regulation

package
v4.36.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 19, 2022 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// AuthType1FA is the string representing an auth log for first-factor authentication.
	AuthType1FA = "1FA"

	// AuthTypeTOTP is the string representing an auth log for second-factor authentication via TOTP.
	AuthTypeTOTP = "TOTP"

	// AuthTypeWebauthn is the string representing an auth log for second-factor authentication via FIDO2/CTAP2/WebAuthn.
	AuthTypeWebauthn = "Webauthn"

	// AuthTypeDuo is the string representing an auth log for second-factor authentication via DUO.
	AuthTypeDuo = "Duo"
)

Variables

View Source
var ErrUserIsBanned = fmt.Errorf("user is banned")

ErrUserIsBanned user is banned error message.

Functions

This section is empty.

Types

type Context added in v4.36.0

type Context interface {
	context.Context
	MetricsRecorder

	RemoteIP() (ip net.IP)
}

Context represents a regulator context.

type MetricsRecorder added in v4.36.0

type MetricsRecorder interface {
	RecordAuthentication(success, banned bool, authType string)
}

MetricsRecorder represents the methods used to record regulation.

type Regulator

type Regulator struct {
	// contains filtered or unexported fields
}

Regulator an authentication regulator preventing attackers to brute force the service.

func NewRegulator

func NewRegulator(config schema.RegulationConfiguration, provider storage.RegulatorProvider, clock utils.Clock) *Regulator

NewRegulator create a regulator instance.

func (*Regulator) Mark

func (r *Regulator) Mark(ctx Context, successful, banned bool, username, requestURI, requestMethod, authType string) error

Mark an authentication attempt. We split Mark and Regulate in order to avoid timing attacks.

func (*Regulator) Regulate

func (r *Regulator) Regulate(ctx context.Context, username string) (time.Time, error)

Regulate the authentication attempts for a given user. This method returns ErrUserIsBanned if the user is banned along with the time until when the user is banned.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL