Documentation ¶
Index ¶
- Variables
- func AppendOneToSecurityTable(method, path string, fx func(c *gin.Context), useLogin LoginType)
- func AppendStructToZapLog(fields []zapcore.Field, input interface{}) []zapcore.Field
- func AppendToSecurityTable(x ...GinLoginType)
- func BindFormOrJSON(c *gin.Context, bindTo interface{}) (err error)
- func BindFormOrJSONOptional(c *gin.Context, bindTo interface{}) (err error)
- func CallDatabaseFunction(c *gin.Context, out interface{}, fCall string, encPat string, ...) (err error)
- func CallDatabaseJSONFunction(c *gin.Context, fCall string, encPat string, data ...interface{}) (rv string, err error)
- func CallDatabaseJSONFunctionNoErr(c *gin.Context, fCall string, encPat string, data ...interface{}) (rv string, err error)
- func CheckTmpAuthToken(c *gin.Context, AToken string) (UserId, AuthToken string, err error)
- func Confirm2faSetupAccount(c *gin.Context, UserId string)
- func ConfirmEmailAccount(c *gin.Context, EmailVerifyToken string) (rv, stmt string, err error)
- func ConnectToDb()
- func ConvPrivs(perReqLog *os.File, Privileges string) (rv string, mr map[string]bool)
- func ConvPrivs2(perReqLog *os.File, Privileges []string) (rv string, mr map[string]bool)
- func CookieHeaderAuthMiddleware(ginSetupTable []GinLoginType) gin.HandlerFunc
- func CreateJWTSignedCookie(c *gin.Context, DBAuthToken, email_addr, NoCookie string) (rv string, err error)
- func CreateJWTSignedCookieNoErr(c *gin.Context, DBAuthToken, email_addr string) (rv string, err error)
- func CreateTmpAuthToken(c *gin.Context, UserId string) (AToken string, err error)
- func DecryptText(key, text []byte) ([]byte, error)
- func DisConnectToDb()
- func DumpParamsToLog(when string, c *gin.Context)
- func EmptyDflt(s, d string) string
- func EncryptText(key, text []byte) ([]byte, error)
- func EncryptTextIndexable(key, xiv, text []byte) ([]byte, error)
- func EncryptTextToB64(key, text []byte) string
- func EncryptTextToB64Indexable(key, iv, text []byte) string
- func GenUUID() string
- func GenerateSecret() string
- func GetAuthToken(c *gin.Context) (UserId, Email, AuthToken string)
- func GetMapKeys[K comparable, V any](m map[K]V) []K
- func GetUserId(c *gin.Context) (UserId string, err error)
- func GinInitAuthPaths(router *gin.Engine)
- func HasCookie(cookieName string, c *gin.Context) (has bool, val string)
- func HeaderFingerprint(c *gin.Context) (hashOfHeaders string)
- func IsLoggedIn(c *gin.Context) (ItIs bool)
- func IsTLS(c *gin.Context) bool
- func IsXDBOn(name string) (b bool)
- func LogJsonReturned(perReqLog *os.File, x interface{}) interface{}
- func MintQRPng(c *gin.Context, InputString string) (qrurl string)
- func ParseBool(s string) (b bool)
- func ReadJson(fn string, x interface{}) (err error)
- func RedisBrodcast(AuthToken string, data string)
- func RedisCacheAuthTokens(AuthToken, UserdataPassword string, v2 []*SQLUserIdPrivsType, ...)
- func ResetLogFile(newFp *os.File)
- func RmExt(filename string) string
- func SVar(v interface{}) string
- func SVarI(v interface{}) string
- func SaveState(cookieValue string, UserId string, c *gin.Context) (err error)
- func SelectString(c *gin.Context, stmt string, encPat string, data ...interface{}) (rv string, err error)
- func SetCookie(cookieName, cookieValue string, c *gin.Context)
- func SetDefaultRunner()
- func SetInsecureCookie(cookieName, cookieValue string, c *gin.Context)
- func SetJsonHdr(c *gin.Context)
- func SetupConnectToJwtAuth(xctx context.Context, xconn *pgxpool.Pool, gcfg *data.BaseConfigType, ...)
- func SetupNewInstall() (err error)
- func SortSlice[T constraints.Ordered](s []T)
- func SortedMapKeys[K constraints.Ordered, V any](m map[K]V) []K
- func SqlRunStmt(c *gin.Context, stmt string, encPat string, data ...interface{}) (rv []map[string]interface{}, err error)
- func StatusSuccess(s string, c *gin.Context) string
- func TestSendEmail(SendTestEmail, SendTestEmailTemplateToRun, AdditionalData string)
- func TokenAuthMiddleware() gin.HandlerFunc
- func UrlEscapePeriod(s string) (rv string)
- func UrlGetServer(s string) (rv string, err error)
- func UrlJoinPath(t string, s ...string) (rv string)
- func UrlShortCreateHandler(c *gin.Context)
- func UrlShortHandler(c *gin.Context)
- func ValidateHmacAuthKey(c *gin.Context, AuthKey string) bool
- func ValidateHmacForError() bool
- func ValidatePasswords() (err error)
- func ValidateXsrfId(c *gin.Context, XsrfId string) (err error)
- func XArgs(v ...interface{}) string
- type AcctSetupSuccess
- type ApiAdminChangePassword
- type ApiAuthChangeAccountInfo
- type ApiAuthChangeEmail
- type ApiAuthChangePassword
- type ApiAuthEmailValidate
- type ApiAuthLogin
- type ApiAuthQrForSecret
- type ApiAuthRecoverPassword03SetPassword
- type ApiAuthRecoveryPassword02FetchInfo
- type ApiAuthRefreshToken
- type ApiAuthRegister
- type ApiAuthRegisterClientAdmin
- type ApiAuthRequires2fa
- type ApiAuthResendEmailRegister
- type ApiAuthSetDebugFlag
- type ApiAuthSipLogin0
- type ApiAuthSipRegister
- type ApiAuthTokenDeleteAdmin
- type ApiAuthUn
- type ApiAuthValidate2faToken
- type ApiAuthValidateToken
- type ApiCreateClient
- type ApiCreateRegistrationToken
- type ApiEmail
- type ApiEmailOptional
- type ApiGetAcctState
- type ApiGetRegistrationToken
- type ApiSetUserConfig
- type ApiUpdateAcctState
- type ApiUrlShortCreateType
- type ApiUrlShortType
- type CreateClientSuccess
- type CreateClientSuccess2
- type CreateRegistrationStuccess
- type EmailConfirmSuccess
- type EmailSetupSuccess
- type GetUserConfigSuccess
- type GinLoginType
- type JwtClaims
- type LoginError1
- type LoginSuccess
- type LoginType
- type NvPair
- type QrForSecretSuccess
- type RecoverPassword02Success
- type RecoverPassword03SetPasswordSuccess
- type RefreshTokenSuccess
- type RegenOTPSuccess
- type RegisterSuccess
- type Requires2faSuccess
- type ResendEmailRegisterSuccess
- type ReturnStatusSuccess
- type ReturnSuccess
- type RvCallErrorType
- type RvChangeEmailAddressType
- type RvChangePasswordAdminType
- type RvChangePasswordType
- type RvCreateClientType
- type RvCreateRegistrationTokenType
- type RvCreateUseToken
- type RvDeleteAccountType
- type RvEmailConfirm
- type RvGetRegistrationTokenType
- type RvGetSecretType
- type RvGetUserConfigType
- type RvLoginType
- type RvRecoverPassword01Setup
- type RvRecoverPassword02FetchInfo
- type RvRecoverPassword03SetPassword
- type RvRefreshTokenType
- type RvRegenOTPType
- type RvRegisterClientAdminType
- type RvRegisterTokenAccountType
- type RvRegisterType
- type RvRegisterUnPwAccountType
- type RvRequires2faType
- type RvResendEmailRegisterType
- type RvStatus
- type RvUpdateAcctStateType
- type RvUrlShortCreateReturned
- type RvUrlShortReturned
- type RvValidUseToken
- type RvValidate2faTokenType
- type RvValidateTokenType
- type SQLAcctStatusType
- type SQLIntType
- type SQLStatusType
- type SQLStringType
- type SQLUserIdPrivsType
- type SetDebugFlagSuccess
- type SipLogin0Success
- type SipLogin1Success
- type SipLogin22uccess
- type StdErrorReturn
- type UpdateAcctStateSuccess
- type Validate2faTokenSuccess
- type ValidateTokenSuccess
- type X2faSetupSuccess
Constants ¶
This section is empty.
Variables ¶
var ErrHttpStatusInternalServerError = errors.New("Internal Server Error")
var GinSetupTable = []GinLoginType{ {Method: "POST", Path: "/api/v1/auth/login", Fx: authHandleLogin, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/xlogin/:seid", Fx: authHandleLogin, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/register", Fx: authHandleRegister, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/register-client-admin", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/register-using-auth-token", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/create-user-admin", Fx: authHandleRegister, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/validate-2fa-token", Fx: authHandleValidate2faToken, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/email-confirm", Fx: authHandlerEmailConfirm, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/validate-email-confirm", Fx: authHandlerValidateEmailConfirm, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/recover-password-01-setup", Fx: authHandleRecoverPassword01Setup, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/recover-password-01-setup", Fx: authHandleRecoverPassword01Setup, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/recover-password-02-fetch-info", Fx: authHandleRecoverPassword02FetchInfo, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/recover-password-02-fetch-info", Fx: authHandleRecoverPassword02FetchInfo, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/recover-password-03-set-password", Fx: authHandleRecoverPassword03SetPassword, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/no-login-status", Fx: authHandleNoLoginStatus, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/no-login-status", Fx: authHandleNoLoginStatus, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/2fa-has-been-setup", Fx: authHandle2faHasBeenSetup, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/email-has-been-validated", Fx: authHandleEmailHasBeenSetup, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/acct-status", Fx: authHandleAcctHasBeenSetup, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/id.json", Fx: loginTrackingJsonHandler, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/set-debug-flag", Fx: authHandlerSetDebugFlag, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/resend-registration-email", Fx: authHandleResendRegistrationEmail, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/setup.js", Fx: authHandlerGetXsrfIdFile, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/setup", Fx: authHandlerGetXsrfIdFileJSON, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/generate-qr-for-secret", Fx: authHandleGenerateQRForSecret, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/requires-2fa", Fx: authHandlerRequires2fa, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/requires-2fa", Fx: authHandlerRequires2fa, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/logout", Fx: authHandleLogout, UseLogin: LoginOptional}, {Method: "POST", Path: "/api/v1/auth/logout", Fx: authHandleLogout, UseLogin: LoginOptional}, {Method: "POST", Path: "/api/v1/auth/login-status", Fx: authHandleLoginStatus, UseLogin: LoginRequired}, {Method: "GET", Path: "/api/v1/auth/login-status", Fx: authHandleLoginStatus, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/change-password", Fx: authHandleChangePassword, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/delete-acct", Fx: authHandleDeleteAccount, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/regen-otp", Fx: authHandleRegenOTP, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/register-un-pw", Fx: authHandleRegisterUnPw, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/register-token", Fx: authHandleRegisterToken, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/change-email-address", Fx: authHandleChangeEmailAddress, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/change-account-info", Fx: authHandleChangeAccountInfo, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/change-password-admin", Fx: authHandleChangePasswordAdmin, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/refresh-token", Fx: authHandleRefreshToken, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/validate-token", Fx: authHandleValidateToken, UseLogin: LoginRequired}, {Method: "GET", Path: "/api/v1/auth/get-user-config", Fx: authHandleGetUserConfig, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/get-user-config", Fx: authHandleGetUserConfig, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/set-user-config", Fx: authHandleSetUserConfig, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/create-client", Fx: authHandleCreateClient, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/create-registration-token", Fx: authHandleCreateRegistrationToken, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/get-registration-token", Fx: authHandleGetRegistrationToken, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/auth-token-delete-admin", Fx: authHandleAuthTokenDeleteAdmin, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/get-acct-state", Fx: authHandlerGetAcctState, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/update-acct-state", Fx: authHandlerUpdateAcctState, UseLogin: LoginRequired}, }
var PrivilegedNames = []string{"__is_logged_in__", "__user_id__", "__auth_token__", "__privs__", "__privs_map__", "__jwt_token__", "__email_hmac_password__", "__user_password__", "__client_id__"}
var XDbOn = make(map[string]bool)
var XDbOnLock = sync.RWMutex{}
Functions ¶
func AppendStructToZapLog ¶
------------------------------------------------------------------------------------------------------------------------- fields = AppendStructToZapLog ( fields, rvStatus ) fields := []zapcore.Field{
func AppendToSecurityTable ¶
func AppendToSecurityTable(x ...GinLoginType)
-------------------------------------------------------------------------------------------------------------------------
func BindFormOrJSON ¶
func BindFormOrJSONOptional ¶
func CallDatabaseFunction ¶ added in v1.0.30
func CallDatabaseFunction(c *gin.Context, out interface{}, fCall string, encPat string, data ...interface{}) (err error)
CallDatabaseFunction will call the named function with output data placed in 'out'. 'out' is the address of a data type suitable to be passed to json.Unmarshal to decode the data.
func CheckTmpAuthToken ¶ added in v1.0.20
func Confirm2faSetupAccount ¶
-------------------------------------------------------------------------------------------------------------------------
func ConfirmEmailAccount ¶
-------------------------------------------------------------------------------------------------------------------------
ConfirmEmailAccount uses the token to lookup a user and confirms that the email that received the token is real.
func ConnectToDb ¶
func ConnectToDb()
func ConvPrivs ¶
Input : [{"priv_name":"May Change Password"}, {"priv_name":"May Password"}] Outupt : {"May Change Password":true, "May Password":true}
func ConvPrivs2 ¶
Input : ["May Change Password", "May Do Whatever"] Outupt : {"May Change Password":true, "May Do Whatever":true}
func CookieHeaderAuthMiddleware ¶
func CookieHeaderAuthMiddleware(ginSetupTable []GinLoginType) gin.HandlerFunc
func CreateJWTSignedCookie ¶
func CreateTmpAuthToken ¶ added in v1.0.20
func DecryptText ¶
func DumpParamsToLog ¶
func EncryptText ¶
func EncryptTextIndexable ¶
func EncryptTextToB64 ¶
func GenerateSecret ¶
func GenerateSecret() string
-------------------------------------------------------------------------------------------------------------------------
func GetAuthToken ¶
func GetMapKeys ¶
func GetMapKeys[K comparable, V any](m map[K]V) []K
GetMapKeys Get all the keys from any typed map. (generic)
func GetUserId ¶
GetUserId will return a UserID - if the user is currently logged in then it is from __user_id__ in the context. If the user is not logged in then 0 will be returned.
func GinInitAuthPaths ¶
-------------------------------------------------------------------------------------------------------------------------
func HasCookie ¶
HasCookie returns true, `has` and a value if the cookie exists. If not then it returns false.
func HeaderFingerprint ¶
------------------------------------------------------------------------------------------------------------------------- HeaderFingerprint takes a set of headers and hashes the set strings and returns it.
Add in server-side hash of headers on login to validate For added security our server keeps track of the browser fingerprint. At the moment we use the following headers: HTTP_ACCEPT_* headers HTTP_USER_AGENT
There are a few HTTP headers which can be used to create a fingerprint about a user. Here are some of the main ones:
User-Agent provides information about the browser and its operating system (including its versions). Accept tells the server what content types the browser can render and send, and Content-Encoding provides data about the content compression. Content-Language and Accept-Language both indicate the user's (and browser's) preferred language.
func IsLoggedIn ¶
------------------------------------------------------------------------------------------------------------------------- IsLoggedIn returns true if the user is currently logged in or if the user can be logged in. The login can be determined with a cookie or an berrer auth token. This call has side-effects - it will add authentication information to the context like, __is_logged_in__. See GetAuthToken().
This is the fucntion to call to login a user.
func LogJsonReturned ¶
func MintQRPng ¶
-------------------------------------------------------------------------------------------------------------------------
func RedisBrodcast ¶ added in v1.0.43
func RedisCacheAuthTokens ¶ added in v1.0.46
func RedisCacheAuthTokens(AuthToken, UserdataPassword string, v2 []*SQLUserIdPrivsType, perReqLog *os.File)
func ResetLogFile ¶ added in v1.0.40
func RmExt ¶
RmExt removes the extenstion from a file name if it exits. if filename is "bc.js", then "bc" will be retuend.
func SVarI ¶
func SVarI(v interface{}) string
SVarI return the JSON encoded version of the data with tab indentation.
func SaveState ¶
-------------------------------------------------------------------------------------------------------------------------
func SelectString ¶
func SetCookie ¶
SetCookie sets the header to create a cookie. If using TLS then this will be a secure HTTP-Only cookie.
func SetDefaultRunner ¶
func SetDefaultRunner()
func SetInsecureCookie ¶
func SetJsonHdr ¶
SetJsonHdr will set a content-type header to "application/json; charset=utf-8"
func SetupConnectToJwtAuth ¶
func SetupNewInstall ¶
func SetupNewInstall() (err error)
SetupNewInstall should be called once to setup the database using the encryption keys. This function will call "q_auth_v1_setup_startup_one_time" with the keys and create a single row that is encrypted. The row is used to validate that you do not start an applicaiton with an invalid set of keys. Running with incorrect keys will result in a split-brain database.
func SortSlice ¶
func SortSlice[T constraints.Ordered](s []T)
SortSlice will Sort a slice of any type. (generic)
func SortedMapKeys ¶
func SortedMapKeys[K constraints.Ordered, V any](m map[K]V) []K
SortMapKeys will sort the keys on a map and return a slice of sorted keys (generic)
func SqlRunStmt ¶
func SqlRunStmt(c *gin.Context, stmt string, encPat string, data ...interface{}) (rv []map[string]interface{}, err error)
-------------------------------------------------------------------------------------------------------------------------
func StatusSuccess ¶
StatusSuccess prepends to a JSON return value with a status:success. This will also set the "Content-Type" to "application/json; charset=utf-8".
func TestSendEmail ¶
func TestSendEmail(SendTestEmail, SendTestEmailTemplateToRun, AdditionalData string)
func TokenAuthMiddleware ¶
func TokenAuthMiddleware() gin.HandlerFunc
func UrlEscapePeriod ¶ added in v1.0.41
func UrlGetServer ¶
func loginTrackingGifHandler(c *gin.Context) {
output, _ := base64.StdEncoding.DecodeString(base64GifPixel) // output_len = len(output) var newId string inm := c.Request.Header.Get("If-None-Match") dbgo.Printf("%(Yellow)Header Tags: %(Green)If-None-Match ->%s<- at:%(LF)\n", inm) if inm != "" { dbgo.Printf("At:%(LF)\n") // RFC 7232 section 4.1: // a sender SHOULD NOT generate representation metadata other than the // above listed fields unless said metadata exists for the purpose of // guiding cache updates (e.g., Last-Modified might be useful if the // response does not have an ETag field). if inm != "" { dbgo.Printf("At:%(LF) ---------- if none match ------------\n") dbgo.Fprintf(os.Stderr, "ETag(If-None-Match): %s previous\n", inm) newId = GenUUID() stmt := "q_auth_v1_etag_seen ( $1, $2, $3, $4 )" rv, e0 := CallDatabaseJSONFunction(c, stmt, "..!!", newId, inm, aCfg.EncryptionPassword, aCfg.UserdataPassword) if e0 != nil { dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF), err:%s\n", e0) goto gen } // File: /Users/philip/go/src/github.com/pschlump/qr_svr2/gin-upload/jwt_auth/clear_gif.go LineNo:58: // rv={"status":"success", "user_id":"", "id":"8343616b-d8be-48d4-787c-f69ce98c7aa0"} dbgo.Fprintf(os.Stderr, "%(cyan)%(LF): rv=%s\n", rv) type rvEtagData struct { Status string `json:"status"` UserId int `json:"user_id"` RowId string `json:"id"` Msg string `json:"msg"` } var rvData rvEtagData err := json.Unmarshal([]byte(rv), &rvData) if err != nil { dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF), err:%s\n", err) goto gen } dbgo.Fprintf(os.Stderr, "%(cyan)%(LF): parsed data=%s\n", dbgo.SVarI(rvData)) if rvData.Msg == "created" { dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF) %(red) -- If-None-Match Value Not Found! -- sending back a 200\n") goto gen } h := c.Writer.Header() delete(h, "Content-Type") delete(h, "Content-Length") delete(h, "Last-Modified") delete(h, "ETag") h.Set("ETag", inm) h.Set("Cache-Control", "max-age=31536000") // 1 year c.Writer.WriteHeader(http.StatusNotModified) dbgo.Printf("At:%(LF)\n") return } }
