auth

package
v0.0.0-...-c846bbc Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 28, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MinPasswordLength = 12
	MaxPasswordLength = 36
)

Variables

View Source 
var (
	ErrInvalidCredentials        = errors.New("invalid credentials")
	ErrNoRowsAffected            = errors.New("no rows affected")
	ErrInvalidResetPasswordToken = errors.New("invalid reset password token")
	ErrUserNotFound              = errors.New("user not found")
	ErrUserEmailAlreadyExists    = errors.New("a user with this email already exists")
	ErrUserHasValidToken         = errors.New("user has a valid token")
)
View Source 
var (
	ErrMFACodeInvalid         = errors.New("MFA code is invalid")
	ErrMFANoCodeForUserDevice = errors.New("no MFA code for user and device")
)
View Source 
var (
	ErrPasswordTooShort = fmt.Errorf("password should have at least %d characters", MinPasswordLength)
	ErrPasswordTooLong  = fmt.Errorf("password should have at most %d characters", MaxPasswordLength)
)
View Source 
var ErrInvalidToken = errors.New("invalid token")

Functions

func CreateResetPasswordTokenFixture 

func CreateResetPasswordTokenFixture(t *testing.T, ctx context.Context, sqlExec db.SQLExecuter, randomAuthUser *RandomAuthUser, isValid bool, createdAt time.Time) (token string)

Types

type AuthManager 

type AuthManager interface {
	Authenticate(ctx context.Context, email, pass string) (string, error)
	// RefreshToken generates a new token if the current token is going to expire in less than `tokenRefreshWindow` minutes.
	// Otherwise, it returns the same token.
	RefreshToken(ctx context.Context, tokenString string) (string, error)
	ValidateToken(ctx context.Context, tokenString string) (bool, error)
	AllRolesInTokenUser(ctx context.Context, tokenString string, roleNames []string) (bool, error)
	AnyRolesInTokenUser(ctx context.Context, tokenString string, roleNames []string) (bool, error)
	CreateUser(ctx context.Context, user *User, password string) (*User, error)
	UpdateUser(ctx context.Context, tokenString, firstName, lastName, email, password string) error
	ForgotPassword(ctx context.Context, sqlExec db.SQLExecuter, email string) (string, error)
	ResetPassword(ctx context.Context, tokenString, password string) error
	UpdatePassword(ctx context.Context, token, currentPassword, newPassword string) error
	GetUser(ctx context.Context, tokenString string) (*User, error)
	GetUsersByID(ctx context.Context, userIDs []string) ([]*User, error)
	GetUserID(ctx context.Context, tokenString string) (string, error)
	GetTenantID(ctx context.Context, tokenString string) (string, error)
	GetAllUsers(ctx context.Context, tokenString string) ([]User, error)
	UpdateUserRoles(ctx context.Context, tokenString, userID string, roles []string) error
	DeactivateUser(ctx context.Context, tokenString, userID string) error
	ActivateUser(ctx context.Context, tokenString, userID string) error
	ExpirationTimeInMinutes() time.Duration
	MFADeviceRemembered(ctx context.Context, deviceID, userID string) (bool, error)
	GetMFACode(ctx context.Context, deviceID, userID string) (string, error)
	AuthenticateMFA(ctx context.Context, deviceID, code string, rememberMe bool) (string, error)
}

func NewAuthManager 

func NewAuthManager(options ...AuthManagerOption) AuthManager

NewAuthManager constructs a new `*AuthManager` and apply the options passed by parameter.

type AuthManagerMock 

type AuthManagerMock struct {
	mock.Mock
}

AuthManager

func NewAuthManagerMock 

func NewAuthManagerMock(t testInterface) *AuthManagerMock

AuthManagerMock creates a new instance of AuthManagerMock. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.

func (*AuthManagerMock) ActivateUser 

func (am *AuthManagerMock) ActivateUser(ctx context.Context, tokenString, userID string) error

func (*AuthManagerMock) AllRolesInTokenUser 

func (am *AuthManagerMock) AllRolesInTokenUser(ctx context.Context, tokenString string, roleNames []string) (bool, error)

func (*AuthManagerMock) AnyRolesInTokenUser 

func (am *AuthManagerMock) AnyRolesInTokenUser(ctx context.Context, tokenString string, roleNames []string) (bool, error)

func (*AuthManagerMock) Authenticate 

func (am *AuthManagerMock) Authenticate(ctx context.Context, email, pass string) (string, error)

func (*AuthManagerMock) AuthenticateMFA 

func (am *AuthManagerMock) AuthenticateMFA(ctx context.Context, deviceID, code string, rememberMe bool) (string, error)

func (*AuthManagerMock) CreateUser 

func (am *AuthManagerMock) CreateUser(ctx context.Context, user *User, password string) (*User, error)

