abossworked

package
v0.0.0-...-6b1cea2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 7, 2022 License: GPL-3.0 Imports: 39 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateWorkedConfig 

func GenerateWorkedConfig()

GenerateWorkedConfig is a utility function that generates the session, cookie and CSRF seeds and writes the YAML configuration file. It will not overwrite an existing configuration.

func GinRouter 

func GinRouter(cfg *ConfigData, storer *AuthStorer, templates *Templates) (engine *gin.Engine, err error)

GinRouter configures the Gin framework's URL dispatching and routing.

Types

type AuthStorer 

type AuthStorer struct {

	// GORM's connection to the SQLite database...
	UserDB *gorm.DB
	// contains filtered or unexported fields
}

AuthStorer holds the SQLite database state

func OpenUserDB 

func OpenUserDB(workedRoot string) (storer *AuthStorer, err error)

OpenUserDB opens the user database and creates the database structure if it doesn't already exist.

func (AuthStorer) AddRememberToken 

func (storer AuthStorer) AddRememberToken(ctx context.Context, pid, token string) error

AddRememberToken associates a "remember me" token with the user

func (*AuthStorer) Close 

func (storer *AuthStorer) Close()

Close and cleanup for SQLStorer.

func (AuthStorer) Create 

func (storer AuthStorer) Create(ctx context.Context, abUser authboss.User) error

Create the user in the SQLite udata table, returning authboss.ErrUserFound if the user already exists.

func (AuthStorer) DelRememberTokens 

func (storer AuthStorer) DelRememberTokens(ctx context.Context, pid string) error

DelRememberTokens removes all "remember me" tokens previously associated with the user

func (AuthStorer) Load 

func (storer AuthStorer) Load(ctx context.Context, key string) (authboss.User, error)

Load will look up the user based on the passed the PrimaryID. Under normal circumstances this comes from GetPID() of the user.

OAuth2 logins are special-cased to return an OAuth2 pid (combination of provider:oauth2uid), and therefore key be special cased in a Load() implementation to handle that form, use ParseOAuth2PID to see if key is an OAuth2PID or not.

func (AuthStorer) LoadByConfirmSelector 

func (storer AuthStorer) LoadByConfirmSelector(ctx context.Context, selector string) (authboss.ConfirmableUser, error)

LoadByConfirmSelector loads the user via their confirmation selector.

func (AuthStorer) LoadByRecoverSelector 

func (storer AuthStorer) LoadByRecoverSelector(ctx context.Context, selector string) (authboss.RecoverableUser, error)

LoadByRecoverSelector loads the user using the recovery selector string.

func (AuthStorer) New 

func (storer AuthStorer) New(ctx context.Context) authboss.User

New creates a blank user. It is not yet persisted in the database.

func (AuthStorer) Save 

func (storer AuthStorer) Save(ctx context.Context, abUser authboss.User) error

Save persists the user in the database. This should never create a user and instead return ErrUserNotFound if the user does not exist.

func (AuthStorer) UseRememberToken 

func (storer AuthStorer) UseRememberToken(ctx context.Context, pid, token string) error

UseRememberToken finds the pid-token pair and deletes it (consumes the remember token). If the token could not be found return ErrTokenNotFound

type ConfigData 

type ConfigData struct {
	// Logging instance
	ConfigLog *log.Logger
	// Defaults to the current directory in which this worked example operates.
	WorkedRoot string
	// ConfigDataDir is where we find the YAML files
	ConfigDataDir string
	// contains filtered or unexported fields
}

ConfigData is a container for abossworked's configuration data. It is tied to the worked-config.yml YAML template.

func GetWorkedConfig 

func GetWorkedConfig() (retval *ConfigData, err error)

GetWorkedConfig reads the worked example's configuration from a YAML-structured file and returns an WorkedConfigData structure with the contents.

func (*ConfigData) HostPortString 

func (cfg *ConfigData) HostPortString() string

HostPortString generates the "host[:port]" string for HTTP paths

type Confirmations 

type Confirmations struct {
	GUID      string         `gorm:"primaryKey;not null;type:char(36)"`
	Selector  sql.NullString `gorm:"uniqueIndex"`
	Verifier  sql.NullString `gorm:"uniqueIndex"`
	Confirmed bool

	// 1-to-1 association with UserData via GUID join
	User UserData `gorm:"foreignKey:GUID"`

	// GORM's Model members:
	CreatedAt time.Time
	UpdatedAt time.Time
}

Confirmations is the underlying database table object for confirmation data. It has an inverted relationship with UserData: while it might have made more sense to embed Confirmations in the UserData structure, inverting the relationship ensures that a confirmation has a corresponding user.

type CookieState 

type CookieState map[string]string

CookieState is an authboss.ClientState implementation to hold cookie state for the duration of the request

func (CookieState) Get 

func (c CookieState) Get(key string) (string, bool)

Get a cookie

type CookieStorer 

type CookieStorer struct {
	// Legitimate cookies in which we're interested
	Cookies []string
	// Default cookie parameters (age, same site, domain, path, ...). Only a subset
	// of parameters are used.
	http.Cookie
	// Embedded secure cookie storage and management.
	*securecookie.SecureCookie
	// contains filtered or unexported fields
}

CookieStorer writes and reads cookies to an underlying gorilla secure cookie storage.

func (CookieStorer) ReadState 

func (c CookieStorer) ReadState(r *http.Request) (authboss.ClientState, error)

ReadState from the request

func (CookieStorer) WriteState 

func (c CookieStorer) WriteState(w http.ResponseWriter, state authboss.ClientState, ev []authboss.ClientStateEvent) error

WriteState to the responsewriter

type LockedAccount 

type LockedAccount struct {
	GUID         string `gorm:"primaryKey;not null;type:char(36)"`
	AttemptCount int
	LastAttempt  time.Time
	Locked       time.Time

	// 1-to-1 association with UserData via GUID join
	User UserData `gorm:"foreignKey:GUID"`

	// GORM's Model members:
	CreatedAt time.Time
	UpdatedAt time.Time
}

LockedAccount is the underlying database table object for locking user accounts when there have been too many unsuccessful authentication attempts.

type RecoveryRequests 

type RecoveryRequests struct {
	GUID        string         `gorm:"primaryKey;not null;type:char(36)"`
	Selector    sql.NullString `gorm:"uniqueIndex"`
	Verifier    sql.NullString `gorm:"uniqueIndex"`
	TokenExpiry time.Time

	// 1-to-1 association with UserData via GUID join
	User UserData `gorm:"foreignKey:GUID"`

	// GORM's Model members:
	CreatedAt time.Time
	UpdatedAt time.Time
}

RecoveryRequests is the underlying database table object for tracking account recovery requests.

type RememberMeTokens 

type RememberMeTokens struct {
	// User's GUID: This will not be unique, since the user can use multiple browsers.
	GUID string `gorm:"not null;index;type:char(36)"`
	// Remember-me token. There can be multiple tokens associated with the
	// user, each of which are distinct.
	Token string `gorm:"primaryKey;not null"`
}

RememberMeTokens is the underlying database table object for Primary IDentifier and remember-me tokens. This is intentionally disconnected (no direct foreign key relationship, no association) from the UserData table.

func (RememberMeTokens) TableName 

func (RememberMeTokens) TableName() string

TableName returns the "remember" table name for RememberMeTokens.

type SessionState 

type SessionState struct {
	// contains filtered or unexported fields
}

SessionState is the Gin-wrapped Gorilla session container using GORM-based storage.

func (SessionState) Get 

func (s SessionState) Get(key string) (string, bool)

Get a key from the session

type SessionStore 

type SessionStore struct {
	Name string
	// contains filtered or unexported fields
}

SessionStore stores sessions in a Gin-contrib, GORM-backed session store.

func (SessionStore) ReadState 

func (s SessionStore) ReadState(r *http.Request) (authboss.ClientState, error)