gen:
newId = GenUUID() output = append(output, []byte(newId)...) // tack ID on the end. hash_output := append(output, []byte(aCfg.EtagPassword)...) etag := fmt.Sprintf("%x", HashStrings.HashBytes(hash_output))[0:20] // Hash the file dbgo.Printf("%(cyan)Generate Etag at:%(LF) ->%s<-\n", etag) // Dump so we can see what we are inserting if db100 { stmt := "q_auth_v1_etag_seen ( $1, $2, $3, $4 )" rv, e0 := CallDatabaseJSONFunction(c, stmt, "..!!", newId, etag, aCfg.EncryptionPassword, aCfg.UserdataPassword) if e0 != nil { dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF), err:%s\n", e0) } dbgo.Fprintf(logFilePtr, "%(LF): rv=%s\n", rv) } h := c.Writer.Header() h.Set("Content-Type", "image/gif") h.Set("ETag", etag) h.Set("Cache-Control", "max-age=31536000") // 1 year io.WriteString(c.Writer, string(output)) }
2. Just keep the http[s]://Name/ section
func UrlJoinPath ¶ added in v1.0.41
func UrlShortCreateHandler ¶
func UrlShortHandler ¶
func ValidateHmacAuthKey ¶ added in v1.0.56
func ValidateHmacForError ¶ added in v1.0.56
func ValidateHmacForError() bool
xyzzyFailedToGptSvr -- in front end www/index.js
func ValidatePasswords ¶
func ValidatePasswords() (err error)
ValidatePasswords is the 2nd 1/2 of the pair - this is used to validate that the encryption keys are correct. It should be called on startup of a server and checks that you have the correct keys at that time.
Types ¶
type AcctSetupSuccess ¶
type AcctSetupSuccess struct { Status string `json:"status"` X2faValidated string `json:"x2fa_validated,omitempty"` EmailValidated string `json:"email_validated,omitempty"` Msg string `json:"msg,omitempty"` }
Output returned
type ApiAdminChangePassword ¶
type ApiAuthChangeAccountInfo ¶ added in v1.0.43
type ApiAuthChangeAccountInfo struct { FirstName string `json:"first_name" form:"first_name" binding:"required"` LastName string `json:"last_name" form:"last_name" binding:"required"` X2FaPin string `json:"x2fa_pin" form:"x2fa_pin" ` }
------------------------------------------------------------------------------------------------------------------------- router.POST("/api/v1/auth/change-account-info", LoginRequiredClosure(authHandleChangeAccountInfo)) //
type ApiAuthChangeEmail ¶
type ApiAuthChangeEmail struct { NewEmail string `json:"new_email" form:"new_email" binding:"required"` OldEmail string `json:"old_email" form:"old_email" binding:"required"` Pw string `json:"password" form:"password" binding:"required"` X2FaPin string `json:"x2fa_pin" form:"x2fa_pin" ` }
Input for api endpoint
type ApiAuthChangePassword ¶
type ApiAuthChangePassword struct { Email string `json:"email" form:"email" binding:"required,email"` NewPw string `json:"new_pw" form:"new_pw" binding:"required"` OldPw string `json:"old_pw" form:"old_pw" binding:"required"` X2FaPin string `json:"x2fa_pin" form:"x2fa_pin"` }
------------------------------------------------------------------------------------------------------------------------- jwtConfig.authInternalHandlers["POST:/api/v1/auth/change-password"] = authHandleChangePassword // change passwword Input for api endpoint
type ApiAuthEmailValidate ¶
type ApiAuthEmailValidate struct { Email string `json:"email" form:"email" ` EmailVerifyToken string `json:"email_verify_token" form:"email_verify_token" binding:"required"` RedirectTo string `json:"redirect_to" form:"redirect_to"` }
Input for api endpoint
type ApiAuthLogin ¶
type ApiAuthLogin struct { Email string `json:"email" form:"email" binding:"required,email"` Pw string `json:"password" form:"password" binding:"required"` AmIKnown string `json:"am_i_known" form:"am_i_known"` XsrfId string `json:"xsrf_id" form:"xsrf_id" binding:"required"` FPData string `json:"fp_data" form:"fp_data"` // fingerprint data ScID string `json:"scid" form:"scid"` // y_id - local storage ID // You can set any value for the 'no_cookie' data field. Normally if you want to skip cookies send 'nc' for the value. NoCookie string `json:"no_cookie" form:"no_cookie"` // default is to NOT send cookie if cookies and headers (both ==> , "token_header_vs_cookie": "both") are defined, }
Input for login
type ApiAuthQrForSecret ¶
type ApiAuthRecoverPassword03SetPassword ¶
type ApiAuthRecoverPassword03SetPassword struct { Email string `json:"email" form:"email" binding:"required,email"` NewPw string `json:"new_pw" form:"new_pw" binding:"required"` NewPwAgain string `json:"new_pw_again" form:"new_pw_again"` RecoveryToken string `json:"recovery_token" form:"recovery_token" binding:"required"` X2FaPin string `json:"x2fa_pin" form:"x2fa_pin" ` }
Input for api endpoint
type ApiAuthRecoveryPassword02FetchInfo ¶
type ApiAuthRecoveryPassword02FetchInfo struct { Email string `json:"email" form:"email" binding:"required,email"` RecoveryToken string `json:"recovery_token" form:"recovery_token" binding:"required"` }
Input for api endpoint
type ApiAuthRefreshToken ¶
type ApiAuthRefreshToken struct { AmIKnown string `json:"am_i_known" form:"am_i_known"` XsrfId string `json:"xsrf_id" form:"xsrf_id" binding:"required"` // You can set any value for the 'no_cookie' data field. Normally if you want to skip cookies send 'nc' for the value. NoCookie string `json:"no_cookie" form:"no_cookie"` // default is to NOT send cookie if cookies and headers (both ==> , "token_header_vs_cookie": "both") are defined, }
Input for refresh token
type ApiAuthRegister ¶
type ApiAuthRegister struct { Email string `json:"email" form:"email" binding:"required,email"` FirstName string `json:"first_name" form:"first_name" binding:"required"` LastName string `json:"last_name" form:"last_name" binding:"required"` Pw string `json:"password" form:"password" binding:"required"` AgreeTOS string `json:"agree_tos" form:"agree_tos"` AgreeEULA string `json:"agree_eula" form:"agree_eula"` }
Input for api endpoint
type ApiAuthRegisterClientAdmin ¶
type ApiAuthRegisterClientAdmin struct { Email string `json:"email" form:"email" binding:"required,email"` FirstName string `json:"first_name" form:"first_name" binding:"required"` LastName string `json:"last_name" form:"last_name" binding:"required"` Pw string `json:"password" form:"password" binding:"required"` Token string `json:"token" form:"token" binding:"required"` }
Input for api endpoint
type ApiAuthRequires2fa ¶ added in v1.0.42
type ApiAuthRequires2fa struct {
Email string `json:"email" form:"email" binding:"required,email"`
}
Input for login
type ApiAuthResendEmailRegister ¶
type ApiAuthResendEmailRegister struct { Email string `json:"email" form:"email" binding:"required,email"` // yes TmpToken string `json:"tmp_token" form:"tmp_token"` }
Input for api endpoint
type ApiAuthSetDebugFlag ¶
type ApiAuthSetDebugFlag struct { Name string `json:"name" form:"name" binding:"required"` Value string `json:"value" form:"value" binding:"required"` AuthKey string `json:"auth_key" form:"auth_key"` }
Input for api endpoint
type ApiAuthSipLogin0 ¶
type ApiAuthSipRegister ¶
type ApiAuthSipRegister struct { Email string `json:"email" form:"email" binding:"required,email"` FirstName string `json:"first_name" form:"first_name" binding:"required"` LastName string `json:"last_name" form:"last_name" binding:"required"` Validator string `json:"validator" form:"validator" binding:"required"` }
type ApiAuthTokenDeleteAdmin ¶ added in v1.0.47
type ApiAuthUn ¶
type ApiAuthUn struct {
Email string `json:"email" form:"email"`
}
Input for api endpoint
type ApiAuthValidate2faToken ¶
type ApiAuthValidate2faToken struct { Email string `json:"email" form:"email" binding:"required"` TmpToken string `json:"tmp_token" form:"tmp_token" binding:"required"` X2FaPin string `json:"x2fa_pin" form:"x2fa_pin" binding:"required"` AmIKnown string `json:"am_i_known" form:"am_i_known"` // XsrfId string `json:"xsrf_id" form:"xsrf_id"` // From Login FPData string `json:"fp_data" form:"fp_data"` // fingerprint data ScID string `json:"scid" form:"scid"` // y_id - local storage ID EmailVerifyToken string `json:"email_verify_token" form:"email_verify_token"` // You can set any value for the 'no_cookie' data field. Normally if you want to skip cookies send 'nc' for the value. NoCookie string `json:"no_cookie" form:"no_cookie"` // default is to NOT send cookie if cookies and headers (both ==> , "token_header_vs_cookie": "both") are defined, }
authHandleValidate2faToken is called after login to validate a 2fa token and after registration to comnplete the registration.
This calls: "q_auth_v1_validate_2fa_token ( $1, $2, $3, $4, $5 )" in the databse. This sets q_qr_users.setup_complete_2fa = 'y' to mark the account as fully registered. Login requires that this is a 'y' before login occures.
Input for api endpoint
type ApiAuthValidateToken ¶ added in v1.0.29
type ApiAuthValidateToken struct { AmIKnown string `json:"am_i_known" form:"am_i_known"` XsrfId string `json:"xsrf_id" form:"xsrf_id" binding:"required"` FPData string `json:"fp_data" form:"fp_data"` // fingerprint data ScID string `json:"scid" form:"scid"` // y_id - local storage ID // You can set any value for the 'no_cookie' data field. Normally if you want to skip cookies send 'nc' for the value. NoCookie string `json:"no_cookie" form:"no_cookie"` // default is to NOT send cookie if cookies and headers (both ==> , "token_header_vs_cookie": "both") are defined, }
Input for refresh token
type ApiCreateClient ¶
type ApiCreateClient struct { ClientName string `json:"client_name" form:"client_name" binding:"required"` Description string `json:"description" form:"description" binding:"required"` RoleName string `json:"role_name" form:"role_name"` Email string `json:"email" form:"email"` }
------------------------------------------------------------------------------------------------------------------------- Create a new Client
type ApiCreateRegistrationToken ¶
type ApiCreateRegistrationToken struct { Description string `json:"description" form:"description" binding:"required"` AdminEmail string `json:"admin_email" form:"admin_email" binding:"required"` ClientId string `json:"client_id" form:"client_id"` RoleName string `json:"role_name" form:"role_name"` EmailNote string `json:"email_note" form:"email_note"` }
------------------------------------------------------------------------------------------------------------------------- Input for login
type ApiEmail ¶
type ApiEmail struct {
Email string `json:"email" form:"email" binding:"required,email"`
}
Input for api endpoint
type ApiEmailOptional ¶
type ApiEmailOptional struct {
Email string `json:"email" form:"email"`
}
Input for api endpoint
type ApiGetAcctState ¶ added in v1.0.56
type ApiGetAcctState struct {
Email string `json:"email" form:"email" binding:"required,email"`
}
Input for login
type ApiGetRegistrationToken ¶
type ApiGetRegistrationToken struct {
UserName string `json:"user_name" form:"user_name"`
}
------------------------------------------------------------------------------------------------------------------------- Create a new Client
type ApiSetUserConfig ¶
type ApiSetUserConfig struct { Name string `json:"name,omitempty" form:"name"` Value string `json:"value,omitempty" form:"value"` }
-------------------------------------------------------------------------------------------------------------------------
type ApiUpdateAcctState ¶ added in v1.0.54
type ApiUpdateAcctState struct { Email string `json:"email" form:"email" binding:"required,email"` AcctState string `json:"acct_state" form:"acct_state" binding:"required"` }
Input for login
type ApiUrlShortCreateType ¶
type ApiUrlShortCreateType struct { Id string `json:"id" form:"id" binding:"required"` DestinationURL string `json:"destination_url" form:"destination_url" binding:"required"` ShouldProxy string `json:"should_proxy" form:"should_proxy" binding:"required"` Headers []NvPair `json:"headers"` Params []NvPair `json:"params"` Method string `json:"method"` }
-------------------------------------------------------------------------------------------------------------------------
type ApiUrlShortType ¶
type ApiUrlShortType struct {
Id string `json:"id" form:"id" binding:"required"`
}
-------------------------------------------------------------------------------------------------------------------------
type CreateClientSuccess ¶
type CreateClientSuccess struct { Status string `json:"status"` RegistrationToken string `json:"token_registration,omitempty"` }
Output returned
type CreateClientSuccess2 ¶
type CreateClientSuccess2 struct { Status string `json:"status"` RegistrationToken string `json:"token_registration,omitempty"` ClientId string `json:"client_id,omitempty"` }
Output returned
type CreateRegistrationStuccess ¶
type CreateRegistrationStuccess struct { Status string `json:"status"` ClientId string `json:"client_id" form:"client_id"` RegistrationToken string `json:"registration_token" form:"registration_token" db:"registration_token"` }
Output returned
type EmailConfirmSuccess ¶
type EmailConfirmSuccess struct { Status string `json:"status"` TmpToken string `json:"tmp_token"` AcctState string `json:"acct_state,omitempty"` }
Output returned
type EmailSetupSuccess ¶
type EmailSetupSuccess struct { Status string `json:"status"` Msg string `json:"msg"` EmailValidated string `json:"email_validated,omitempty"` }
Output returned
type GetUserConfigSuccess ¶
type GetUserConfigSuccess struct { Status string `json:"status"` UserConfig map[string]string `json:"user_config,omitempty"` }
Output returned
type GinLoginType ¶
type JwtClaims ¶
type JwtClaims struct { AuthToken string `json:"auth_token"` jwt.RegisteredClaims }
type LoginError1 ¶ added in v1.0.48
type LoginError1 struct { StdErrorReturn TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2 Email string `json:"email,omitempty"` }
type LoginSuccess ¶
type LoginSuccess struct { Status string `json:"status"` TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2 Token string `json:"token,omitempty"` // the JWT Token??? Require2fa string `json:"require_2fa,omitempty"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` AcctState string `json:"acct_state,omitempty"` UserConfig map[string]string `json:"user_config,omitempty"` Email string `json:"email,omitempty"` }
Output returned
type QrForSecretSuccess ¶
type QrForSecretSuccess struct { Status string `json:"status"` Secret string `json:"secret"` URLFor2faQR string `json:"url_for_2fa_qr"` }
------------------------------------------------------------------------------------------------------------------------- -------------------------------------------------------------------------------------------------------------------------
type RecoverPassword02Success ¶
type RecoverPassword02Success struct { Status string `json:"status"` Email string `json:"email,omitempty"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` }
Output returned
type RecoverPassword03SetPasswordSuccess ¶
type RecoverPassword03SetPasswordSuccess struct { Status string `json:"status"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` }
Output returned
type RefreshTokenSuccess ¶
type RefreshTokenSuccess struct { Status string `json:"status"` Token string `json:"token,omitempty"` // the JWT Token??? AccountType string `json:"account_type,omitempty"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` AcctState string `json:"acct_state,omitempty"` UserConfig map[string]string `json:"user_config,omitempty"` }
Output returned
type RegenOTPSuccess ¶
type RegenOTPSuccess struct { Status string `json:"status"` Otp []string `json:"otp,omitempty"` Msg string `json:"msg"` }
Output returned
type RegisterSuccess ¶
type RegisterSuccess struct { Status string `json:"status"` URLFor2faQR string `json:"url_for_2fa_qr,omitempty"` TotpSecret string `json:"totp_secret,omitempty"` UserConfig map[string]string `json:"user_config,omitempty"` Otp []string `json:"otp,omitempty"` TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2 Require2fa string `json:"require_2fa,omitempty"` Email string `json:"email,omitempty"` }
Output returned
type Requires2faSuccess ¶ added in v1.0.42
type Requires2faSuccess struct { Status string `json:"status"` Require2fa string `json:"require_2fa,omitempty"` }
Output returned
type ResendEmailRegisterSuccess ¶
type ResendEmailRegisterSuccess struct { Status string `json:"status"` URLFor2faQR string `json:"url_for_2fa_qr,omitempty"` TotpSecret string `json:"totp_secret,omitempty"` TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2 Require2fa string `json:"require_2fa,omitempty"` }
Output returned
type ReturnStatusSuccess ¶
Output returned
type RvCallErrorType ¶ added in v1.0.30
type RvCallErrorType struct {
StdErrorReturn
}
type RvChangeEmailAddressType ¶
type RvChangeEmailAddressType struct { StdErrorReturn FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` }
type RvChangePasswordAdminType ¶
type RvChangePasswordAdminType struct { StdErrorReturn FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` }
type RvChangePasswordType ¶
type RvChangePasswordType struct { StdErrorReturn FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` }
DB Reutrn Data
type RvCreateClientType ¶
type RvCreateClientType struct { StdErrorReturn RegistrationToken string `json:"token_registration,omitempty" db:"token_registration"` ClientId string `json:"client_id" db:"client_id"` }
type RvCreateRegistrationTokenType ¶
type RvCreateRegistrationTokenType struct { StdErrorReturn ClientId string `json:"client_id" form:"client_id" db:"client_id"` RegistrationToken string `json:"registration_token" form:"registration_token" db:"registration_token"` }
Create a new Registration Token
type RvCreateUseToken ¶ added in v1.0.20
type RvCreateUseToken struct { StdErrorReturn AuthToken string `json:"auth_token,omitempty" db:"auth_token"` }
type RvDeleteAccountType ¶
type RvDeleteAccountType struct { StdErrorReturn FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` }
type RvEmailConfirm ¶
type RvEmailConfirm struct { StdErrorReturn Email string `json:"email,omitempty"` TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2 AcctState string `json:"acct_state,omitempty"` AuthToken string `json:"auth_token,omitempty"` UserId string `json:"user_id,omitempty"` }
DB Reutrn Data
type RvGetRegistrationTokenType ¶
type RvGetRegistrationTokenType struct { StdErrorReturn RegistrationToken string `json:"token_registration,omitempty" db:"token_registration"` }
l_token_registration
type RvGetSecretType ¶
type RvGetSecretType struct { StdErrorReturn Secret2fa string `json:"secret_2fa"` UserId string `json:"user_id"` Require2fa string `json:"require_2fa,omitempty"` }
type RvGetUserConfigType ¶
type RvGetUserConfigType struct { StdErrorReturn UserConfig map[string]string `json:"user_config,omitempty" db:"user_config"` }
------------------------------------------------------------------------------------------------------------------------- DB Reutrn Data
type RvLoginType ¶
type RvLoginType struct { StdErrorReturn UserId string `json:"user_id,omitempty"` AuthToken string `json:"auth_token,omitempty"` // May be "" - meaning no auth. TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2 Token string `json:"token,omitempty"` // the JWT Token??? Require2fa string `json:"require_2fa,omitempty"` Secret2fa string `json:"secret_2fa,omitempty"` AccountType string `json:"account_type,omitempty"` Privileges []string `json:"privileges,omitempty"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` IsNewDeviceLogin string `json:"is_new_device_login,omitempty"` ClientId string `json:"client_id,omitempty"` AcctState string `json:"acct_state,omitempty"` UserConfig map[string]string `json:"user_config,omitempty"` }
DB Reutrn Data
type RvRecoverPassword01Setup ¶
type RvRecoverPassword01Setup struct { StdErrorReturn RecoveryToken string `json:"recovery_token,omitempty"` RecoveryTokenN6 string `json:"recovery_token_n6,omitempty"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` N6Flag string `json:"n6_flag,omitempty"` }
DB Reutrn Data
type RvRecoverPassword02FetchInfo ¶
type RvRecoverPassword02FetchInfo struct { StdErrorReturn Email string `json:"email,omitempty"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` }
DB Reutrn Data
type RvRecoverPassword03SetPassword ¶
type RvRecoverPassword03SetPassword struct { StdErrorReturn RecoveryToken string `json:"recovery_token,omitempty"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` }
DB Reutrn Data
type RvRefreshTokenType ¶
type RvRefreshTokenType struct { StdErrorReturn AuthToken string `json:"auth_token,omitempty"` Token string `json:"token,omitempty"` // the JWT Token??? UserId string `json:"user_id,omitempty"` AccountType string `json:"account_type,omitempty"` Email string `json:"email_address"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` AcctState string `json:"acct_state,omitempty"` UserConfig map[string]string `json:"user_config,omitempty"` }
------------------------------------------------------------------------------------------------------------------------- {Method: "POST", Path: "/api/v1/auth/refresh-token", Fx: authHandleRefreshToken, UseLogin: LoginRequired}, // (TODO - wrong function now)
type RvRegenOTPType ¶
type RvRegenOTPType struct { StdErrorReturn Otp []string `json:"otp,omitempty"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` }
DB Reutrn Data
type RvRegisterClientAdminType ¶
type RvRegisterClientAdminType struct { StdErrorReturn UserId string `json:"user_id,omitempty"` EmailVerifyToken string `json:"email_verify_token,omitempty"` Require2fa string `json:"require_2fa,omitempty"` Secret2fa string `json:"secret_2,omitempty"` URLFor2faQR string `json:"url_for_2fa_qr"` TotpSecret string `json:"totp_secret"` Otp []string `json:"otp,omitempty"` TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2 N6 string `json:"n6"` }
------------------------------------------------------------------------------------------------------------------------- register client user account.
{Method: "POST", Path: "/api/v1/auth/register-client-admin", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall}, // un + pw + first_name + last_name + token to lead to client account {Method: "POST", Path: "/api/v1/auth/register-client-admin", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall}, // un + pw + first_name + last_name + token to lead to client account:w create or replace function q_auth_v1_register_client ( p_email varchar, p_pw varchar, p_hmac_password varchar, p_first_name varchar, p_last_name varchar, p_userdata_password varchar, p_secret varchar, p_registration_token uuid )
-------------------------------------------------------------------------------------------------------------------------
type RvRegisterTokenAccountType ¶
type RvRegisterTokenAccountType struct { StdErrorReturn FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` Email string `json:"email,omitempty"` }
type RvRegisterType ¶
type RvRegisterType struct { StdErrorReturn UserId string `json:"user_id,omitempty"` EmailVerifyToken string `json:"email_verify_token,omitempty"` Require2fa string `json:"require_2fa,omitempty"` Secret2fa string `json:"secret_2,omitempty"` URLFor2faQR string `json:"url_for_2fa_qr"` TotpSecret string `json:"totp_secret"` UserConfig map[string]string `json:"user_config,omitempty"` Otp []string `json:"otp,omitempty"` TmpToken string `json:"tmp_token,omitempty"` N6 string `json:"n6"` }
Returned form stored procedure
l_data = '{"status":"error","msg":"Account already exists. Please login or recover password.","code":"0007","location":"m4___file__ m4___line__"}'; ||', "user_id":' ||coalesce(to_json(l_user_id)::text,'""')
DB Reutrn Data
type RvRegisterUnPwAccountType ¶
type RvRegisterUnPwAccountType struct { StdErrorReturn FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` Email string `json:"email,omitempty"` }
type RvRequires2faType ¶ added in v1.0.42
type RvRequires2faType struct { StdErrorReturn Require2fa string `json:"require_2fa,omitempty"` }
DB Reutrn Data
type RvResendEmailRegisterType ¶
type RvResendEmailRegisterType struct { StdErrorReturn UserId *int `json:"user_id,omitempty"` EmailVerifyToken string `json:"email_verify_token,omitempty"` Require2fa string `json:"require_2fa,omitempty"` Secret2fa string `json:"secret_2,omitempty"` URLFor2faQR string `json:"url_for_2fa_qr"` TotpSecret string `json:"totp_secret"` TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2 FirstName string `json:"first_name"` LastName string `json:"last_name"` N6 string `json:"n6"` }
DB Reutrn Data
type RvStatus ¶ added in v1.0.43
type RvStatus struct {
StdErrorReturn
}
type RvUpdateAcctStateType ¶ added in v1.0.54
type RvUpdateAcctStateType struct { StdErrorReturn AcctState string `json:"acct_state,omitempty"` }
DB Reutrn Data
type RvUrlShortCreateReturned ¶
type RvUrlShortCreateReturned struct { StdErrorReturn ShortId string `json:"short_id"` }
type RvUrlShortReturned ¶
type RvUrlShortReturned struct { StdErrorReturn ShortId string `json:"short_id"` ShouldProxy string `json:"should_proxy"` DestinationURL string `json:"destination_url"` }
type RvValidUseToken ¶ added in v1.0.20
type RvValidUseToken struct { StdErrorReturn UserId string `json:"user_id,omitempty" db:"user_id"` AuthToken string `json:"auth_token,omitempty" db:"auth_token"` }
type RvValidate2faTokenType ¶
type RvValidate2faTokenType struct { StdErrorReturn UserId string `json:"user_id,omitempty"` AuthToken string `json:"auth_token,omitempty"` // May be "" - meaning no auth. Token string `json:"token,omitempty"` Expires string `json:"expires,omitempty"` Privileges []string `json:"privileges,omitempty"` Secret2fa string `json:"secret_2fa,omitempty"` EmailValidated string `json:"email_validated,omitempty"` X2faValidated string `json:"x2fa_validated,omitempty"` ClientId string `json:"client_id,omitempty"` AcctState string `json:"acct_state,omitempty"` }
DB Reutrn Data
type RvValidateTokenType ¶ added in v1.0.29
type RvValidateTokenType struct { StdErrorReturn AuthToken string `json:"auth_token,omitempty"` Token string `json:"token,omitempty"` // the JWT Token??? UserId string `json:"user_id,omitempty"` AccountType string `json:"account_type,omitempty"` Email string `json:"email_address"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` AcctState string `json:"acct_state,omitempty"` UserConfig map[string]string `json:"user_config,omitempty"` }
type SQLAcctStatusType ¶
type SQLIntType ¶
type SQLIntType struct {
X *int
}
type SQLStatusType ¶
jwt_auth.SetupNewInstall()
if err := jwt_auth.ValidatePasswords(); err != nil {
-- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- -- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- create table if not exists q_qr_validate_startup (
once_id int unique primary key, -- only one row in table ever, no generation of PKs. validation_value_hmac bytea not null, validation_value_enc bytea not null
);
-- -- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- create or replace function q_auth_v1_setup_startup_one_time ( p_hmac_password varchar, p_userdata_password varchar )
returns text as $$
DECLARE
l_data text; l_fail bool;
BEGIN
-- Copyright (C) Philip Schlump, 2008-2021. -- BSD 3 Clause Licensed. See LICENSE.bsd -- version: m4_ver_version() tag: m4_ver_tag() build_date: m4_ver_date() l_fail = false; insert into t_output ( msg ) values ( 'function ->q_auth_v1_setup_startup_one_time<- m4___file__ m4___line__' ); begin insert into q_qr_validate_startup ( once_id, validation_value_hmac, validation_value_enc ) values ( 1 , q_auth_v1_hmac_encode ( 'test@test.com', p_hmac_password ) , pgp_sym_encrypt('test@test.com', p_userdata_password) ); exception when others then l_fail = true; l_data = '{"status":"error","msg":"Not initialized properly - incorrect passwrods","code":"2004","location":"m4___file__ m4___line__"}'; insert into q_qr_auth_log ( user_id, activity, code, location ) values ( l_user_id, 'Not initialized properly - incorrect passwords', '2005', 'File:m4___file__ Line No:m4___line__'); end; if not l_fail then l_data = '{"status":"success"' ||'}'; end if; RETURN l_data;
END; $$ LANGUAGE plpgsql;
-- -- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- create or replace function q_auth_v1_validate_startup_passwords ( p_hmac_password varchar, p_userdata_password varchar )
returns text as $$
DECLARE
l_data text; l_fail bool; l_debug_on bool; l_id uuid; l_junk text;
BEGIN
l_debug_on = q_get_config_bool ( 'debug' ); -- Copyright (C) Philip Schlump, 2008-2021. -- BSD 3 Clause Licensed. See LICENSE.bsd -- version: m4_ver_version() tag: m4_ver_tag() build_date: m4_ver_date() l_fail = false; l_data = '{"status":"unknown"}'; if l_debug_on then insert into t_output ( msg ) values ( 'function ->q_auth_v1_validate_startup_passwords<- m4___file__ m4___line__' ); end if; begin select 'found' into l_junk from q_qr_validate_startup where once_id = 1 and validation_value_hmac = q_auth_v1_hmac_encode ( 'test@test.com', p_hmac_password ) and pgp_sym_decrypt(validation_value_enc, p_userdata_password) = 'test@test.com' ; if not found then l_fail = true; l_data = '{"status":"error","msg":"Not configured properly - incorrect passwrods","code":"2005","location":"m4___file__ m4___line__"}'; end if; exception when others then l_fail = true; l_data = '{"status":"error","msg":"Not configured properly - incorrect passwrods","code":"2007","location":"m4___file__ m4___line__"}'; end; if not l_fail then l_data = '{"status":"success"' ||'}'; end if; RETURN l_data;
END; $$ LANGUAGE plpgsql;
delete from q_qr_validate_startup ;
select q_auth_v1_setup_startup_one_time ( 'bob', 'bob' ); select q_auth_v1_validate_startup_passwords ( 'bb', 'ob' );
delete from q_qr_validate_startup ;
type SQLStringType ¶
type SQLStringType struct {
X string
}
-------------------------------------------------------------------------------------------------------------------------
type SQLUserIdPrivsType ¶
type SQLUserIdPrivsType struct { UserId string `json:"user_id,omitempty" db:"user_id"` Privileges string `json:"privileges,omitempty"` ClientId string `json:"client_id,omitempty" db:"client_id"` Email string `json:"email" db:"email"` // , min(t2.expires) as expires // , ceil(EXTRACT(EPOCH FROM min(t2.expires))) as seconds_till_expires Expires string `json:"expires" db:"expires"` SecondsTillExpires int64 `json:"seconds_till_expires" db:"seconds_till_expires"` }
------------------------------------------------------------------------------------------------------------------------- Use:
AuthJWTPublic string `json:"auth_jwt_public_file" default:""` // Public Key File AuthJWTPrivate string `json:"auth_jwt_private_file" default:""` // Private Key File AuthJWTKeyType string `json:"auth_jwt_key_type" default:"ES" validate:"v.In(['ES256','RS256', 'ES512', 'RS512'])"` // Key type ES = ESDSA or RS = RSA
func RedisGetCachedToken ¶ added in v1.0.46
func RedisGetCachedToken(AuthToken, UserdataPassword string, perReqLog *os.File) (v2 []*SQLUserIdPrivsType, has bool)
type SetDebugFlagSuccess ¶
type SetDebugFlagSuccess struct {
Status string `json:"status"`
}
Output returned
type SipLogin0Success ¶
type SipLogin0Success struct { Status string `json:"status"` TmpToken string `json:"tmp_token,omitempty"` Challenge string `json:"challenge,omitempty"` Require2fa string `json:"require_2fa,omitempty"` Privileges string `json:"privileges,omitempty"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` }
type SipLogin1Success ¶
type SipLogin1Success struct { Status string `json:"status"` TmpToken string `json:"tmp_token,omitempty"` Challenge string `json:"challenge,omitempty"` }
-------------------------------------------------------------------------------------------------------------------------
type SipLogin22uccess ¶
type SipLogin22uccess struct { Status string `json:"status"` TmpToken string `json:"tmp_token,omitempty"` Proof string `json:"proof,omitempty"` }
-------------------------------------------------------------------------------------------------------------------------
type StdErrorReturn ¶
type UpdateAcctStateSuccess ¶ added in v1.0.54
type UpdateAcctStateSuccess struct { Status string `json:"status"` AcctState string `json:"acct_state"` }
Output returned
type Validate2faTokenSuccess ¶
type Validate2faTokenSuccess struct { Status string `json:"status"` Token string `json:"token,omitempty"` EmailValidated string `json:"email_validated,omitempty"` X2faValidated string `json:"x2fa_validated,omitempty"` Expires string `json:"expires,omitempty"` AcctState string `json:"acct_state,omitempty"` }
Output returned
type ValidateTokenSuccess ¶ added in v1.0.29
type ValidateTokenSuccess struct { Status string `json:"status"` Token string `json:"token,omitempty"` // the JWT Token??? AccountType string `json:"account_type,omitempty"` FirstName string `json:"first_name,omitempty"` LastName string `json:"last_name,omitempty"` AcctState string `json:"acct_state,omitempty"` UserConfig map[string]string `json:"user_config,omitempty"` }
Output returned
type X2faSetupSuccess ¶
type X2faSetupSuccess struct { Status string `json:"status"` Msg string `json:"msg"` X2faValidated string `json:"x2fa_validated,omitempty"` }
Output returned