Documentation ¶
Index ¶
- type EncryptingSerializer
- type Identity
- type Provider
- func (p *Provider) DestroySession(ctx *fasthttp.RequestCtx) error
- func (p *Provider) GetExpiration(ctx *fasthttp.RequestCtx) (time.Duration, error)
- func (p *Provider) GetSession(ctx *fasthttp.RequestCtx) (UserSession, error)
- func (p *Provider) RegenerateSession(ctx *fasthttp.RequestCtx) error
- func (p *Provider) SaveSession(ctx *fasthttp.RequestCtx, userSession UserSession) error
- func (p *Provider) UpdateExpiration(ctx *fasthttp.RequestCtx, expiration time.Duration) error
- type ProviderConfig
- type UserSession
- func (s UserSession) AuthenticatedTime(level authorization.Level) (authenticatedTime time.Time, err error)
- func (s *UserSession) SetOneFactor(now time.Time, details *authentication.UserDetails, keepMeLoggedIn bool)
- func (s *UserSession) SetTwoFactorDuo(now time.Time)
- func (s *UserSession) SetTwoFactorTOTP(now time.Time)
- func (s *UserSession) SetTwoFactorWebauthn(now time.Time, userPresence, userVerified bool)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EncryptingSerializer ¶
type EncryptingSerializer struct {
// contains filtered or unexported fields
}
EncryptingSerializer a serializer encrypting the data with AES-GCM with 256-bit keys.
func NewEncryptingSerializer ¶
func NewEncryptingSerializer(secret string) *EncryptingSerializer
NewEncryptingSerializer return new encrypt instance.
func (*EncryptingSerializer) Decode ¶
func (e *EncryptingSerializer) Decode(dst *session.Dict, src []byte) error
Decode decrypt and decode session.
func (*EncryptingSerializer) Encode ¶
func (e *EncryptingSerializer) Encode(src session.Dict) ([]byte, error)
Encode encode and encrypt session.
type Provider ¶
type Provider struct { RememberMe time.Duration Inactivity time.Duration // contains filtered or unexported fields }
Provider a session provider.
func NewProvider ¶
func NewProvider(config schema.SessionConfiguration, certPool *x509.CertPool) *Provider
NewProvider instantiate a session provider given a configuration.
func (*Provider) DestroySession ¶
func (p *Provider) DestroySession(ctx *fasthttp.RequestCtx) error
DestroySession destroy a session ID and delete the cookie.
func (*Provider) GetExpiration ¶
GetExpiration get the expiration of the current session.
func (*Provider) GetSession ¶
func (p *Provider) GetSession(ctx *fasthttp.RequestCtx) (UserSession, error)
GetSession return the user session from a request.
func (*Provider) RegenerateSession ¶
func (p *Provider) RegenerateSession(ctx *fasthttp.RequestCtx) error
RegenerateSession regenerate a session ID.
func (*Provider) SaveSession ¶
func (p *Provider) SaveSession(ctx *fasthttp.RequestCtx, userSession UserSession) error
SaveSession save the user session.
func (*Provider) UpdateExpiration ¶
UpdateExpiration update the expiration of the cookie and session.
type ProviderConfig ¶
type ProviderConfig struct {
// contains filtered or unexported fields
}
ProviderConfig is the configuration used to create the session provider.
func NewProviderConfig ¶
func NewProviderConfig(config schema.SessionConfiguration, certPool *x509.CertPool) ProviderConfig
NewProviderConfig creates a configuration for creating the session provider.
type UserSession ¶
type UserSession struct { Username string DisplayName string // TODO(c.michaud): move groups out of the session. Groups []string Emails []string KeepMeLoggedIn bool AuthenticationLevel authentication.Level LastActivity int64 FirstFactorAuthnTimestamp int64 SecondFactorAuthnTimestamp int64 AuthenticationMethodRefs oidc.AuthenticationMethodsReferences // Webauthn holds the session registration data for this session. Webauthn *webauthn.SessionData // ConsentChallengeID is the OpenID Connect Consent Session challenge ID. ConsentChallengeID *uuid.UUID // This boolean is set to true after identity verification and checked // while doing the query actually updating the password. PasswordResetUsername *string RefreshTTL time.Time }
UserSession is the structure representing the session of a user.
func NewDefaultUserSession ¶
func NewDefaultUserSession() UserSession
NewDefaultUserSession create a default user session.
func (UserSession) AuthenticatedTime ¶
func (s UserSession) AuthenticatedTime(level authorization.Level) (authenticatedTime time.Time, err error)
AuthenticatedTime returns the unix timestamp this session authenticated successfully at the given level.
func (*UserSession) SetOneFactor ¶
func (s *UserSession) SetOneFactor(now time.Time, details *authentication.UserDetails, keepMeLoggedIn bool)
SetOneFactor sets the 1FA AMR's and expected property values for one factor authentication.
func (*UserSession) SetTwoFactorDuo ¶ added in v4.35.0
func (s *UserSession) SetTwoFactorDuo(now time.Time)
SetTwoFactorDuo sets the relevant Duo AMR's and sets the factor to 2FA.
func (*UserSession) SetTwoFactorTOTP ¶ added in v4.35.0
func (s *UserSession) SetTwoFactorTOTP(now time.Time)
SetTwoFactorTOTP sets the relevant TOTP AMR's and sets the factor to 2FA.
func (*UserSession) SetTwoFactorWebauthn ¶ added in v4.35.0
func (s *UserSession) SetTwoFactorWebauthn(now time.Time, userPresence, userVerified bool)
SetTwoFactorWebauthn sets the relevant Webauthn AMR's and sets the factor to 2FA.