func (*AuthManagerMock) DeactivateUser 

func (am *AuthManagerMock) DeactivateUser(ctx context.Context, tokenString, userID string) error

func (*AuthManagerMock) ExpirationTimeInMinutes 

func (am *AuthManagerMock) ExpirationTimeInMinutes() time.Duration

func (*AuthManagerMock) ForgotPassword 

func (am *AuthManagerMock) ForgotPassword(ctx context.Context, sqlExec db.SQLExecuter, email string) (string, error)

func (*AuthManagerMock) GenerateMFACode 

func (am *AuthManagerMock) GenerateMFACode(ctx context.Context, userID, deviceID string) (string, error)

func (*AuthManagerMock) GetAllUsers 

func (am *AuthManagerMock) GetAllUsers(ctx context.Context, tokenString string) ([]User, error)

func (*AuthManagerMock) GetMFACode 

func (am *AuthManagerMock) GetMFACode(ctx context.Context, userID, deviceID string) (string, error)

func (*AuthManagerMock) GetTenantID 

func (am *AuthManagerMock) GetTenantID(ctx context.Context, tokenString string) (string, error)

func (*AuthManagerMock) GetUser 

func (am *AuthManagerMock) GetUser(ctx context.Context, tokenString string) (*User, error)

func (*AuthManagerMock) GetUserID 

func (am *AuthManagerMock) GetUserID(ctx context.Context, userID string) (string, error)

func (*AuthManagerMock) GetUsersByID 

func (am *AuthManagerMock) GetUsersByID(ctx context.Context, tokenString []string) ([]*User, error)

func (*AuthManagerMock) MFADeviceRemembered 

func (am *AuthManagerMock) MFADeviceRemembered(ctx context.Context, userID, deviceID string) (bool, error)

func (*AuthManagerMock) RefreshToken 

func (am *AuthManagerMock) RefreshToken(ctx context.Context, tokenString string) (string, error)

func (*AuthManagerMock) ResetPassword 

func (am *AuthManagerMock) ResetPassword(ctx context.Context, tokenString, password string) error

func (*AuthManagerMock) UpdatePassword 

func (am *AuthManagerMock) UpdatePassword(ctx context.Context, token, currentPassword, newPassword string) error

func (*AuthManagerMock) UpdateUser 

func (am *AuthManagerMock) UpdateUser(ctx context.Context, tokenString, firstName, lastName, email, password string) error

func (*AuthManagerMock) UpdateUserRoles 

func (am *AuthManagerMock) UpdateUserRoles(ctx context.Context, tokenString, userID string, roles []string) error

func (*AuthManagerMock) ValidateToken 

func (am *AuthManagerMock) ValidateToken(ctx context.Context, tokenString string) (bool, error)

type AuthManagerOption 

type AuthManagerOption func(am *defaultAuthManager)

func WithCustomAuthenticatorOption 

func WithCustomAuthenticatorOption(authenticator Authenticator) AuthManagerOption

WithDefaultAuthenticatorOption sets a custom authentication method that implements the `Authenticator` interface.

func WithCustomJWTManagerOption 

func WithCustomJWTManagerOption(jwtManager JWTManager) AuthManagerOption

WithDefaultJWTManagerOption sets a custom JWT Manager that implements the `JWTManager` interface.

func WithCustomMFAManagerOption 

func WithCustomMFAManagerOption(mfaManager MFAManager) AuthManagerOption

func WithCustomRoleManagerOption 

func WithCustomRoleManagerOption(roleManager RoleManager) AuthManagerOption

func WithDefaultAuthenticatorOption 

func WithDefaultAuthenticatorOption(dbConnectionPool db.DBConnectionPool, passwordEncrypter PasswordEncrypter, resetTokenExpirationHours time.Duration) AuthManagerOption

WithDefaultAuthenticatorOption sets a default authentication method that validates the users' credentials.

func WithDefaultJWTManagerOption 

func WithDefaultJWTManagerOption(ECPublicKey, ECPrivateKey string) AuthManagerOption

WithDefaultJWTManagerOption sets a default JWT Manager that generates, validates and refreshes the users' JWT token.

func WithDefaultMFAManagerOption 

func WithDefaultMFAManagerOption(dbConnectionPool db.DBConnectionPool) AuthManagerOption

func WithDefaultRoleManagerOption 

func WithDefaultRoleManagerOption(dbConnectionPool db.DBConnectionPool, ownerRoleName string) AuthManagerOption

func WithExpirationTimeInMinutesOption 

func WithExpirationTimeInMinutesOption(minutes int) AuthManagerOption

WithExpirationTimeInMinutesOption sets the JWT token expiration time in minutes. Default is `15 minutes`.

type Authenticator 

type Authenticator interface {
	ValidateCredentials(ctx context.Context, email, password string) (*User, error)
	// CreateUser creates a new user it receives a user object and the password
	CreateUser(ctx context.Context, user *User, password string) (*User, error)
	UpdateUser(ctx context.Context, ID, firstName, lastName, email, password string) error
	ActivateUser(ctx context.Context, userID string) error
	DeactivateUser(ctx context.Context, userID string) error
	ForgotPassword(ctx context.Context, sqlExec db.SQLExecuter, email string) (string, error)
	ResetPassword(ctx context.Context, resetToken, password string) error
	UpdatePassword(ctx context.Context, user *User, currentPassword, newPassword string) error
	GetAllUsers(ctx context.Context) ([]User, error)
	GetUser(ctx context.Context, userID string) (*User, error)
	GetUsers(ctx context.Context, userIDs []string) ([]*User, error)
}

type AuthenticatorMock 

type AuthenticatorMock struct {
	mock.Mock
}

Authenticator

func (*AuthenticatorMock) ActivateUser 

func (am *AuthenticatorMock) ActivateUser(ctx context.Context, userID string) error

func (*AuthenticatorMock) CreateUser 

func (am *AuthenticatorMock) CreateUser(ctx context.Context, user *User, password string) (*User, error)

func (*AuthenticatorMock) DeactivateUser 

func (am *AuthenticatorMock) DeactivateUser(ctx context.Context, userID string) error

func (*AuthenticatorMock) ForgotPassword 

func (am *AuthenticatorMock) ForgotPassword(ctx context.Context, sqlExec db.SQLExecuter, email string) (string, error)

func (*AuthenticatorMock) GetAllUsers 

func (am *AuthenticatorMock) GetAllUsers(ctx context.Context) ([]User, error)

func (*AuthenticatorMock) GetUser 

func (am *AuthenticatorMock) GetUser(ctx context.Context, userID string) (*User, error)

func (*AuthenticatorMock) GetUsers 

func (am *AuthenticatorMock) GetUsers(ctx context.Context, userIDs []string) ([]*User, error)

func (*AuthenticatorMock) ResetPassword 

func (am *AuthenticatorMock) ResetPassword(ctx context.Context, resetToken, password string) error

func (*AuthenticatorMock) UpdatePassword 

func (am *AuthenticatorMock) UpdatePassword(ctx context.Context, user *User, currentPassword, newPassword string) error

func (*AuthenticatorMock) UpdateUser 

func (am *AuthenticatorMock) UpdateUser(ctx context.Context, ID, firstName, lastName, email, password string) error

func (*AuthenticatorMock) ValidateCredentials 

func (am *AuthenticatorMock) ValidateCredentials(ctx context.Context, email, password string) (*User, error)

type DefaultPasswordEncrypter 

type DefaultPasswordEncrypter struct{}

DefaultPasswordEncrypter defines the default way of encrypting passwords and comparing passwords with its stored hash. It uses `bcrypt` library to handle with the encryption and comparison.

func NewDefaultPasswordEncrypter 

func NewDefaultPasswordEncrypter() *DefaultPasswordEncrypter

func (*DefaultPasswordEncrypter) ComparePassword 

func (e *DefaultPasswordEncrypter) ComparePassword(ctx context.Context, encryptedPassword, password string) (bool, error)

func (*DefaultPasswordEncrypter) Encrypt 

func (e *DefaultPasswordEncrypter) Encrypt(ctx context.Context, password string) (string, error)

type JWTManager 

type JWTManager interface {
	GenerateToken(ctx context.Context, user *User, expiresAt time.Time) (string, error)
	// RefreshToken generates a new token if the current token is going to expire in less than `tokenRefreshWindow` minutes.
	// Otherwise, it returns the same token.
	RefreshToken(ctx context.Context, token string, expiresAt time.Time) (string, error)
	ValidateToken(ctx context.Context, token string) (bool, error)
	GetUserFromToken(ctx context.Context, token string) (*User, error)
	GetTenantIDFromToken(ctx context.Context, token string) (string, error)
}

type JWTManagerMock 

type JWTManagerMock struct {
	mock.Mock
}

JWTManager

func (*JWTManagerMock) GenerateToken 

func (m *JWTManagerMock) GenerateToken(ctx context.Context, user *User, expiresAt time.Time) (string, error)

func (*JWTManagerMock) GetTenantIDFromToken 

func (m *JWTManagerMock) GetTenantIDFromToken(ctx context.Context, token string) (string, error)

func (*JWTManagerMock) GetUserFromToken 

func (m *JWTManagerMock) GetUserFromToken(ctx context.Context, tokenString string) (*User, error)

func (*JWTManagerMock) RefreshToken 

func (m *JWTManagerMock) RefreshToken(ctx context.Context, token string, expiresAt time.Time) (string, error)

func (*JWTManagerMock) ValidateToken 

func (m *JWTManagerMock) ValidateToken(ctx context.Context, token string) (bool, error)

type MFAManager 

type MFAManager interface {
	MFADeviceRemembered(ctx context.Context, deviceID, userID string) (bool, error)
	GenerateMFACode(ctx context.Context, deviceID, userID string) (string, error)
	ValidateMFACode(ctx context.Context, deviceID, code string) (string, error)
	RememberDevice(ctx context.Context, deviceID, code string) error
}

type MFAManagerMock 

type MFAManagerMock struct {
	mock.Mock
}

MFAManager

func (*MFAManagerMock) GenerateMFACode 

func (m *MFAManagerMock) GenerateMFACode(ctx context.Context, deviceID, userID string) (string, error)

func (*MFAManagerMock) MFADeviceRemembered 

func (m *MFAManagerMock) MFADeviceRemembered(ctx context.Context, deviceID, userID string) (bool, error)

func (*MFAManagerMock) RememberDevice 

func (m *MFAManagerMock) RememberDevice(ctx context.Context, deviceID, code string) error

func (*MFAManagerMock) ValidateMFACode 

func (m *MFAManagerMock) ValidateMFACode(ctx context.Context, deviceID, code string) (string, error)

type PasswordEncrypter 

type PasswordEncrypter interface {
	// Encrypt encrypts the `password` and return a hash.
	Encrypt(ctx context.Context, password string) (string, error)

	// ComparePassword compares the `encryptedPassword` with the plain `password` to verify if it's correct.
	ComparePassword(ctx context.Context, encryptedPassword, password string) (bool, error)
}

PasswordEncrypter is a interface that defines the methods to encrypt passwords and compare a password with its stored hash. This interface is used by `DefaultAuthenticator` as the type of `passwordEncrypter` attribute.

type PasswordEncrypterMock 

type PasswordEncrypterMock struct {
	mock.Mock
}

PasswordEncrypter

func (*PasswordEncrypterMock) ComparePassword 

func (em *PasswordEncrypterMock) ComparePassword(ctx context.Context, encryptedPassword, password string) (bool, error)

func (*PasswordEncrypterMock) Encrypt 

func (em *PasswordEncrypterMock) Encrypt(ctx context.Context, password string) (string, error)

type RandomAuthUser 

type RandomAuthUser struct {
	ID                string
	Email             string
	FirstName         string
	LastName          string
	Password          string
	EncryptedPassword string
	IsOwner           bool
	IsActive          bool
	Roles             []string
	CreatedAt         time.Time
}

func CreateRandomAuthUserFixture 

func CreateRandomAuthUserFixture(t *testing.T, ctx context.Context, sqlExec db.SQLExecuter, passwordEncrypter PasswordEncrypter, isAdmin bool, roles ...string) *RandomAuthUser

func (*RandomAuthUser) ToUser 

func (rau *RandomAuthUser) ToUser() *User

type RoleManager 

type RoleManager interface {
	GetUserRoles(ctx context.Context, user *User) ([]string, error)
	// HasAllRoles validates whether the user has all roles passed by parameter.
	HasAllRoles(ctx context.Context, user *User, roleNames []string) (bool, error)
	// HasAnyRoles validates whether the user has one or more roles passed by parameter.
	HasAnyRoles(ctx context.Context, user *User, roleNames []string) (bool, error)
	IsSuperUser(ctx context.Context, user *User) (bool, error)
	UpdateRoles(ctx context.Context, user *User, roleNames []string) error
}

type RoleManagerMock 

type RoleManagerMock struct {
	mock.Mock
}

func (*RoleManagerMock) GetUserRoles 

func (rm *RoleManagerMock) GetUserRoles(ctx context.Context, user *User) ([]string, error)

func (*RoleManagerMock) HasAllRoles 

func (rm *RoleManagerMock) HasAllRoles(ctx context.Context, user *User, roleNames []string) (bool, error)

func (*RoleManagerMock) HasAnyRoles 

func (rm *RoleManagerMock) HasAnyRoles(ctx context.Context, user *User, roleNames []string) (bool, error)

func (*RoleManagerMock) IsSuperUser 

func (rm *RoleManagerMock) IsSuperUser(ctx context.Context, user *User) (bool, error)

func (*RoleManagerMock) UpdateRoles 

func (rm *RoleManagerMock) UpdateRoles(ctx context.Context, user *User, roleNames []string) error

type User 

type User struct {
	ID        string   `json:"id"`
	FirstName string   `json:"first_name"`
	LastName  string   `json:"last_name"`
	Email     string   `json:"email"`
	IsOwner   bool     `json:"-"`
	IsActive  bool     `json:"is_active"`
	Roles     []string `json:"roles"`
}

func (*User) Validate 

func (u *User) Validate() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.