access

package
v1.6.12 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 6, 2024 License: GPL-3.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source
const (
	AccountServer         = "https://api.account.safing.io"
	LoginPath             = "/api/v1/authenticate"
	UserProfilePath       = "/api/v1/user/profile"
	TokenRequestSetupPath = "/api/v1/token/request/setup" //nolint:gosec
	TokenRequestIssuePath = "/api/v1/token/request/issue" //nolint:gosec
	HealthCheckPath       = "/api/v1/health"
)

Client URLs.

View Source
const OpTypeAccessCodeAuth = "auth"

OpTypeAccessCodeAuth is the type ID of the auth operation.

Variables

View Source
var (
	ErrDeviceIsLocked       = errors.New("device is locked")
	ErrDeviceLimitReached   = errors.New("device limit reached")
	ErrFallbackNotAvailable = errors.New("fallback tokens not available, token issuer is online")
	ErrInvalidCredentials   = errors.New("invalid credentials")
	ErrMayNotUseSPN         = errors.New("may not use SPN")
	ErrNotLoggedIn          = errors.New("not logged in")
)

Errors.

View Source
var (

	// AccountUpdateEvent is fired when the account has changed in any way.
	AccountUpdateEvent = "account update"
)
View Source
var (

	// EnableAfterLogin automatically enables the SPN subsystem/module after login.
	EnableAfterLogin = true
)
View Source
var (
	// ExpandAndConnectZones are the zones that grant access to the expand and
	// connect operations.
	ExpandAndConnectZones = []string{"pblind1", "alpha2", "fallback1"}
)

Functions

func EnableTestMode

func EnableTestMode()

EnableTestMode enables the test mode, leading the access module to only register a test zone. This should not be used to test the access module itself.

func GetToken

func GetToken(zones []string) (t *token.Token, err error)

GetToken returns a token of one of the given zones.

func GetTokenAmount

func GetTokenAmount(zones []string) (regular, fallback int)

GetTokenAmount returns the amount of tokens for the given zones.

func InitializeZones

func InitializeZones() error

InitializeZones initialized the permission zones. It initializes the test zones, if EnableTestMode was called before. Must only be called once.

func Logout

func Logout(shallow, purge bool) error

Logout logs the user out of the SPN account. Specify "shallow" to keep user data in order to display data in the UI - preferably when logged out be the server. Specify "purge" in order to fully delete all user account data, even the device ID so that logging in again will create a new device.

func SaveNewAuthToken

func SaveNewAuthToken(deviceID string, resp *http.Response) error

SaveNewAuthToken saves a new auth token to the database.

func ShouldRequest

func ShouldRequest(zones []string) (shouldRequest bool)

ShouldRequest returns whether tokens should be requested for the given zones.

func TokenIssuerIsFailing

func TokenIssuerIsFailing() bool

TokenIssuerIsFailing returns whether token issuing is currently failing.

func UpdateAccount

func UpdateAccount(_ context.Context, task *modules.Task) error

UpdateAccount updates the user account and fetches new tokens, if needed.

func UpdateTokens

func UpdateTokens() error

UpdateTokens fetches more tokens for handlers that need it.

func VerifyRawToken

func VerifyRawToken(data []byte) (granted terminal.Permission, err error)

VerifyRawToken verifies a raw token.

func VerifyToken

func VerifyToken(t *token.Token) (granted terminal.Permission, err error)

VerifyToken verifies a token.

Types

type AuthTokenRecord

type AuthTokenRecord struct {
	record.Base
	sync.Mutex

	Token *account.AuthToken
}

AuthTokenRecord holds an authentication token.

func GetAuthToken

func GetAuthToken() (*AuthTokenRecord, error)

GetAuthToken returns the current auth token.

func (*AuthTokenRecord) GetToken

func (authToken *AuthTokenRecord) GetToken() *account.AuthToken

GetToken returns the token from the record.

func (*AuthTokenRecord) Save

func (authToken *AuthTokenRecord) Save() error

Save saves the auth token to the database.

func (*AuthTokenRecord) Update

func (authToken *AuthTokenRecord) Update(resp *http.Response) error

Update updates an existing auth token with the next token from a response.

type AuthorizeOp

type AuthorizeOp struct {
	terminal.OneOffOperationBase
}

AuthorizeOp is used to authorize a session.

func AuthorizeToTerminal

func AuthorizeToTerminal(t terminal.Terminal) (*AuthorizeOp, *terminal.Error)

AuthorizeToTerminal starts an authorization operation.

func (*AuthorizeOp) Type

func (op *AuthorizeOp) Type() string

Type returns the type ID.

type Feature

type Feature struct {
	Name              string
	ID                string
	RequiredFeatureID account.FeatureID
	ConfigKey         string
	ConfigScope       string
	InPackage         *Package
	Comment           string
	Beta              bool
	ComingSoon        bool
	// contains filtered or unexported fields
}

Feature describes a notable part of the program.

type Package

type Package struct {
	Name     string
	HexColor string
	InfoURL  string
}

Package combines a set of features.

type UserRecord

type UserRecord struct {
	record.Base
	sync.Mutex

	*account.User

	LastNotifiedOfEnd *time.Time
	LoggedInAt        *time.Time
}

UserRecord holds a SPN user account.

func GetUser

func GetUser() (*UserRecord, error)

GetUser returns the current user account. Returns nil when no user is logged in.

func Login

func Login(username, password string) (user *UserRecord, code int, err error)

Login logs the user into the SPN account with the given username and password.

func UpdateUser

func UpdateUser() (user *UserRecord, statusCode int, err error)

UpdateUser fetches the current user information from the server.

func (*UserRecord) IsLoggedIn

func (user *UserRecord) IsLoggedIn() bool

IsLoggedIn returns whether a User is currently logged in.

func (*UserRecord) MayUse

func (user *UserRecord) MayUse(featureID account.FeatureID) bool

MayUse returns whether the user may currently use the feature identified by the given feature ID. Leave feature ID empty to check without feature.

func (*UserRecord) MayUsePrioritySupport

func (user *UserRecord) MayUsePrioritySupport() bool

MayUsePrioritySupport returns whether the user may currently use the priority support.

func (*UserRecord) MayUseSPN

func (user *UserRecord) MayUseSPN() bool

MayUseSPN returns whether the user may currently use the SPN.

func (*UserRecord) MayUseTheSPN

func (user *UserRecord) MayUseTheSPN() bool

MayUseTheSPN returns whether the currently logged in User may use the SPN.

func (*UserRecord) Save

func (user *UserRecord) Save() error

Save saves the User.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL