Documentation
¶
Index ¶
- Variables
- type Account
- type AuditLog
- type AuditLogConsole
- type AuditLogStorage
- type Config
- type Cookie
- type Cors
- type Database
- type Email
- type Emails
- type LoggerConfig
- type OutputStream
- type Passcode
- type Password
- type RateLimiter
- type RateLimiterStoreType
- type RateLimits
- type RedisConfig
- type RelyingParty
- type SMTP
- type Secrets
- type Server
- type ServerSettings
- type Service
- type Session
- type ThirdParty
- type ThirdPartyProvider
- type ThirdPartyProviders
- type WebauthnSettings
Constants ¶
This section is empty.
Variables ¶
View Source
var (
DefaultConfigFilePath = "./config/config.yaml"
)
Functions ¶
This section is empty.
Types ¶
type Account ¶ added in v0.6.0
type Account struct {
AllowDeletion bool `yaml:"allow_deletion" json:"allow_deletion" koanf:"allow_deletion"`
}
type AuditLog ¶
type AuditLog struct {
ConsoleOutput AuditLogConsole `yaml:"console_output" json:"console_output" koanf:"console_output" split_words:"true"`
Storage AuditLogStorage `yaml:"storage" json:"storage" koanf:"storage"`
}
type AuditLogConsole ¶
type AuditLogConsole struct {
Enabled bool `yaml:"enabled" json:"enabled" koanf:"enabled"`
OutputStream OutputStream `yaml:"output" json:"output" koanf:"output" split_words:"true"`
}
type AuditLogStorage ¶
type AuditLogStorage struct {
Enabled bool `yaml:"enabled" json:"enabled" koanf:"enabled"`
}
type Config ¶
type Config struct {
Server Server `yaml:"server" json:"server" koanf:"server"`
Webauthn WebauthnSettings `yaml:"webauthn" json:"webauthn" koanf:"webauthn"`
Passcode Passcode `yaml:"passcode" json:"passcode" koanf:"passcode"`
Password Password `yaml:"password" json:"password" koanf:"password"`
Database Database `yaml:"database" json:"database" koanf:"database"`
Secrets Secrets `yaml:"secrets" json:"secrets" koanf:"secrets"`
Service Service `yaml:"service" json:"service" koanf:"service"`
Session Session `yaml:"session" json:"session" koanf:"session"`
AuditLog AuditLog `yaml:"audit_log" json:"audit_log" koanf:"audit_log" split_words:"true"`
Emails Emails `yaml:"emails" json:"emails" koanf:"emails"`
RateLimiter RateLimiter `yaml:"rate_limiter" json:"rate_limiter" koanf:"rate_limiter" split_words:"true"`
ThirdParty ThirdParty `yaml:"third_party" json:"third_party" koanf:"third_party" split_words:"true"`
Log LoggerConfig `yaml:"log" json:"log" koanf:"log"`
Account Account `yaml:"account" json:"account" koanf:"account"`
}
Config is the central configuration type
func DefaultConfig ¶
func DefaultConfig() *Config
func (*Config) PostProcess ¶ added in v0.5.0
type Cookie ¶
type Cookie struct {
Domain string `yaml:"domain" json:"domain" koanf:"domain"`
HttpOnly bool `yaml:"http_only" json:"http_only" koanf:"http_only" split_words:"true"`
SameSite string `yaml:"same_site" json:"same_site" koanf:"same_site" split_words:"true"`
Secure bool `yaml:"secure" json:"secure" koanf:"secure"`
}
type Cors ¶
type Cors struct {
// AllowOrigins determines the value of the Access-Control-Allow-Origin
// response header. This header defines a list of origins that may access the
// resource. The wildcard characters '*' and '?' are supported and are
// converted to regex fragments '.*' and '.' accordingly.
AllowOrigins []string `yaml:"allow_origins" json:"allow_origins" koanf:"allow_origins" split_words:"true"`
// UnsafeWildcardOriginWithAllowCredentials UNSAFE/INSECURE: allows wildcard '*' origin to be used with AllowCredentials
// flag. In that case we consider any origin allowed and send it back to the client with `Access-Control-Allow-Origin` header.
//
// This is INSECURE and potentially leads to [cross-origin](https://portswigger.net/research/exploiting-cors-misconfigurations-for-bitcoins-and-bounties)
// attacks. See: https://github.com/labstack/echo/issues/2400 for discussion on the subject.
//
// Optional. Default value is false.
UnsafeWildcardOriginAllowed bool `` /* 133-byte string literal not displayed */
}
type Database ¶
type Database struct {
Database string `yaml:"database" json:"database" koanf:"database"`
User string `yaml:"user" json:"user" koanf:"user"`
Password string `yaml:"password" json:"password" koanf:"password"`
Host string `yaml:"host" json:"host" koanf:"host"`
Port string `yaml:"port" json:"port" koanf:"port"`
Dialect string `yaml:"dialect" json:"dialect" koanf:"dialect"`
Url string `yaml:"url" json:"url" koanf:"url"`
}
Database connection settings
type Email ¶
type LoggerConfig ¶ added in v0.5.0
type LoggerConfig struct {
LogHealthAndMetrics bool `yaml:"log_health_and_metrics" json:"log_health_and_metrics" koanf:"log_health_and_metrics"`
}
type OutputStream ¶
type OutputStream string
var ( OutputStreamStdOut OutputStream = "stdout" OutputStreamStdErr OutputStream = "stderr" )
type Passcode ¶
type RateLimiter ¶
type RateLimiter struct {
Enabled bool `yaml:"enabled" json:"enabled" koanf:"enabled"`
Store RateLimiterStoreType `yaml:"store" json:"store" koanf:"store"`
Redis *RedisConfig `yaml:"redis_config" json:"redis_config" koanf:"redis_config"`
PasscodeLimits RateLimits `yaml:"passcode_limits" json:"passcode_limits" koanf:"passcode_limits" split_words:"true"`
PasswordLimits RateLimits `yaml:"password_limits" json:"password_limits" koanf:"password_limits" split_words:"true"`
TokenLimits RateLimits `yaml:"token_limits" json:"token_limits" koanf:"token_limits" split_words:"true"`
}
func (*RateLimiter) Validate ¶
func (r *RateLimiter) Validate() error
type RateLimiterStoreType ¶
type RateLimiterStoreType string
const ( RATE_LIMITER_STORE_IN_MEMORY RateLimiterStoreType = "in_memory" RATE_LIMITER_STORE_REDIS = "redis" )
type RateLimits ¶
type RedisConfig ¶
type RelyingParty ¶
type RelyingParty struct {
Id string `yaml:"id" json:"id" koanf:"id"`
DisplayName string `yaml:"display_name" json:"display_name" koanf:"display_name" split_words:"true"`
Icon string `yaml:"icon" json:"icon" koanf:"icon"`
Origins []string `yaml:"origins" json:"origins" koanf:"origins"`
}
RelyingParty webauthn settings for your application using hanko.
type SMTP ¶
type SMTP struct {
Host string `yaml:"host" json:"host" koanf:"host"`
Port string `yaml:"port" json:"port" koanf:"port"`
User string `yaml:"user" json:"user" koanf:"user"`
Password string `yaml:"password" json:"password" koanf:"password"`
}
SMTP Server Settings for sending passcodes
type Secrets ¶
type Secrets struct {
// Keys secrets are used to en- and decrypt the JWKs which get used to sign the JWTs.
// For every key a JWK is generated, encrypted with the key and persisted in the database.
//
// You can use this list for key rotation: add a new key to the beginning of the list and the corresponding
// JWK will then be used for signing JWTs. All tokens signed with the previous JWK(s) will still
// be valid until they expire. Removing a key from the list does not remove the corresponding
// database record. If you remove a key, you also have to remove the database record, otherwise
// application startup will fail.
//
// Each key must be at least 16 characters long.
Keys []string `yaml:"keys" json:"keys" koanf:"keys"`
}
type Server ¶
type Server struct {
Public ServerSettings `yaml:"public" json:"public" koanf:"public"`
Admin ServerSettings `yaml:"admin" json:"admin" koanf:"admin"`
}
Server contains the setting for the public and admin server
type ServerSettings ¶
type ServerSettings struct {
// The Address to listen on in the form of host:port
// See net.Dial for details of the address format.
Address string `yaml:"address" json:"address" koanf:"address"`
Cors Cors `yaml:"cors" json:"cors" koanf:"cors"`
}
func (*ServerSettings) Validate ¶
func (s *ServerSettings) Validate() error
type Session ¶
type ThirdParty ¶ added in v0.5.0
type ThirdParty struct {
Providers ThirdPartyProviders `yaml:"providers" json:"providers" koanf:"providers"`
RedirectURL string `yaml:"redirect_url" json:"redirect_url" koanf:"redirect_url" split_words:"true"`
ErrorRedirectURL string `yaml:"error_redirect_url" json:"error_redirect_url" koanf:"error_redirect_url" split_words:"true"`
AllowedRedirectURLS []string `yaml:"allowed_redirect_urls" json:"allowed_redirect_urls" koanf:"allowed_redirect_urls" split_words:"true"`
AllowedRedirectURLMap map[string]glob.Glob
}
func (*ThirdParty) PostProcess ¶ added in v0.5.0
func (t *ThirdParty) PostProcess() error
func (*ThirdParty) Validate ¶ added in v0.5.0
func (t *ThirdParty) Validate() error
type ThirdPartyProvider ¶ added in v0.5.0
type ThirdPartyProvider struct {
Enabled bool `yaml:"enabled" json:"enabled" koanf:"enabled"`
ClientID string `yaml:"client_id" json:"client_id" koanf:"client_id"`
Secret string `yaml:"secret" json:"secret" koanf:"secret"`
}
func (*ThirdPartyProvider) Validate ¶ added in v0.5.0
func (p *ThirdPartyProvider) Validate() error
type ThirdPartyProviders ¶ added in v0.5.0
type ThirdPartyProviders struct {
Google ThirdPartyProvider `yaml:"google" json:"google" koanf:"google"`
GitHub ThirdPartyProvider `yaml:"github" json:"github" koanf:"github"`
}
func (*ThirdPartyProviders) Get ¶ added in v0.5.0
func (p *ThirdPartyProviders) Get(provider string) *ThirdPartyProvider
func (*ThirdPartyProviders) HasEnabled ¶ added in v0.5.0
func (p *ThirdPartyProviders) HasEnabled() bool
func (*ThirdPartyProviders) Validate ¶ added in v0.5.0
func (p *ThirdPartyProviders) Validate() error
type WebauthnSettings ¶
type WebauthnSettings struct {
RelyingParty RelyingParty `yaml:"relying_party" json:"relying_party" koanf:"relying_party" split_words:"true"`
Timeout int `yaml:"timeout" json:"timeout" koanf:"timeout"`
}
WebauthnSettings defines the settings for the webauthn authentication mechanism
func (*WebauthnSettings) Validate ¶
func (r *WebauthnSettings) Validate() error
Validate does not need to validate the config, because the library does this already
Source Files
Click to show internal directories.
Click to hide internal directories.