Documentation
¶
Index ¶
- Constants
- Variables
- func CheckDelegatedJWT(instance *instance.Instance, token string) error
- func CookieDomain(i *instance.Instance) string
- func CookieName(i *instance.Instance) string
- func DeleteOthers(i *instance.Instance, selfSessionID string) error
- func PushLoginRegistration(db prefixer.Prefixer, login *LoginEntry, clientID string) error
- func RemoveLoginRegistration(domain, clientID string) error
- func SendNewRegistrationNotification(i *instance.Instance, clientRegistrationID string) error
- func StoreNewLoginEntry(i *instance.Instance, sessionID, clientID string, req *http.Request, ...) error
- func SweepLoginRegistrations() utils.Shutdowner
- type ExternalClaims
- type LoginEntry
- type Session
- func (s *Session) Clone() couchdb.Doc
- func (s *Session) Delete(i *instance.Instance) *http.Cookie
- func (s *Session) DocType() string
- func (s *Session) ID() string
- func (s *Session) OlderThan(t time.Duration) bool
- func (s *Session) Rev() string
- func (s *Session) SetID(v string)
- func (s *Session) SetRev(v string)
- func (s *Session) ToCookie() (*http.Cookie, error)
Constants ¶
const SessionMaxAge = 30 * 24 * time.Hour
SessionMaxAge is the maximum duration of the session in seconds
Variables ¶
var ( // ErrNoCookie is returned by GetSession if there is no cookie ErrNoCookie = errors.New("No session cookie") // ErrExpired is returned when the session has expired ErrExpired = errors.New("Session expired") // ErrInvalidID is returned by GetSession if the cookie contains wrong ID ErrInvalidID = errors.New("Session cookie has wrong ID") )
Functions ¶
func CheckDelegatedJWT ¶
CheckDelegatedJWT checks if a delegated JWT is valid for a given instance
func CookieDomain ¶
CookieDomain returns the domain on which the cookie will be set. On nested subdomains, the cookie is put on the domain of the instance, but for flat subdomains, we need to put it one level higher (eg .mycozy.cloud instead of .example.mycozy.cloud) to make the cookie available when the user visits their apps.
func CookieName ¶
CookieName returns the name of the cookie used for the given instance.
func DeleteOthers ¶
DeleteOthers will remove all sessions except the one given in parameter.
func PushLoginRegistration ¶
func PushLoginRegistration(db prefixer.Prefixer, login *LoginEntry, clientID string) error
PushLoginRegistration pushes a new login into the registration queue.
func RemoveLoginRegistration ¶
RemoveLoginRegistration removes a login from the registration map.
func SendNewRegistrationNotification ¶
SendNewRegistrationNotification is used to send a notification to the user when a new OAuth client is registered.
func StoreNewLoginEntry ¶
func StoreNewLoginEntry(i *instance.Instance, sessionID, clientID string, req *http.Request, logMessage string, notifEnabled bool, ) error
StoreNewLoginEntry creates a new login entry in the database associated with the given instance.
func SweepLoginRegistrations ¶
func SweepLoginRegistrations() utils.Shutdowner
SweepLoginRegistrations starts the login registration process.
This process involving a queue of registration login entries is necessary to distinguish "normal" logins from logins to give right to an OAuth application.
Since we cannot really distinguish between them other than trusting the user, we send a notification to the user by following this process:
- if we identify a login for a device registration — by looking at the redirection address — we push an entry onto the queue
- if we do not receive the activation of the device by the user in 5 minutes, we send a notification for a "normal" login
- otherwise we send a notification for the activation of a new device.
Types ¶
type ExternalClaims ¶
type ExternalClaims struct {
jwt.RegisteredClaims
Name string `json:"name"`
Code string `json:"code"`
Email string `json:"email,omitempty"`
UUID string `json:"uuid,omitempty"`
}
ExternalClaims is the format for JWT for authentication from external sources
type LoginEntry ¶
type LoginEntry struct {
DocID string `json:"_id,omitempty"`
DocRev string `json:"_rev,omitempty"`
SessionID string `json:"session_id"`
IP string `json:"ip"`
City string `json:"city,omitempty"`
Subdivision string `json:"subdivision,omitempty"`
Country string `json:"country,omitempty"`
// XXX No omitempty on os and browser, because they are indexed in couchdb
UA string `json:"user_agent"`
OS string `json:"os"`
Browser string `json:"browser"`
ClientRegistration bool `json:"client_registration"`
CreatedAt time.Time `json:"created_at"`
}
LoginEntry stores informations associated with a new login. It is useful to provide the user with informations about the history of all the logins that may have happened on its domain.
type Session ¶
type Session struct {
DocID string `json:"_id,omitempty"`
DocRev string `json:"_rev,omitempty"`
CreatedAt time.Time `json:"created_at"`
LastSeen time.Time `json:"last_seen"`
LongRun bool `json:"long_run"`
// contains filtered or unexported fields
}
A Session is an instance opened in a browser
func FromCookie ¶
FromCookie retrieves the session from a echo.Context cookies.
func (*Session) Delete ¶
Delete is a function to delete the session in couchdb, and returns a cookie with a negative MaxAge to clear it
Source Files