Documentation
¶
Overview ¶
Package authentication provides functions and structures to facilitate salting and authenticating passwords, as well as validating TOTP tokens.
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrInvalidTOTPToken indicates that a provided two factor code is invalid. ErrInvalidTOTPToken = errors.New("invalid two factor code") // ErrPasswordDoesNotMatch indicates that a provided passwords does not match. ErrPasswordDoesNotMatch = errors.New("password does not match") )
View Source
var ( // AuthProviders are what we offer to dependency injection. AuthProviders = wire.NewSet( ProvideArgon2Authenticator, ) )
Functions ¶
This section is empty.
Types ¶
type Argon2Authenticator ¶
type Argon2Authenticator struct {
// contains filtered or unexported fields
}
Argon2Authenticator is our argon2-based authenticator.
func (*Argon2Authenticator) CredentialsAreValid ¶
func (a *Argon2Authenticator) CredentialsAreValid(ctx context.Context, hash, password, totpSecret, totpCode string) (bool, error)
CredentialsAreValid validates a login attempt by:
- checking that the provided authentication matches the provided hashed passwords.
- checking that the temporary one-time authentication provided jives with the provided two factor secret.
func (*Argon2Authenticator) HashPassword ¶
HashPassword takes a password and hashes it using argon2.
type Authenticator ¶
type Authenticator interface {
Hasher
CredentialsAreValid(ctx context.Context, hash, password, totpSecret, totpCode string) (bool, error)
}
Authenticator authenticates users.
func ProvideArgon2Authenticator ¶
func ProvideArgon2Authenticator(logger logging.Logger, tracerProvider tracing.TracerProvider) Authenticator
ProvideArgon2Authenticator returns an argon2 powered Argon2Authenticator.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.