model

package
v0.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 16, 2020 License: MIT Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	GroupSuper   = "super"
	GroupAdmin   = "admin"
	GroupStaff   = "staff"
	GroupUser    = "user"
	GroupVisitor = "visitor"

	AccessLevelSuper   = float32(1)
	AccessLevelAdmin   = float32(3)
	AccessLevelStaff   = float32(7)
	AccessLevelUser    = float32(9)
	AccessLevelVisitor = float32(9.5)

	UserTypeIndividual = "individual"
	UserTypeCompany    = "company"

	// Kenya's region code for parsing phone numbers
	RegionCodeKE = "KE"

	ActionInvite    = "invite"
	ActionVerify    = "verify"
	ActionResetPass = "reset/password"
	ActionExtendTkn = "extend/token"

	LoginTypeUsername = "usernames"
	LoginTypeEmail    = "emails"
	LoginTypePhone    = "phones"
	LoginTypeFacebook = "facebook"
	LoginTypeDev      = "devices"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthStore 

type AuthStore interface {
	IsNotFoundError(error) bool
	ExecuteTx(fn func(*sql.Tx) error) error

	InsertGroup(name string, acl float32) (*Group, error)
	Group(string) (*Group, error)
	GroupByName(string) (*Group, error)
	Groups(offset, count int64) ([]Group, error)

	InsertUserType(name string) (*UserType, error)
	UserTypeByName(string) (*UserType, error)

	HasUsers(groupID string) error
	InsertUserAtomic(tx *sql.Tx, t UserType, g Group, password []byte) (*User, error)
	UpdatePassword(userID string, password []byte) error
	UpdatePasswordAtomic(tx *sql.Tx, userID string, password []byte) error
	User(id string) (*User, []byte, error)
	UserByDeviceID(devID string) (*User, []byte, error)
	UserByUsername(username string) (*User, []byte, error)
	UserByPhone(phone string) (*User, []byte, error)
	UserByEmail(email string) (*User, []byte, error)
	UserByFacebook(facebookID string) (*User, error)
	Users(q UsersQuery, offset, count int64) ([]User, error)

	SetUserGroup(userID, groupID string) error

	InsertUserDeviceAtomic(tx *sql.Tx, userID, devID string) (*Device, error)

	InsertUserName(userID, username string) (*Username, error)
	InsertUserNameAtomic(tx *sql.Tx, userID, username string) (*Username, error)

	InsertUserPhone(userID, phone string, verified bool) (*VerifLogin, error)
	InsertUserPhoneAtomic(tx *sql.Tx, userID, phone string, verified bool) (*VerifLogin, error)
	UpdateUserPhone(userID, phone string, verified bool) (*VerifLogin, error)
	UpdateUserPhoneAtomic(tx *sql.Tx, userID, phone string, verified bool) (*VerifLogin, error)
	DeletePhoneTokensAtomic(tx *sql.Tx, phone string) error

	InsertPhoneToken(userID, phone string, dbt []byte, isUsed bool, expiry time.Time) (*DBToken, error)
	SetPhoneTokenUsedAtomic(tx *sql.Tx, id string) error
	InsertPhoneTokenAtomic(tx *sql.Tx, userID, phone string, dbt []byte, isUsed bool, expiry time.Time) (*DBToken, error)
	PhoneTokens(userID string, offset, count int64) ([]DBToken, error)

	InsertUserEmail(userID, email string, verified bool) (*VerifLogin, error)
	InsertUserEmailAtomic(tx *sql.Tx, userID, email string, verified bool) (*VerifLogin, error)
	UpdateUserEmail(userID, email string, verified bool) (*VerifLogin, error)
	UpdateUserEmailAtomic(tx *sql.Tx, userID, email string, verified bool) (*VerifLogin, error)
	DeleteEmailTokensAtomic(tx *sql.Tx, email string) error

	InsertEmailToken(userID, email string, dbt []byte, isUsed bool, expiry time.Time) (*DBToken, error)
	SetEmailTokenUsedAtomic(tx *sql.Tx, id string) error
	InsertEmailTokenAtomic(tx *sql.Tx, userID, email string, dbt []byte, isUsed bool, expiry time.Time) (*DBToken, error)
	EmailTokens(userID string, offset, count int64) ([]DBToken, error)

	InsertUserFbIDAtomic(tx *sql.Tx, userID, fbID string, verified bool) (*Facebook, error)
}

type Authentication 

type Authentication struct {
	errors.AllErrCheck
	errors.ErrToHTTP
	// contains filtered or unexported fields
}

Authentication has the methods for performing auth. Use NewAuthentication() to construct.

func NewAuthentication 

func NewAuthentication(db AuthStore, j JWTEr, opts ...Option) (*Authentication, error)

NewAuthentication constructs an Authentication structs or returns an error if invalid parameters were provided.

func (*Authentication) CanRegisterFirst 

func (a *Authentication) CanRegisterFirst() (bool, error)

func (*Authentication) GetUserDetails 

func (a *Authentication) GetUserDetails(JWT string, userID string) (*User, error)

func (*Authentication) Groups 

func (a *Authentication) Groups(JWT, offsetStr, countStr string) ([]Group, error)

func (*Authentication) Login 

func (a *Authentication) Login(loginType, identifier string, password []byte) (*User, error)

Login validates a user's credentials and returns the user's information together with a JWT for subsequent requests to this and other micro-services.

func (*Authentication) RegisterFirst 

func (a *Authentication) RegisterFirst(loginType, userType, id string, secret []byte) (*User, error)

func (*Authentication) RegisterOther 

func (a *Authentication) RegisterOther(JWT, newLoginType, userType, id, groupID string) (*User, error)

func (*Authentication) RegisterSelf 

func (a *Authentication) RegisterSelf(loginType, userType, id string, secret []byte) (*User, error)

RegisterSelf registers a new user account using id secret combination. It should not be possible to register using this method if WithDevLockedToUser() was given a true value.

func (*Authentication) RegisterSelfByLockedDevice 

func (a *Authentication) RegisterSelfByLockedDevice(loginType, userType, devID, identifier string, secret []byte) (*User, error)

RegisterSelfByLockedDevice registers a new user account using phone/deviceID/password combination.

func (*Authentication) SendPassResetCode 

func (a *Authentication) SendPassResetCode(loginType, toAddr string) (*DBTStatus, error)

SendPassResetCode sends a password reset code to toAddr to allow a user to reset their forgotten password. loginType determines whether toAddr is a phone or an email. subsequent calls to SetPassword() with the correct code completes the password reset.

func (*Authentication) SendVerCode 

func (a *Authentication) SendVerCode(JWT, loginType, toAddr string) (*DBTStatus, error)

SendVerCode sends a verification code to toAddr to verify the address. loginType determines determines whether toAddr is a phone or an email. subsequent calls to VerifyDBT() or VerifyAndExtendDBT() with the correct code completes the verification.

func (*Authentication) SetPassword 

func (a *Authentication) SetPassword(loginType, forAddr string, dbt, pass []byte) (*VerifLogin, error)

SetPassword updates a user account's password following a SendPassResetCode() request. dbt is the token initially sent to the user for verification. loginType should be similar to the one used during SendPassResetCode().

func (*Authentication) SetUserGroup 

func (a *Authentication) SetUserGroup(JWT, userID, newGrpID string) (*User, error)

func (*Authentication) UpdateIdentifier 

func (a *Authentication) UpdateIdentifier(JWT, forUserID, loginType, newId string) (*User, error)

UpdateIdentifier updates a user account's visible identifier to newID for loginType.

func (*Authentication) UpdatePassword 

func (a *Authentication) UpdatePassword(JWT string, old, newPass []byte) error

UpdatePassword updates a user account's password.

func (*Authentication) UserID 

func (a *Authentication) UserID(loginType, identifier string) (string, error)

func (*Authentication) Users 

func (a *Authentication) Users(JWT string, q UsersQuery, offsetStr, countStr string) ([]User, error)

func (*Authentication) VerifyAndExtendDBT 

func (a *Authentication) VerifyAndExtendDBT(lt, userID string, dbt []byte) (string, error)

VerifyAndExtendDBT verifies a user's address and returns a temporary token that can be used to perform actions that would otherwise not be possible on the user's account without a password or a JWT for a limited period of time. See VerifyDBT() for details on verification.

func (*Authentication) VerifyDBT 

func (a *Authentication) VerifyDBT(loginType, userID string, dbt []byte) (*VerifLogin, error)

VerifyDBT sets a user's address as verified after successful SendVerCode() and subsequent entry of the code by the user. loginType should be similar to the one used during SendVerCode().

type DBTStatus 

type DBTStatus struct {
	ObfuscatedAddress string
	ExpiresAt         time.Time
}

func (DBTStatus) HasValue 

func (s DBTStatus) HasValue() bool

type DBToken 

type DBToken struct {
	ID         string
	UserID     string
	Address    string
	IsUsed     bool
	Token      []byte
	IssueDate  time.Time
	ExpiryDate time.Time
}

type Device 

type Device struct {
	ID         string
	UserID     string
	DeviceID   string
	CreateDate time.Time
	UpdateDate time.Time
}

func (Device) HasValue 

func (d Device) HasValue() bool

type Facebook 

type Facebook struct {
	ID            string
	UserID        string
	FacebookID    string
	FacebookToken string
	Verified      bool
	CreateDate    time.Time
	UpdateDate    time.Time
}

func (Facebook) HasValue 

func (fb Facebook) HasValue() bool

type FacebookCl 

type FacebookCl interface {
	IsAuthError(error) bool
	ValidateToken(string) (string, error)
}

type Group 

type Group struct {
	ID          string
	Name        string
	AccessLevel float32
	CreateDate  time.Time
	UpdateDate  time.Time
}

func (Group) HasValue 

func (g Group) HasValue() bool

type InvitationTemplate 

type InvitationTemplate struct {
	URLToken string
	AppName  string
}

type JWTClaim 

type JWTClaim struct {
	UsrID string
	Group Group
	jwt.StandardClaims
}

type JWTEr 

type JWTEr interface {
	Generate(claims jwt.Claims) (string, error)
	Validate(JWT string, claims jwt.Claims) (*jwt.Token, error)
}

type Mailer 

type Mailer interface {
	SendEmail(email SendMail) error
}

type MnSet 

type MnSet struct {
}

func (MnSet) Contains 

func (s MnSet) Contains(r rune) bool

type NumericQuery 

type NumericQuery struct {
	CheckVal float64
	IsGT     bool
	IsLT     bool
	IsEq     bool
}

type Option 

type Option func(*authenticationConfig) error

Option is used by NewAuthentication to pass additional configuration. Use the With... methods to create Options e.g. 

nameOpt := WithAppName("My Awesome App")

func WithAppName 

func WithAppName(n string) Option

WithAppName sets the name of the application.

func WithDevLockedToUser 

func WithDevLockedToUser(t bool) Option

WithDevLockedToUser requires a device ID during self-registration and only allows one user per device.

func WithEmailCl 

func WithEmailCl(cl Mailer) Option

WithEmailCl sets the email client to use. You may provide templates for sending Emails e.g. 

WithEmailVerifyTplt()

...otherwise default template files in the config package are used. NewAuthentication() fails if this option is not nil and one of the templates couldn't be loaded.

func WithEmailInviteTplt 

func WithEmailInviteTplt(t *template.Template, parseErr error) Option

WithEmailInviteTplt sets the message template to be used when composing email invite messages. TODO define valid template values

func WithEmailResetPassTplt 

func WithEmailResetPassTplt(t *template.Template, parseErr error) Option

WithEmailResetPassTplt sets the message template to be used when composing email password reset messages. TODO define valid template values

func WithEmailVerifyTplt 

func WithEmailVerifyTplt(t *template.Template, parseErr error) Option

WithEmailVerifyTplt sets the message template to be used when composing email verification messages. TODO define valid template values

func WithFacebookCl 

func WithFacebookCl(fb FacebookCl) Option

WithFacebookCl sets the facebook client to be used.

func WithInvitationSubject 

func WithInvitationSubject(s string) Option

WithInvitationSubject sets the subject to be used when sending invites to a user.

func WithNumGen 

func WithNumGen(g SecureRandomByteser, intiErr error) Option

WithNumGen sets the number generator to be used. It cannot be nil;

func WithPasswordGen 

func WithPasswordGen(g SecureRandomByteser, initErr error) Option

WithPasswordGen sets the password generator to be used. It cannot be nil;

func WithPhoneInviteTplt 

func WithPhoneInviteTplt(t *template.Template, parseErr error) Option

WithPhoneInviteTplt sets the message template to be used when composing SMS invite messages. TODO define valid template values

func WithPhoneResetPassTplt 

func WithPhoneResetPassTplt(t *template.Template, parseErr error) Option

WithPhoneResetPassTplt sets the message template to be used when composing SMS password reset messages. TODO define valid template values

func WithPhoneVerifyTplt 

func WithPhoneVerifyTplt(t *template.Template, parseErr error) Option

WithPhoneVerifyTplt sets the message template to be used when composing phone verification messages. TODO define valid template values

func WithResetPassSubject 

func WithResetPassSubject(s string) Option

WithResetPassSubject sets the subject to be used when sending password reset codes/links to a user.

func WithSMSCl 

func WithSMSCl(cl SMSer) Option

WithSMSCl sets the SMS client to use. You may provide templates for sending SMSes e.g. 

WithPhoneVerifyTplt()

...otherwise default template files in the config package are used. NewAuthentication() fails if this option is not nil and one of the templates couldn't be loaded.

func WithSelfRegAllowed 

func WithSelfRegAllowed(t bool) Option

WithSelfRegAllowed enables/disables self registration. Authenticate will fail if the value is set to false with no communication channel available. examples of communication channels are the Options WithSMSCl() or WithEmailCl()...

func WithServiceURL 

func WithServiceURL(URL string) Option

WithServiceURL sets the micro-service's URL from which this micro-service will be listening for requests. TODO document types of request and URL endpoints that will be suffixed

func WithURLTokenGen 

func WithURLTokenGen(g SecureRandomByteser, intiErr error) Option

WithURLTokenGen sets the string generator for URL tokens. It cannot be nil. Strings from this generator will be used in URLs and should thus conform to encoding rules.

func WithVerificationSubject 

func WithVerificationSubject(s string) Option

WithVerificationSubject sets the subject to be used when sending verification messages to a user.

func WithWebAppURL 

func WithWebAppURL(URL string) Option

WithWebAppURL sets the webapp URL that will consume requests from users. TODO document types of request and URL endpoints that will be suffixed

type SMSer 

type SMSer interface {
	SMS(toPhone, message string) error
}

type SecureRandomByteser 

type SecureRandomByteser interface {
	SecureRandomBytes(length int) ([]byte, error)
}

type SendMail 

type SendMail struct {
	ToEmails []string
	Subject  string
	Body     template.HTML
}

type User 

type User struct {
	ID         string
	JWT        string
	Type       UserType
	UserName   Username
	Phone      VerifLogin
	Email      VerifLogin
	Facebook   Facebook
	Group      Group
	Devices    []Device
	CreateDate time.Time
	UpdateDate time.Time
}

func (User) HasValue 

func (u User) HasValue() bool

type UserType 

type UserType struct {
	ID         string
	Name       string
	CreateDate time.Time
	UpdateDate time.Time
}

func (UserType) HasValue 

func (ut UserType) HasValue() bool

type Username 

type Username struct {
	ID         string
	UserID     string
	Value      string
	CreateDate time.Time
	UpdateDate time.Time
}

func (Username) HasValue 

func (un Username) HasValue() bool

type UsersQuery 

type UsersQuery struct {
	AccessLevelsIn []string
	ProcessedACLs  []NumericQuery
	GroupNamesIn   []string
	MatchAll       bool
	MatchAllACLs   bool
}

func (*UsersQuery) Process 

func (uq *UsersQuery) Process() error

type VerifLogin 

type VerifLogin struct {
	ID         string
	UserID     string
	Address    string
	Verified   bool
	OTPStatus  DBTStatus
	CreateDate time.Time
	UpdateDate time.Time
}

func (VerifLogin) HasValue 

func (vl VerifLogin) HasValue() bool

type VerificationTemplate 

type VerificationTemplate struct {
	URLToken string
	Code     string
	AppName  string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.