Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CookieState ¶
CookieState is an authboss.ClientState implementation to hold cookie state for the duration of the request
type CookieStorer ¶
type CookieStorer struct { Cookies []string *securecookie.SecureCookie // Defaults empty Domain string // Defaults to / Path string // Defaults to 1 month MaxAge int // Defaults to true HTTPOnly bool // Defaults to true Secure bool // Samesite defaults to 0 or "off" SameSite http.SameSite }
CookieStorer writes and reads cookies to an underlying gorilla secure cookie storage.
Because it embeds the SecureCookie piece this can be used as the cookie storage for your entire application (rather than only as a stub for authboss).
func NewCookieStorer ¶
func NewCookieStorer(hashKey, blockKey []byte) CookieStorer
NewCookieStorer constructor simply wraps the constructor for securecookie.New. The parameters are the hash key and the block key.
The hash key is required to authenticate the cookie with HMAC (32 or 64 bytes)
The block key is optional to encrypt the cookie value (set to nil to disable encryption) For AES (the default encryption algorithm) 16, 24, or 32 byte keys select AES-128, AES-192, AES-256 respectively.
Ensure you verify the security options for the cookie on the CookieStorer.
This documentation was copied from securecookie.New and is prone to doc-rot. Please consult the documentation there too.
func NewCookieStorerFromExisting ¶
func NewCookieStorerFromExisting(storage *securecookie.SecureCookie) CookieStorer
NewCookieStorerFromExisting takes a preconfigured secure cookie instance and simply uses it.
Ensure you verify the additional security options for the cookie on the CookieStorer. This method creates a cookie storer with the options tuned for high security by default.
func (CookieStorer) ReadState ¶
func (c CookieStorer) ReadState(r *http.Request) (authboss.ClientState, error)
ReadState from the request
func (CookieStorer) WriteState ¶
func (c CookieStorer) WriteState(w http.ResponseWriter, state authboss.ClientState, ev []authboss.ClientStateEvent) error
WriteState to the response writer
type SessionState ¶
type SessionState struct {
// contains filtered or unexported fields
}
SessionState is an authboss.ClientState implementation that holds the request's session values for the duration of the request.
type SessionStorer ¶
SessionStorer stores sessions in a gorilla session store. By default, it's backed by cookies, but this can be overridden by changing the underlying store manually or using the appropriate constructor.
func NewSessionStorer ¶
func NewSessionStorer(sessionName string, keypairs ...[]byte) SessionStorer
NewSessionStorer creates a new gorilla sessions.CookieStore and uses that for underlying storage.
The sessionName is the name that will be used for the session cookie on the client (one session has many values).
Also it takes pairs of keys (hmac auth, encryption), and if doing key rotation multiple of these pairs. The second key of the pair should be set to nil if encryption isn't desired.
Authentication keys should be 32 or 64 bytes. Encryption keys should be 16, 24, or 32 bytes for AES-128, AES-192, and AES-256 respectively.
This creates the session storer with the most secure options: MaxAge=0, Secure=true, HttpOnly=true. You can change them after it's created by converting the Store or simply create your own sessions.NewCookieStore and set its options manually.
These docs are prone to doc-rot since they're copied from the gorilla session store documentation.
func NewSessionStorerFromExisting ¶
func NewSessionStorerFromExisting(sessionName string, store sessions.Store) SessionStorer
NewSessionStorerFromExisting takes a store object that's already configured and uses it directly. This can be anything that satisfies the interface.
sessionName is the name of the cookie/file/whatever on the client or on the filesystem etc.
func (SessionStorer) ReadState ¶
func (s SessionStorer) ReadState(r *http.Request) (authboss.ClientState, error)
ReadState loads the session from the request context
func (SessionStorer) WriteState ¶
func (s SessionStorer) WriteState(w http.ResponseWriter, state authboss.ClientState, ev []authboss.ClientStateEvent) error
WriteState to the responsewriter