package module
v0.0.1 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Nov 25, 2023 License: BSD-2-Clause Imports: 7 Imported by: 0



Go Reference Issue Tracker

The code.soquee.net/login module is a Go package used for hashing passwords for storage in the database, and for setting and removing login cookies.

import (


The package may be used under the terms of the BSD 2-Clause License a copy of which may be found in the LICENSE file.

Unless you explicitly state otherwise, any contribution submitted for inclusion in the work by you shall be licensed as above, without any additional terms or conditions.



Package login handles user login and password storage.



View Source
const (
	// LoginCookieName is the name of the session cookie that is set on login.
	LoginCookieName = "SID"

	// LoginCookieDuration is the duration for which logins will be valid before
	// the user is forced to reauthenticate.
	LoginCookieDuration = 30 * 24 * time.Hour
View Source
const (
	SchemeArgon2 = iota

A list of password storage schemes supported by this package. Schemes SHOULD only be removed from this list when a vulnerability is discovered or the scheme is no longer in use by any user.


View Source
var ErrInvalidCookie = errors.New("login: cookie is invalid")

ErrInvalidCookie is returned when a session cookie fails validation for any reason.


func ExpireLoginCookie

func ExpireLoginCookie(w http.ResponseWriter, domain string)

ExpireLoginCookie causes the cookie to expire immediately.

func GetLoginCookie

func GetLoginCookie(w http.ResponseWriter, r *http.Request, domain string) (int64, int, string, error)

GetLoginCookie gets the token and user ID from the request. If an invalid cookie exists on the request, it is immediately expired.

func Protect

func Protect(scheme int, credential, salt []byte) []byte

Protect hashes a password using the provided scheme. If the scheme is invalid or any argument is zero-length, Protect panics.

func SetLoginCookie

func SetLoginCookie(w http.ResponseWriter, domain, token string, loginID int64, uid int)

SetLoginCookie sets a new login cookie with the provided token.

func Update

func Update(scheme int, credential, salt []byte) ([]byte, int)

Update hashes the password using the latest scheme and returns the hashed password and the scheme itself. If no update is required a nil hash is returned.


This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL