_name"   binding:"required"`
	LastName  string `json:"last_name"  form:"last_name"    binding:"required"`
	X2FaPin   string `json:"x2fa_pin"   form:"x2fa_pin"  `
}

------------------------------------------------------------------------------------------------------------------------- router.POST("/api/v1/auth/change-account-info", LoginRequiredClosure(authHandleChangeAccountInfo)) //

type ApiAuthChangeEmail

type ApiAuthChangeEmail struct {
	NewEmail string `json:"new_email"  form:"new_email"   binding:"required"`
	OldEmail string `json:"old_email"  form:"old_email"   binding:"required"`
	Pw       string `json:"password"   form:"password"    binding:"required"`
	X2FaPin  string `json:"x2fa_pin"   form:"x2fa_pin"  `
}

Input for api endpoint

type ApiAuthChangePassword

type ApiAuthChangePassword struct {
	Email   string `json:"email"      form:"email"       binding:"required,email"`
	NewPw   string `json:"new_pw"     form:"new_pw"      binding:"required"`
	OldPw   string `json:"old_pw"     form:"old_pw"      binding:"required"`
	X2FaPin string `json:"x2fa_pin"   form:"x2fa_pin"`
}

------------------------------------------------------------------------------------------------------------------------- jwtConfig.authInternalHandlers["POST:/api/v1/auth/change-password"] = authHandleChangePassword // change passwword Input for api endpoint

type ApiAuthEmailValidate

type ApiAuthEmailValidate struct {
	Email            string `json:"email"              form:"email"             `
	EmailVerifyToken string `json:"email_verify_token" form:"email_verify_token"   binding:"required"`
	RedirectTo       string `json:"redirect_to"        form:"redirect_to"`
}

Input for api endpoint

type ApiAuthLogin

type ApiAuthLogin struct {
	Email    string `json:"email"      form:"email"       binding:"required,email"`
	Pw       string `json:"password"   form:"password"    binding:"required"`
	AmIKnown string `json:"am_i_known" form:"am_i_known"`
	XsrfId   string `json:"xsrf_id"    form:"xsrf_id"     binding:"required"`
	FPData   string `json:"fp_data"    form:"fp_data"` // fingerprint data
	ScID     string `json:"scid"       form:"scid"`    // y_id - local storage ID

	// You can set any value for the 'no_cookie' data field.   Normally if you want to skip cookies send 'nc' for the value.
	NoCookie string `json:"no_cookie"  form:"no_cookie"` // default is to NOT send cookie if cookies and headers (both ==> , "token_header_vs_cookie": "both") are defined,
}

Input for login

type ApiAuthQrForSecret

type ApiAuthQrForSecret struct {
	Email  string `json:"email"      form:"email"       binding:"required,email"`
	Secret string `json:"secret"     form:"secret"      binding:"required"`
}

type ApiAuthRecoverPassword03SetPassword

type ApiAuthRecoverPassword03SetPassword struct {
	Email         string `json:"email"          form:"email"           binding:"required,email"`
	NewPw         string `json:"new_pw"         form:"new_pw"          binding:"required"`
	NewPwAgain    string `json:"new_pw_again"   form:"new_pw_again"`
	RecoveryToken string `json:"recovery_token" form:"recovery_token"  binding:"required"`
	X2FaPin       string `json:"x2fa_pin"       form:"x2fa_pin"        `
}

Input for api endpoint

type ApiAuthRecoveryPassword02FetchInfo

type ApiAuthRecoveryPassword02FetchInfo struct {
	Email         string `json:"email"          form:"email"            binding:"required,email"`
	RecoveryToken string `json:"recovery_token" form:"recovery_token"   binding:"required"`
}

Input for api endpoint

type ApiAuthRefreshToken

type ApiAuthRefreshToken struct {
	AmIKnown string `json:"am_i_known" form:"am_i_known"`
	XsrfId   string `json:"xsrf_id"    form:"xsrf_id"     binding:"required"`

	// You can set any value for the 'no_cookie' data field.   Normally if you want to skip cookies send 'nc' for the value.
	NoCookie string `json:"no_cookie"  form:"no_cookie"` // default is to NOT send cookie if cookies and headers (both ==> , "token_header_vs_cookie": "both") are defined,
}

Input for refresh token

type ApiAuthRegister

type ApiAuthRegister struct {
	Email     string `json:"email"      form:"email"       binding:"required,email"`
	FirstName string `json:"first_name" form:"first_name"  binding:"required"`
	LastName  string `json:"last_name"  form:"last_name"   binding:"required"`
	Pw        string `json:"password"   form:"password"    binding:"required"`
	AgreeTOS  string `json:"agree_tos" form:"agree_tos"`
	AgreeEULA string `json:"agree_eula" form:"agree_eula"`
}

Input for api endpoint

type ApiAuthRegisterClientAdmin

type ApiAuthRegisterClientAdmin struct {
	Email     string `json:"email"      form:"email"       binding:"required,email"`
	FirstName string `json:"first_name" form:"first_name"  binding:"required"`
	LastName  string `json:"last_name"  form:"last_name"   binding:"required"`
	Pw        string `json:"password"   form:"password"    binding:"required"`
	Token     string `json:"token"      form:"token"       binding:"required"`
}

Input for api endpoint

type ApiAuthRequires2fa added in v1.0.42

type ApiAuthRequires2fa struct {
	Email string `json:"email"      form:"email"       binding:"required,email"`
}

Input for login

type ApiAuthResendEmailRegister

type ApiAuthResendEmailRegister struct {
	Email    string `json:"email"      form:"email"       binding:"required,email"` // yes
	TmpToken string `json:"tmp_token"  form:"tmp_token"`
}

Input for api endpoint

type ApiAuthSetDebugFlag

type ApiAuthSetDebugFlag struct {
	Name    string `json:"name"          form:"name"           binding:"required"`
	Value   string `json:"value"         form:"value"          binding:"required"`
	AuthKey string `json:"auth_key"      form:"auth_key"`
}

Input for api endpoint

type ApiAuthSipLogin0

type ApiAuthSipLogin0 struct {
	Email      string `json:"email"       form:"email"        binding:"required,email"`
	Commitment string `json:"commitment"  form:"commitment"   binding:"required"` // this is the 'x' value, the random from the client.
}

type ApiAuthSipRegister

type ApiAuthSipRegister struct {
	Email     string `json:"email"      form:"email"       binding:"required,email"`
	FirstName string `json:"first_name" form:"first_name"  binding:"required"`
	LastName  string `json:"last_name"  form:"last_name"   binding:"required"`
	Validator string `json:"validator"  form:"validator"   binding:"required"`
}

type ApiAuthTokenDeleteAdmin added in v1.0.47

type ApiAuthTokenDeleteAdmin struct {
	Email     string `json:"email"         form:"email"       binding:"required,email"`
	AuthToken string `json:"auth_token"    form:"auth_token"  binding:"required"`
	DeleteAct string `json:"delete_act"    form:"delete_act"`
}

type ApiAuthUn

type ApiAuthUn struct {
	Email string `json:"email" form:"email"`
}

Input for api endpoint

type ApiAuthValidate2faToken

type ApiAuthValidate2faToken struct {
	Email            string `json:"email"      form:"email"      binding:"required"`
	TmpToken         string `json:"tmp_token"  form:"tmp_token"  binding:"required"`
	X2FaPin          string `json:"x2fa_pin"   form:"x2fa_pin"   binding:"required"`
	AmIKnown         string `json:"am_i_known" form:"am_i_known"` //
	XsrfId           string `json:"xsrf_id"    form:"xsrf_id"`    // From Login
	FPData           string `json:"fp_data"    form:"fp_data"`    // fingerprint data
	ScID             string `json:"scid"       form:"scid"`       // y_id - local storage ID
	EmailVerifyToken string `json:"email_verify_token" form:"email_verify_token"`

	// You can set any value for the 'no_cookie' data field.   Normally if you want to skip cookies send 'nc' for the value.
	NoCookie string `json:"no_cookie"  form:"no_cookie"` // default is to NOT send cookie if cookies and headers (both ==> , "token_header_vs_cookie": "both") are defined,
}

authHandleValidate2faToken is called after login to validate a 2fa token and after registration to comnplete the registration.

This calls: "q_auth_v1_validate_2fa_token ( $1, $2, $3, $4, $5 )" in the databse. This sets q_qr_users.setup_complete_2fa = 'y' to mark the account as fully registered. Login requires that this is a 'y' before login occures.

Input for api endpoint

type ApiAuthValidateToken added in v1.0.29

type ApiAuthValidateToken struct {
	AmIKnown string `json:"am_i_known" form:"am_i_known"`
	XsrfId   string `json:"xsrf_id"    form:"xsrf_id"     binding:"required"`

	FPData string `json:"fp_data"    form:"fp_data"` // fingerprint data
	ScID   string `json:"scid"       form:"scid"`    // y_id - local storage ID

	// You can set any value for the 'no_cookie' data field.   Normally if you want to skip cookies send 'nc' for the value.
	NoCookie string `json:"no_cookie"  form:"no_cookie"` // default is to NOT send cookie if cookies and headers (both ==> , "token_header_vs_cookie": "both") are defined,
}

Input for refresh token

type ApiCreateClient

type ApiCreateClient struct {
	ClientName  string `json:"client_name"      form:"client_name"       binding:"required"`
	Description string `json:"description"      form:"description"       binding:"required"`
	RoleName    string `json:"role_name"        form:"role_name"`
	Email       string `json:"email"            form:"email"`
}

