Documentation ¶
Overview ¶
Package twofactor allows authentication via one time passwords
Index ¶
- Constants
- func BCryptRecoveryCodes(codes []string) ([]string, error)
- func DecodeRecoveryCodes(codes string) []string
- func EncodeRecoveryCodes(codes []string) string
- func GenerateRecoveryCodes() ([]string, error)
- func GenerateToken() (string, error)
- func UseRecoveryCode(codes []string, inputCode string) ([]string, bool)
- type EmailVerify
- func (e EmailVerify) End(w http.ResponseWriter, r *http.Request) error
- func (e EmailVerify) GetStart(w http.ResponseWriter, r *http.Request) error
- func (e EmailVerify) PostStart(w http.ResponseWriter, r *http.Request) error
- func (e EmailVerify) SendVerifyEmail(ctx context.Context, to, token string)
- func (e EmailVerify) Wrap(handler http.Handler) http.Handler
- type EmailVerifyTokenValuer
- type Recovery
- type User
Constants ¶
const ( PageRecovery2FA = "recovery2fa" PageVerify2FA = "twofactor_verify" PageVerifyEnd2FA = "twofactor_verify_end" )
Page constants
const ( EmailVerifyHTML = "twofactor_verify_email_html" EmailVerifyTxt = "twofactor_verify_email_txt" )
Email constants
const ( DataRecoveryCode = "recovery_code" DataRecoveryCodes = "recovery_codes" DataNumRecoveryCodes = "n_recovery_codes" DataVerifyEmail = "email" DataVerifyURL = "url" )
Data constants
const (
FormValueToken = "token"
)
Form value constants
Variables ¶
This section is empty.
Functions ¶
func BCryptRecoveryCodes ¶
BCryptRecoveryCodes hashes each recovery code given and return them in a new slice.
func DecodeRecoveryCodes ¶
DecodeRecoveryCodes is an alias for strings.Split(",")
func EncodeRecoveryCodes ¶
EncodeRecoveryCodes is an alias for strings.Join(",")
func GenerateRecoveryCodes ¶
GenerateRecoveryCodes creates 10 recovery codes of the form: abd34-1b24do (using alphabet, of length recoveryCodeLength).
func GenerateToken ¶ added in v2.2.0
GenerateToken used for authenticating e-mails for 2fa setup
Types ¶
type EmailVerify ¶ added in v2.2.0
EmailVerify has a middleware function that prevents access to routes unless e-mail has been verified.
It does this by first setting where the user is coming from and generating an e-mail with a random token. The token is stored in the session.
When the user clicks the e-mail link with the token, the token is confirmed by this middleware and the user is forwarded to the e-mail auth redirect.
func SetupEmailVerify ¶ added in v2.2.0
func SetupEmailVerify(ab *authboss.Authboss, twofactorKind, setupURL string) (EmailVerify, error)
SetupEmailVerify registers routes for a particular 2fa method
func (EmailVerify) End ¶ added in v2.2.0
func (e EmailVerify) End(w http.ResponseWriter, r *http.Request) error
End confirms the token passed in by the user (by the link in the e-mail)
func (EmailVerify) GetStart ¶ added in v2.2.0
func (e EmailVerify) GetStart(w http.ResponseWriter, r *http.Request) error
GetStart shows the e-mail address and asks you to confirm that you would like to proceed.
func (EmailVerify) PostStart ¶ added in v2.2.0
func (e EmailVerify) PostStart(w http.ResponseWriter, r *http.Request) error
PostStart sends an e-mail and shoves the user's token into the session
func (EmailVerify) SendVerifyEmail ¶ added in v2.2.0
func (e EmailVerify) SendVerifyEmail(ctx context.Context, to, token string)
SendVerifyEmail to the user
type EmailVerifyTokenValuer ¶ added in v2.2.0
EmailVerifyTokenValuer returns a token from the body
func MustHaveEmailVerifyTokenValues ¶ added in v2.2.0
func MustHaveEmailVerifyTokenValues(v authboss.Validator) EmailVerifyTokenValuer
MustHaveEmailVerifyTokenValues upgrades a validatable set of values to ones specific to a user that needs to be recovered.
type Recovery ¶
Recovery for two-factor authentication is handled by this type
func (*Recovery) GetRegen ¶
GetRegen shows a button that enables a user to regen their codes as well as how many codes are currently remaining.
type User ¶
type User interface { authboss.User GetEmail() string PutEmail(string) // GetRecoveryCodes retrieves a CSV string of bcrypt'd recovery codes GetRecoveryCodes() string // PutRecoveryCodes uses a single string to store many // bcrypt'd recovery codes PutRecoveryCodes(codes string) }
User interface
Directories ¶
Path | Synopsis |
---|---|
Package sms2fa implements two factor auth using sms-transmitted one time passwords.
|
Package sms2fa implements two factor auth using sms-transmitted one time passwords. |
Package totp2fa implements two factor auth using time-based one time passwords.
|
Package totp2fa implements two factor auth using time-based one time passwords. |