ReadState loads the session from the http.Request context

func (SessionStore) WriteState 

func (s SessionStore) WriteState(w http.ResponseWriter, state authboss.ClientState, ev []authboss.ClientStateEvent) error

WriteState to the responsewriter

type TemplateState 

type TemplateState struct {
	// contains filtered or unexported fields
}

TemplateState keeps the parsed template and enough state so that the template can be hot-(re)loaded if any of its components change.

type Templates 

type Templates struct {

	// Additional (key, value) data used in the master template
	TemplateData map[string]authboss.HTMLData
	// contains filtered or unexported fields
}

Templates is a map of all parsed templates.

func TemplateLoader 

func TemplateLoader(templateDir, fragmentDir, masterTemplate string, funcs template.FuncMap, cfg *ConfigData) (*Templates, error)

TemplateLoader loads and parses the .gohtml template files from templateDir, collecting the templates in a map. Panics on failure to parse/load anything.

masterTemplate: The overall base HTML container template. "Fragment" templates are associated with this template first, i.e., the master template is the aggregate of itself and the partials.

The master template has a magic internal template reference to "content" -- this is the content of the regular templates that is interpolated when the template is rendered.

The regular templates are loaded into a clone of the master template, where the the internal template name "content" references the actual template content.

func (*Templates) Load 

func (templates *Templates) Load(names ...string) error

Load templates needed by authboss. The names will be a list of page names used by authboss modules, e.g., "login" for the login/user authorization module, "register" for the user-initiated account creation module, etc. Load will be invoked for each Authboss module, so this function will be invoked multiple times.

See Authboss' use cases for the "Pages" that will be rendered for a particular module: https://github.com/volatiletech/authboss#use-cases

Note: We've already loaded the templates prior to Authboss calling Load: we call TemplateLoader() before we call configureAuthboss(). So, all Load() does here is validate that we already loaded the templates that Authboss needs.

func (*Templates) Render 

func (templates *Templates) Render(ctx context.Context, page string, data authboss.HTMLData) ([]byte, string, error)

Render a specific authboss template; see the notes in Load().

type UserData 

type UserData struct {
	// User's GUID, the primary relation to other tables and (potentially) other
	// databases. References the user using a unique value rather than by their e-mail
	// or Authboss PID when joining across tables or databases.
	GUID string `gorm:"primaryKey;not null;type:char(36)"`

	// E-mail in this example code is the user's primary unique identifier ("PID" in
	// the Authboss documentation and code.) Could also be a user name or ... (and maybe
	// consider renaming this member to "PID").
	Email string `gorm:"uniqueIndex;not null;type:varchar(256)"`
	// bCrypt-ed password
	UIDData string `gorm:"column:uid_data;not null;type:varchar(64)"`

	// GORM's Model members:
	CreatedAt time.Time
	UpdatedAt time.Time
}

UserData is the underlying database object structure

func (UserData) TableName 

func (UserData) TableName() string

TableName for the UserData structure is "udata", not the GORM default "u_data"

type WorkedUser 

type WorkedUser struct {
	*AuthStorer
	UserData
	// contains filtered or unexported fields
}

WorkedUser is the glue structure that connects user state to Authboss. It embeds the AuthStorer SQL state with the UserData user data so that we don't have to store everything in UserData and can separate out Authboss functions, such as confirmation and account locking.

func (*WorkedUser) GetArbitrary 

func (user *WorkedUser) GetArbitrary() (arbitrary map[string]string)

GetArbitrary returns the authboss "arbitrary" form data that should be preserved across form invocations.

func (*WorkedUser) GetAttemptCount 

func (user *WorkedUser) GetAttemptCount() (attempts int)

GetAttemptCount returns the number of login attempts prior to the user's account being locked.

func (*WorkedUser) GetConfirmSelector 

func (user *WorkedUser) GetConfirmSelector() string

GetConfirmSelector returns the user's confirmation selector (URL)

func (*WorkedUser) GetConfirmVerifier 

func (user *WorkedUser) GetConfirmVerifier() string

GetConfirmVerifier returns the user's confirmation verifier

func (*WorkedUser) GetConfirmed 

func (user *WorkedUser) GetConfirmed() (confirmed bool)

GetConfirmed returns the user's confirmation status

func (*WorkedUser) GetEmail 

func (user *WorkedUser) GetEmail() (email string)

GetEmail returns the user's e-mail address, which also happens to be the PID

func (*WorkedUser) GetLastAttempt 

func (user *WorkedUser) GetLastAttempt() (last time.Time)

GetLastAttempt returns the last unsuccessful attempt time

func (*WorkedUser) GetLocked 

func (user *WorkedUser) GetLocked() (locked time.Time)

GetLocked returns the user's account lock status

func (*WorkedUser) GetPID 

func (user *WorkedUser) GetPID() string

GetPID returns the user's primary identifier, which is user's email address

func (*WorkedUser) GetPassword 

func (user *WorkedUser) GetPassword() string

GetPassword returns the bcrypt-ed user password

func (*WorkedUser) GetRecoverExpiry 

func (user *WorkedUser) GetRecoverExpiry() (expiry time.Time)

GetRecoverExpiry returns the recovery process' expiration time

func (*WorkedUser) GetRecoverSelector 

func (user *WorkedUser) GetRecoverSelector() (selector string)

GetRecoverSelector returns the recovery selector (URL)

func (*WorkedUser) GetRecoverVerifier 

func (user *WorkedUser) GetRecoverVerifier() (verifier string)

GetRecoverVerifier returns the recovery verifier (URL)

func (*WorkedUser) PutArbitrary 

func (user *WorkedUser) PutArbitrary(arbitrary map[string]string)

PutArbitrary stores the authboss "arbitrary" form data that should be preserved across form invocations (e.g.., validation failed, but you'd like to keep the user's e-mail.)

func (*WorkedUser) PutAttemptCount 

func (user *WorkedUser) PutAttemptCount(attempts int)

PutAttemptCount stores the number of login attempts prior to the account being locked.

func (*WorkedUser) PutConfirmSelector 

func (user *WorkedUser) PutConfirmSelector(selector string)

PutConfirmSelector stores the user's confirmation selector

func (*WorkedUser) PutConfirmVerifier 

func (user *WorkedUser) PutConfirmVerifier(verifier string)

PutConfirmVerifier stores the user's confirmation verifier

func (*WorkedUser) PutConfirmed 

func (user *WorkedUser) PutConfirmed(confirmed bool)

PutConfirmed stores the user's confirmation status

func (*WorkedUser) PutEmail 

func (user *WorkedUser) PutEmail(email string)

PutEmail stores the user's e-mail address, which also happens to be the PID

func (*WorkedUser) PutLastAttempt 

func (user *WorkedUser) PutLastAttempt(last time.Time)

PutLastAttempt stores the last unsuccessful attempt time

func (*WorkedUser) PutLocked 

func (user *WorkedUser) PutLocked(locked time.Time)

PutLocked stores the user's account lock status

func (*WorkedUser) PutPID 

func (user *WorkedUser) PutPID(pid string)

PutPID stores the user's identifier in the User structure, interface function for authboss.User

func (*WorkedUser) PutPassword 

func (user *WorkedUser) PutPassword(pass string)

PutPassword stores the bcrypt-ed user password

func (*WorkedUser) PutRecoverExpiry 

func (user *WorkedUser) PutRecoverExpiry(expiry time.Time)

PutRecoverExpiry stores the recovery process' expiration time

func (*WorkedUser) PutRecoverSelector 

func (user *WorkedUser) PutRecoverSelector(selector string)

PutRecoverSelector stores the recovery selector (URL)

func (*WorkedUser) PutRecoverVerifier 

func (user *WorkedUser) PutRecoverVerifier(verifier string)

PutRecoverVerifier stores the recovery verifier (URL)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.