auth

package
v0.0.0-...-cee1f35 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 13, 2020 License: BSD-3-Clause Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrCipherTooShort = errors.New("cipher is too short")
	ErrMessAuthFailed = errors.New("cipher: message authentication failed")
)
View Source 
var (
	ErrUserNotExist     = errors.New("user does not exist")
	ErrInvalidChallenge = errors.New("user provided incorrect challenge")
	ErrInvalidSession   = errors.New("session is not valid")
)

Functions

This section is empty.

Types

type Challenger 

type Challenger struct {
	// contains filtered or unexported fields
}

Challenger holds methods to create and validate user challenges

func NewChallenger 

func NewChallenger(saltLen int, keys [][]byte) *Challenger

NewChallenger will initialise a new Challenger

func (*Challenger) Generate 

func (c *Challenger) Generate(password string) (salt string, cipher string, err error)

Generate a new password cipher using a random salt and key

func (*Challenger) Validate 

func (c *Challenger) Validate(salt, password, cipherStr string) (bool, error)

Validate a challenge by checking if we can recreate the cipher from the salt and password provided

type Options 

type Options struct {
	// Token Length for a refresh token
	RefreshTokenLength int
	// JWT Expiration time
	JWTokenExpiration time.Duration
	// Refresh Expiration time
	RefreshTokenExpiration time.Duration
	// length of password salts
	SaltLength int
}

Options for tokens

type Service 

type Service struct {
	// contains filtered or unexported fields
}

Service is an authentication service used for manipulating sessions

func NewService 

func NewService(secret string, repo repository.DepositWithdrawer, keys []string,
	opt *Options) *Service

NewService will create a new auth service

func (*Service) DestroySession 

func (s *Service) DestroySession(ctx context.Context, old *Session) error

DestroySession will invalidate a session by blacklisting the jwt and removing the refresh token from the users record

func (*Service) IsValidJWT 

func (s *Service) IsValidJWT(tokenStr string) (bool, error)

IsValidJWT will attempt to parse the jwt and check if it has expired. If it fails to parse or has expired then the jwt is invalid

func (*Service) IsValidRefresh 

func (s *Service) IsValidRefresh(ctx context.Context, userId, refresh string) (bool, error)

IsValidRefresh will query the repository and validate that it exists, if it doesn't then the token is invalid

func (*Service) Renew 

func (s *Service) Renew(ctx context.Context, old *Session) (*Session, error)

Renew will delete a current users session and generate them a new one

func (*Service) SessionWithChallenge 

func (s *Service) SessionWithChallenge(ctx context.Context, userId, password string) (*Session,
	error)

SessionWithChallenge create a new session provided a valid challenge (username and password)

type Session 

type Session struct {
	UserId            string
	Refresh           string
	RefreshExpiration time.Time
	JWT               string
}

Session holds information about users session

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.