------------------------------------------------------------------------------------------------------------------------- Create a new Client

type ApiCreateRegistrationToken

type ApiCreateRegistrationToken struct {
	Description string `json:"description"    form:"description"       binding:"required"`
	AdminEmail  string `json:"admin_email"     form:"admin_email"      binding:"required"`
	ClientId    string `json:"client_id"      form:"client_id"`
	RoleName    string `json:"role_name"      form:"role_name"`
	EmailNote   string `json:"email_note"     form:"email_note"`
}

------------------------------------------------------------------------------------------------------------------------- Input for login

type ApiEmail

type ApiEmail struct {
	Email string `json:"email"  form:"email"  binding:"required,email"`
}

Input for api endpoint

type ApiEmailOptional

type ApiEmailOptional struct {
	Email string `json:"email"  form:"email"`
}

Input for api endpoint

type ApiGetAcctState added in v1.0.56

type ApiGetAcctState struct {
	Email string `json:"email"         form:"email"       binding:"required,email"`
}

Input for login

type ApiGetRegistrationToken

type ApiGetRegistrationToken struct {
	UserName string `json:"user_name"      form:"user_name"`
}

------------------------------------------------------------------------------------------------------------------------- Create a new Client

type ApiSetUserConfig

type ApiSetUserConfig struct {
	Name  string `json:"name,omitempty"  form:"name"`
	Value string `json:"value,omitempty" form:"value"`
}

-------------------------------------------------------------------------------------------------------------------------

type ApiUpdateAcctState added in v1.0.54

type ApiUpdateAcctState struct {
	Email     string `json:"email"         form:"email"       binding:"required,email"`
	AcctState string `json:"acct_state"    form:"acct_state"       binding:"required"`
}

Input for login

type ApiUrlShortCreateType

type ApiUrlShortCreateType struct {
	Id             string   `json:"id"               form:"id"              binding:"required"`
	DestinationURL string   `json:"destination_url"  form:"destination_url" binding:"required"`
	ShouldProxy    string   `json:"should_proxy"     form:"should_proxy"    binding:"required"`
	Headers        []NvPair `json:"headers"`
	Params         []NvPair `json:"params"`
	Method         string   `json:"method"`
}

-------------------------------------------------------------------------------------------------------------------------

type ApiUrlShortType

type ApiUrlShortType struct {
	Id string `json:"id" form:"id" binding:"required"`
}

-------------------------------------------------------------------------------------------------------------------------

type CreateClientSuccess

type CreateClientSuccess struct {
	Status            string `json:"status"`
	RegistrationToken string `json:"token_registration,omitempty"`
}

Output returned

type CreateClientSuccess2

type CreateClientSuccess2 struct {
	Status            string `json:"status"`
	RegistrationToken string `json:"token_registration,omitempty"`
	ClientId          string `json:"client_id,omitempty"`
}

Output returned

type CreateRegistrationStuccess

type CreateRegistrationStuccess struct {
	Status            string `json:"status"`
	ClientId          string `json:"client_id"      form:"client_id"`
	RegistrationToken string `json:"registration_token" form:"registration_token" db:"registration_token"`
}

Output returned

type EmailConfirmSuccess

type EmailConfirmSuccess struct {
	Status    string `json:"status"`
	TmpToken  string `json:"tmp_token"`
	AcctState string `json:"acct_state,omitempty"`
}

Output returned

type EmailSetupSuccess

type EmailSetupSuccess struct {
	Status         string `json:"status"`
	Msg            string `json:"msg"`
	EmailValidated string `json:"email_validated,omitempty"`
}

Output returned

type GetUserConfigSuccess

type GetUserConfigSuccess struct {
	Status     string            `json:"status"`
	UserConfig map[string]string `json:"user_config,omitempty"`
}

Output returned

type GinLoginType

type GinLoginType struct {
	Path     string
	Method   string
	Fx       func(c *gin.Context)
	UseLogin LoginType // 0 required - or not found in table, 1 not required, 2 optional
}

type JwtClaims

type JwtClaims struct {
	AuthToken string `json:"auth_token"`
	jwt.RegisteredClaims
}

type LoginError1 added in v1.0.48

type LoginError1 struct {
	StdErrorReturn
	TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
	Email    string `json:"email,omitempty"`
}

type LoginSuccess

type LoginSuccess struct {
	Status     string            `json:"status"`
	TmpToken   string            `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
	Token      string            `json:"token,omitempty"`     // the JWT Token???
	Require2fa string            `json:"require_2fa,omitempty"`
	FirstName  string            `json:"first_name,omitempty"`
	LastName   string            `json:"last_name,omitempty"`
	AcctState  string            `json:"acct_state,omitempty"`
	UserConfig map[string]string `json:"user_config,omitempty"`
	Email      string            `json:"email,omitempty"`
}

Output returned

type LoginType

type LoginType int
const (
	LoginRequired LoginType = 1
	PublicApiCall LoginType = 0
	LoginOptional LoginType = 2
)

type NvPair

type NvPair struct {
	Name  string `json:"name"`
	Value string `json:"value"`
}

type QrForSecretSuccess

type QrForSecretSuccess struct {
	Status      string `json:"status"`
	Secret      string `json:"secret"`
	URLFor2faQR string `json:"url_for_2fa_qr"`
}

------------------------------------------------------------------------------------------------------------------------- -------------------------------------------------------------------------------------------------------------------------

type RecoverPassword02Success

type RecoverPassword02Success struct {
	Status    string `json:"status"`
	Email     string `json:"email,omitempty"`
	FirstName string `json:"first_name,omitempty"`
	LastName  string `json:"last_name,omitempty"`
}

Output returned

type RecoverPassword03SetPasswordSuccess

type RecoverPassword03SetPasswordSuccess struct {
	Status    string `json:"status"`
	FirstName string `json:"first_name,omitempty"`
	LastName  string `json:"last_name,omitempty"`
}

Output returned

type RefreshTokenSuccess

type RefreshTokenSuccess struct {
	Status      string            `json:"status"`
	Token       string            `json:"token,omitempty"` // the JWT Token???
	AccountType string            `json:"account_type,omitempty"`
	FirstName   string            `json:"first_name,omitempty"`
	LastName    string            `json:"last_name,omitempty"`
	AcctState   string            `json:"acct_state,omitempty"`
	UserConfig  map[string]string `json:"user_config,omitempty"`
}

Output returned

type RegenOTPSuccess

type RegenOTPSuccess struct {
	Status string   `json:"status"`
	Otp    []string `json:"otp,omitempty"`
	Msg    string   `json:"msg"`
}

Output returned

type RegisterSuccess

type RegisterSuccess struct {
	Status      string            `json:"status"`
	URLFor2faQR string            `json:"url_for_2fa_qr,omitempty"`
	TotpSecret  string            `json:"totp_secret,omitempty"`
	UserConfig  map[string]string `json:"user_config,omitempty"`
	Otp         []string          `json:"otp,omitempty"`
	TmpToken    string            `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
	Require2fa  string            `json:"require_2fa,omitempty"`
	Email       string            `json:"email,omitempty"`
}

Output returned

type Requires2faSuccess added in v1.0.42

type Requires2faSuccess struct {
	Status     string `json:"status"`
	Require2fa string `json:"require_2fa,omitempty"`
}

Output returned

type ResendEmailRegisterSuccess

type ResendEmailRegisterSuccess struct {
	Status      string `json:"status"`
	URLFor2faQR string `json:"url_for_2fa_qr,omitempty"`
	TotpSecret  string `json:"totp_secret,omitempty"`
	TmpToken    string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
	Require2fa  string `json:"require_2fa,omitempty"`
}

Output returned

type ReturnStatusSuccess

type ReturnStatusSuccess struct {
	Status string `json:"status"`
	Msg    string `json:"msg"`
}

Output returned

type ReturnSuccess

type ReturnSuccess struct {
	Status string `json:"status"`
}

Output returned

type RvCallErrorType added in v1.0.30

type RvCallErrorType struct {
	StdErrorReturn
}

type RvChangeEmailAddressType

type RvChangeEmailAddressType struct {
	StdErrorReturn
	FirstName string `json:"first_name,omitempty"`
	LastName  string `json:"last_name,omitempty"`
}

type RvChangePasswordAdminType

type RvChangePasswordAdminType struct {
	StdErrorReturn
	FirstName string `json:"first_name,omitempty"`
	LastName  string `json:"last_name,omitempty"`
}

type RvChangePasswordType

type RvChangePasswordType struct {
	StdErrorReturn
	FirstName string `json:"first_name,omitempty"`
	LastName  string `json:"last_name,omitempty"`
}

DB Reutrn Data

type RvCreateClientType

type RvCreateClientType struct {
	StdErrorReturn
	RegistrationToken string `json:"token_registration,omitempty" db:"token_registration"`
	ClientId          string `json:"client_id"                    db:"client_id"`
}

type RvCreateRegistrationTokenType

type RvCreateRegistrationTokenType struct {
	StdErrorReturn
	ClientId          string `json:"client_id"      form:"client_id" db:"client_id"`
	RegistrationToken string `json:"registration_token" form:"registration_token" db:"registration_token"`
}

Create a new Registration Token

type RvCreateUseToken added in v1.0.20

type RvCreateUseToken struct {
	StdErrorReturn
	AuthToken string `json:"auth_token,omitempty" db:"auth_token"`
}

type RvDeleteAccountType

type RvDeleteAccountType struct {
	StdErrorReturn
	FirstName string `json:"first_name,omitempty"`
	LastName  string `json:"last_name,omitempty"`
}

type RvEmailConfirm

type RvEmailConfirm struct {
	StdErrorReturn
	Email     string `json:"email,omitempty"`
	TmpToken  string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
	AcctState string `json:"acct_state,omitempty"`
	AuthToken string `json:"auth_token,omitempty"`
	UserId    string `json:"user_id,omitempty"`
}

DB Reutrn Data

type RvGetRegistrationTokenType

type RvGetRegistrationTokenType struct {
	StdErrorReturn
	RegistrationToken string `json:"token_registration,omitempty" db:"token_registration"`
}

l_token_registration

type RvGetSecretType

type RvGetSecretType struct {
	StdErrorReturn
	Secret2fa  string `json:"secret_2fa"`
	UserId     string `json:"user_id"`
	Require2fa string `json:"require_2fa,omitempty"`
}

type RvGetUserConfigType

type RvGetUserConfigType struct {
	StdErrorReturn
	UserConfig map[string]string `json:"user_config,omitempty" db:"user_config"`
}

------------------------------------------------------------------------------------------------------------------------- DB Reutrn Data

type RvLoginType

type RvLoginType struct {
	StdErrorReturn
	UserId           string            `json:"user_id,omitempty"`
	AuthToken        string            `json:"auth_token,omitempty"` // May be "" - meaning no auth.
	TmpToken         string            `json:"tmp_token,omitempty"`  // May be "" - used in 2fa part 1 / 2
	Token            string            `json:"token,omitempty"`      // the JWT Token???
	Require2fa       string            `json:"require_2fa,omitempty"`
	Secret2fa        string            `json:"secret_2fa,omitempty"`
	AccountType      string            `json:"account_type,omitempty"`
	Privileges       []string          `json:"privileges,omitempty"`
	FirstName        string            `json:"first_name,omitempty"`
	LastName         string            `json:"last_name,omitempty"`
	IsNewDeviceLogin string            `json:"is_new_device_login,omitempty"`
	ClientId         string            `json:"client_id,omitempty"`
	AcctState        string            `json:"acct_state,omitempty"`
	UserConfig       map[string]string `json:"user_config,omitempty"`
}

DB Reutrn Data

type RvRecoverPassword01Setup

type RvRecoverPassword01Setup struct {
	StdErrorReturn
	RecoveryToken   string `json:"recovery_token,omitempty"`
	RecoveryTokenN6 string `json:"recovery_token_n6,omitempty"`
	FirstName       string `json:"first_name,omitempty"`
	LastName        string `json:"last_name,omitempty"`
	N6Flag          string `json:"n6_flag,omitempty"`
}

DB Reutrn Data

type RvRecoverPassword02FetchInfo

type RvRecoverPassword02FetchInfo struct {
	StdErrorReturn
	Email     string `json:"email,omitempty"`
	FirstName string `json:"first_name,omitempty"`
	LastName  string `json:"last_name,omitempty"`
}

DB Reutrn Data

type RvRecoverPassword03SetPassword

type RvRecoverPassword03SetPassword struct {
	StdErrorReturn
	RecoveryToken string `json:"recovery_token,omitempty"`
	FirstName     string `json:"first_name,omitempty"`
	LastName      string `json:"last_name,omitempty"`
}

DB Reutrn Data

type RvRefreshTokenType

type RvRefreshTokenType struct {
	StdErrorReturn
	AuthToken   string            `json:"auth_token,omitempty"`
	Token       string            `json:"token,omitempty"` // the JWT Token???
	UserId      string            `json:"user_id,omitempty"`
	AccountType string            `json:"account_type,omitempty"`
	Email       string            `json:"email_address"`
	FirstName   string            `json:"first_name,omitempty"`
	LastName    string            `json:"last_name,omitempty"`
	AcctState   string            `json:"acct_state,omitempty"`
	UserConfig  map[string]string `json:"user_config,omitempty"`
}

------------------------------------------------------------------------------------------------------------------------- {Method: "POST", Path: "/api/v1/auth/refresh-token", Fx: authHandleRefreshToken, UseLogin: LoginRequired}, // (TODO - wrong function now)

type RvRegenOTPType

type RvRegenOTPType struct {
	StdErrorReturn
	Otp       []string `json:"otp,omitempty"`
	FirstName string   `json:"first_name,omitempty"`
	LastName  string   `json:"last_name,omitempty"`
}

DB Reutrn Data

type RvRegisterClientAdminType

type RvRegisterClientAdminType struct {
	StdErrorReturn
	UserId           string   `json:"user_id,omitempty"`
	EmailVerifyToken string   `json:"email_verify_token,omitempty"`
	Require2fa       string   `json:"require_2fa,omitempty"`
	Secret2fa        string   `json:"secret_2,omitempty"`
	URLFor2faQR      string   `json:"url_for_2fa_qr"`
	TotpSecret       string   `json:"totp_secret"`
	Otp              []string `json:"otp,omitempty"`
	TmpToken         string   `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
	N6               string   `json:"n6"`
}

------------------------------------------------------------------------------------------------------------------------- register client user account.

	{Method: "POST", Path: "/api/v1/auth/register-client-admin", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall}, // un + pw + first_name + last_name + token to lead to client account

	{Method: "POST", Path: "/api/v1/auth/register-client-admin", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall}, // un + pw + first_name + last_name + token to lead to client account:w
 create or replace function q_auth_v1_register_client ( p_email varchar, p_pw varchar, p_hmac_password varchar, p_first_name varchar, p_last_name varchar, p_userdata_password varchar, p_secret varchar, p_registration_token uuid )

-------------------------------------------------------------------------------------------------------------------------

type RvRegisterTokenAccountType

type RvRegisterTokenAccountType struct {
	StdErrorReturn
	FirstName string `json:"first_name,omitempty"`
	LastName  string `json:"last_name,omitempty"`
	Email     string `json:"email,omitempty"`
}

type RvRegisterType

type RvRegisterType struct {
	StdErrorReturn
	UserId           string            `json:"user_id,omitempty"`
	EmailVerifyToken string            `json:"email_verify_token,omitempty"`
	Require2fa       string            `json:"require_2fa,omitempty"`
	Secret2fa        string            `json:"secret_2,omitempty"`
	URLFor2faQR      string            `json:"url_for_2fa_qr"`
	TotpSecret       string            `json:"totp_secret"`
	UserConfig       map[string]string `json:"user_config,omitempty"`
	Otp              []string          `json:"otp,omitempty"`
	TmpToken         string            `json:"tmp_token,omitempty"`
	N6               string            `json:"n6"`
}

Returned form stored procedure

l_data = '{"status":"error","msg":"Account already exists.  Please login or recover password.","code":"0007","location":"m4___file__ m4___line__"}';
	||', "user_id":' ||coalesce(to_json(l_user_id)::text,'""')

DB Reutrn Data

type RvRegisterUnPwAccountType

type RvRegisterUnPwAccountType struct {
	StdErrorReturn
	FirstName string `json:"first_name,omitempty"`
	LastName  string `json:"last_name,omitempty"`
	Email     string `json:"email,omitempty"`
}

type RvRequires2faType added in v1.0.42

type RvRequires2faType struct {
	StdErrorReturn
	Require2fa string `json:"require_2fa,omitempty"`
}

DB Reutrn Data

type RvResendEmailRegisterType

type RvResendEmailRegisterType struct {
	StdErrorReturn
	UserId           *int   `json:"user_id,omitempty"`
	EmailVerifyToken string `json:"email_verify_token,omitempty"`
	Require2fa       string `json:"require_2fa,omitempty"`
	Secret2fa        string `json:"secret_2,omitempty"`
	URLFor2faQR      string `json:"url_for_2fa_qr"`
	TotpSecret       string `json:"totp_secret"`
	TmpToken         string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
	FirstName        string `json:"first_name"`
	LastName         string `json:"last_name"`
	N6               string `json:"n6"`
}

DB Reutrn Data

type RvStatus added in v1.0.43

type RvStatus struct {
	StdErrorReturn
}

type RvUpdateAcctStateType added in v1.0.54

type RvUpdateAcctStateType struct {
	StdErrorReturn
	AcctState string `json:"acct_state,omitempty"`
}

DB Reutrn Data

type RvUrlShortCreateReturned

type RvUrlShortCreateReturned struct {
	StdErrorReturn
	ShortId string `json:"short_id"`
}

type RvUrlShortReturned

type RvUrlShortReturned struct {
	StdErrorReturn
	ShortId        string `json:"short_id"`
	ShouldProxy    string `json:"should_proxy"`
	DestinationURL string `json:"destination_url"`
}

type RvValidUseToken added in v1.0.20

type RvValidUseToken struct {
	StdErrorReturn
	UserId    string `json:"user_id,omitempty"    db:"user_id"`
	AuthToken string `json:"auth_token,omitempty" db:"auth_token"`
}

type RvValidate2faTokenType

type RvValidate2faTokenType struct {
	StdErrorReturn
	UserId         string   `json:"user_id,omitempty"`
	AuthToken      string   `json:"auth_token,omitempty"` // May be "" - meaning no auth.
	Token          string   `json:"token,omitempty"`
	Expires        string   `json:"expires,omitempty"`
	Privileges     []string `json:"privileges,omitempty"`
	Secret2fa      string   `json:"secret_2fa,omitempty"`
	EmailValidated string   `json:"email_validated,omitempty"`
	X2faValidated  string   `json:"x2fa_validated,omitempty"`
	ClientId       string   `json:"client_id,omitempty"`
	AcctState      string   `json:"acct_state,omitempty"`
}

DB Reutrn Data

type RvValidateTokenType added in v1.0.29

type RvValidateTokenType struct {
	StdErrorReturn
	AuthToken   string            `json:"auth_token,omitempty"`
	Token       string            `json:"token,omitempty"` // the JWT Token???
	UserId      string            `json:"user_id,omitempty"`
	AccountType string            `json:"account_type,omitempty"`
	Email       string            `json:"email_address"`
	FirstName   string            `json:"first_name,omitempty"`
	LastName    string            `json:"last_name,omitempty"`
	AcctState   string            `json:"acct_state,omitempty"`
	UserConfig  map[string]string `json:"user_config,omitempty"`
}

type SQLAcctStatusType

type SQLAcctStatusType struct {
	SetupComplete2fa string `json:"setup_complete_2fa" db:"setup_complete_2fa"`
	EmailValidated   string `json:"email_validated"    db:"email_validated"`
	Require2fa       string `json:"require_2fa"        db:"require_2fa"`
}

type SQLIntType

type SQLIntType struct {
	X *int
}

type SQLStatusType

type SQLStatusType struct {
	Status  string `json:"status"`
	LogUUID string `json:"LogUUID"`
}
jwt_auth.SetupNewInstall()

if err := jwt_auth.ValidatePasswords(); err != nil {

-- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- -- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- create table if not exists q_qr_validate_startup (

once_id								int unique primary key, -- only one row in table ever, no generation of PKs.
validation_value_hmac 				bytea not null,
validation_value_enc 				bytea not null

);

-- -- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- create or replace function q_auth_v1_setup_startup_one_time ( p_hmac_password varchar, p_userdata_password varchar )

returns text
as $$

DECLARE

l_data					text;
l_fail					bool;

BEGIN

-- Copyright (C) Philip Schlump, 2008-2021.
-- BSD 3 Clause Licensed.  See LICENSE.bsd
-- version: m4_ver_version() tag: m4_ver_tag() build_date: m4_ver_date()
l_fail = false;
insert into t_output ( msg ) values ( 'function ->q_auth_v1_setup_startup_one_time<- m4___file__ m4___line__' );

begin
	insert into q_qr_validate_startup ( once_id, validation_value_hmac, validation_value_enc ) values
		( 1
	 	, q_auth_v1_hmac_encode ( 'test@test.com', p_hmac_password )
	    , pgp_sym_encrypt('test@test.com', p_userdata_password)
		);

exception
	when others then

		l_fail = true;
		l_data = '{"status":"error","msg":"Not initialized properly - incorrect passwrods","code":"2004","location":"m4___file__ m4___line__"}';
		insert into q_qr_auth_log ( user_id, activity, code, location ) values ( l_user_id, 'Not initialized properly - incorrect passwords', '2005', 'File:m4___file__ Line No:m4___line__');
end;

if not l_fail then

	l_data = '{"status":"success"'
		||'}';

end if;

RETURN l_data;

END; $$ LANGUAGE plpgsql;

-- -- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- create or replace function q_auth_v1_validate_startup_passwords ( p_hmac_password varchar, p_userdata_password varchar )

returns text
as $$

DECLARE

l_data					text;
l_fail					bool;
l_debug_on 				bool;
l_id					uuid;
l_junk					text;

BEGIN

l_debug_on = q_get_config_bool ( 'debug' );

-- Copyright (C) Philip Schlump, 2008-2021.
-- BSD 3 Clause Licensed.  See LICENSE.bsd
-- version: m4_ver_version() tag: m4_ver_tag() build_date: m4_ver_date()
l_fail = false;
l_data = '{"status":"unknown"}';

if l_debug_on then
	insert into t_output ( msg ) values ( 'function ->q_auth_v1_validate_startup_passwords<- m4___file__ m4___line__' );
end if;

begin
	select 'found'
		into l_junk
		from q_qr_validate_startup
		where  once_id = 1
		 and validation_value_hmac = q_auth_v1_hmac_encode ( 'test@test.com', p_hmac_password )
		 and pgp_sym_decrypt(validation_value_enc, p_userdata_password) = 'test@test.com'
		;
	if not found then
		l_fail = true;
		l_data = '{"status":"error","msg":"Not configured properly - incorrect passwrods","code":"2005","location":"m4___file__ m4___line__"}';
	end if;
exception
	when others then
		l_fail = true;
		l_data = '{"status":"error","msg":"Not configured properly - incorrect passwrods","code":"2007","location":"m4___file__ m4___line__"}';
end;

if not l_fail then

	l_data = '{"status":"success"'
		||'}';

end if;

RETURN l_data;

END; $$ LANGUAGE plpgsql;

delete from q_qr_validate_startup ;

select q_auth_v1_setup_startup_one_time ( 'bob', 'bob' ); select q_auth_v1_validate_startup_passwords ( 'bb', 'ob' );

delete from q_qr_validate_startup ;

type SQLStringType

type SQLStringType struct {
	X string
}

-------------------------------------------------------------------------------------------------------------------------

type SQLUserIdPrivsType

type SQLUserIdPrivsType struct {
	UserId     string `json:"user_id,omitempty"      db:"user_id"`
	Privileges string `json:"privileges,omitempty"`
	ClientId   string `json:"client_id,omitempty"    db:"client_id"`
	Email      string `json:"email"                  db:"email"`
	// , min(t2.expires) as expires
	// , ceil(EXTRACT(EPOCH FROM min(t2.expires))) as seconds_till_expires
	Expires            string `json:"expires" 		db:"expires"`
	SecondsTillExpires int64  `json:"seconds_till_expires" db:"seconds_till_expires"`
}

------------------------------------------------------------------------------------------------------------------------- Use:

AuthJWTPublic            string `json:"auth_jwt_public_file" default:""`                                                     // Public Key File
AuthJWTPrivate           string `json:"auth_jwt_private_file" default:""`                                                    // Private Key File
AuthJWTKeyType           string `json:"auth_jwt_key_type" default:"ES" validate:"v.In(['ES256','RS256', 'ES512', 'RS512'])"` // Key type ES = ESDSA or RS = RSA

func RedisGetCachedToken added in v1.0.46

func RedisGetCachedToken(AuthToken, UserdataPassword string, perReqLog *os.File) (v2 []*SQLUserIdPrivsType, has bool)

type SetDebugFlagSuccess

type SetDebugFlagSuccess struct {
	Status string `json:"status"`
}

Output returned

type SipLogin0Success

type SipLogin0Success struct {
	Status     string `json:"status"`
	TmpToken   string `json:"tmp_token,omitempty"`
	Challenge  string `json:"challenge,omitempty"`
	Require2fa string `json:"require_2fa,omitempty"`
	Privileges string `json:"privileges,omitempty"`
	FirstName  string `json:"first_name,omitempty"`
	LastName   string `json:"last_name,omitempty"`
}

type SipLogin1Success

type SipLogin1Success struct {
	Status    string `json:"status"`
	TmpToken  string `json:"tmp_token,omitempty"`
	Challenge string `json:"challenge,omitempty"`
}

-------------------------------------------------------------------------------------------------------------------------

type SipLogin22uccess

type SipLogin22uccess struct {
	Status   string `json:"status"`
	TmpToken string `json:"tmp_token,omitempty"`
	Proof    string `json:"proof,omitempty"`
}

-------------------------------------------------------------------------------------------------------------------------

type StdErrorReturn

type StdErrorReturn struct {
	Status   string `json:"status"`
	Msg      string `json:",omitempty"`
	Code     string `json:",omitempty"`
	Location string `json:",omitempty"`
	LogUUID  string `json:",omitempty"`
}

type UpdateAcctStateSuccess added in v1.0.54

type UpdateAcctStateSuccess struct {
	Status    string `json:"status"`
	AcctState string `json:"acct_state"`
}

Output returned

type Validate2faTokenSuccess

type Validate2faTokenSuccess struct {
	Status         string `json:"status"`
	Token          string `json:"token,omitempty"`
	EmailValidated string `json:"email_validated,omitempty"`
	X2faValidated  string `json:"x2fa_validated,omitempty"`
	Expires        string `json:"expires,omitempty"`
	AcctState      string `json:"acct_state,omitempty"`
}

Output returned

type ValidateTokenSuccess added in v1.0.29

type ValidateTokenSuccess struct {
	Status      string            `json:"status"`
	Token       string            `json:"token,omitempty"` // the JWT Token???
	AccountType string            `json:"account_type,omitempty"`
	FirstName   string            `json:"first_name,omitempty"`
	LastName    string            `json:"last_name,omitempty"`
	AcctState   string            `json:"acct_state,omitempty"`
	UserConfig  map[string]string `json:"user_config,omitempty"`
}

Output returned

type X2faSetupSuccess

type X2faSetupSuccess struct {
	Status        string `json:"status"`
	Msg           string `json:"msg"`
	X2faValidated string `json:"x2fa_validated,omitempty"`
}

Output returned

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL