Documentation ¶
Overview ¶
Package login handles user login and password storage.
Index ¶
- Constants
- Variables
- func ExpireLoginCookie(w http.ResponseWriter, domain string)
- func GetLoginCookie(w http.ResponseWriter, r *http.Request, domain string) (int64, int, string, error)
- func Protect(scheme int, credential, salt []byte) []byte
- func SetLoginCookie(w http.ResponseWriter, domain, token string, loginID int64, uid int)
- func Update(scheme int, credential, salt []byte) ([]byte, int)
Constants ¶
const ( // LoginCookieName is the name of the session cookie that is set on login. LoginCookieName = "SID" // LoginCookieDuration is the duration for which logins will be valid before // the user is forced to reauthenticate. LoginCookieDuration = 30 * 24 * time.Hour )
const (
SchemeArgon2 = iota
)
A list of password storage schemes supported by this package. Schemes SHOULD only be removed from this list when a vulnerability is discovered or the scheme is no longer in use by any user.
Variables ¶
var ErrInvalidCookie = errors.New("login: cookie is invalid")
ErrInvalidCookie is returned when a session cookie fails validation for any reason.
Functions ¶
func ExpireLoginCookie ¶
func ExpireLoginCookie(w http.ResponseWriter, domain string)
ExpireLoginCookie causes the cookie to expire immediately.
func GetLoginCookie ¶
func GetLoginCookie(w http.ResponseWriter, r *http.Request, domain string) (int64, int, string, error)
GetLoginCookie gets the token and user ID from the request. If an invalid cookie exists on the request, it is immediately expired.
func Protect ¶
Protect hashes a password using the provided scheme. If the scheme is invalid or any argument is zero-length, Protect panics.
func SetLoginCookie ¶
func SetLoginCookie(w http.ResponseWriter, domain, token string, loginID int64, uid int)
SetLoginCookie sets a new login cookie with the provided token.
Types ¶
This section is empty.