manager

type ChangePasswordManager struct {
	ApiCfg *config.Server
	// contains filtered or unexported fields
}

type ChangePasswordManagerInterface interface {
	// ChangePasswordStart initiates a process for changing a user's password.
	// The method creates a one-time token and sends it to the user's email.
	ChangePasswordStart(*models.ChangePasswordStartForm) *models.GeneralError

	// ChangePasswordVerify validates a one-time token sent by email and, if successful, changes the user's password.
	ChangePasswordVerify(*models.ChangePasswordVerifyForm) *models.GeneralError
}

type LoginManager struct {
	// contains filtered or unexported fields
}

type LoginManagerInterface interface {
	// Authorize generates an authorization URL for the social network to redirect the user.
	Authorize(echo.Context, *models.AuthorizeForm) (string, *models.GeneralError)

	// AuthorizeResult validates the response after authorization in the social network.
	//
	// In case of successful authentication, the user will be generated a one-time token to complete the
	// authorization in the basic authorization form.
	//
	// If a user has not previously logged in through a social network, but an account has been found with the same
	// mail as in a social network, then the user will be asked to link these accounts.
	AuthorizeResult(echo.Context, *models.AuthorizeResultForm) (*models.AuthorizeResultResponse, *models.GeneralError)

	// AuthorizeLink implements the situation with linking the account from the social network and password login (when their email addresses match).
	//
	// If the user chooses the linking of the account, then the password from the account will be validated and,
	// if successful, this social account will be tied to the basic record.
	//
	// If the user refused to link, then a new account will be created.
	AuthorizeLink(echo.Context, *models.AuthorizeLinkForm) (string, *models.GeneralError)
}

type MFAManager struct {
	// contains filtered or unexported fields
}

type MFAManagerInterface interface {
	// MFAChallenge is temporary unused.
	MFAChallenge(*models.MfaChallengeForm) *models.GeneralError

	// MFAVerify verifies the one-time MFA token.
	MFAVerify(echo.Context, *models.MfaVerifyForm) *models.GeneralError

	// MFAAdd adds mfa provider for the user.
	//
	// If successful, a secret key will be generated, a list of backup codes and a
	// qr-code to add an authenticator to the program.
	MFAAdd(echo.Context, *models.MfaAddForm) (*models.MfaAuthenticator, *models.GeneralError)

	// MFARemove removes mfa provider for user
	MFARemove(echo.Context, *models.MfaRemoveForm) *models.GeneralError

	// MFAList returns list of mfa providers for user
	MFAList(echo.Context, *models.MfaListForm) ([]*models.MfaProvider, *models.GeneralError)
}

type ManageManager struct {
	// contains filtered or unexported fields
}

type OauthManager struct {
	ApiCfg *config.Server
	// contains filtered or unexported fields
}

type OauthManagerInterface interface {
	// CheckAuth is a cookie based authentication check.
	//
	//  If the user has previously been authorized and selected the option "remember me",
	//  then this method automatically authorizes the user.
	//
	//  If the user does not have an authorization session, his email address will be returned in order
	//  to offer him authorization under the previous account.
	//
	//  If no authorization was found, then a list of social networks is returned (if available) in order to prompt
	//  the user to log in through them, and not just by login and password.
	CheckAuth(echo.Context, *models.Oauth2LoginForm) (string, *models.User, []*models.AppIdentityProvider, string, *models.GeneralError)

	// Auth authorizes a user based on login and password, previous login or
	// one-time authorization token (obtained after authorization through social networks).
	//
	// After successful authorization, the URL for the redirect will be returned to pass the agreement consent process.
	Auth(echo.Context, *models.Oauth2LoginSubmitForm) (string, *models.GeneralError)

	// Consent prompts the user to accept the consent.
	Consent(echo.Context, *models.Oauth2ConsentForm) ([]string, *models.GeneralError)

	// Consent accepts the consent.
	ConsentSubmit(echo.Context, *models.Oauth2ConsentSubmitForm) (string, *models.GeneralError)

	// GetScopes returns a list of available scope for the application.
	GetScopes([]string) []string

	// HasOnlyDefaultScopes returns true if the request contains only default scopes
	HasOnlyDefaultScopes([]string) bool

	// Introspect checks the token and returns its contents.
	//
	// Contains an access token's session data as specified by IETF RFC 7662, see:
	// https://tools.ietf.org/html/rfc7662
	Introspect(echo.Context, *models.Oauth2IntrospectForm) (*models.Oauth2TokenIntrospection, *models.GeneralError)

	// SignUp registers a new user using login and password.
	//
	// After successful registration, the URL for the redirect will be returned to pass the agreement consent process.
	SignUp(echo.Context, *models.Oauth2SignUpForm) (string, *models.GeneralError)

	// CallBack verifies the result of oauth2 authorization.
	//
	// The method is implemented for applications that do not have their own backend,
	// for example, an application for a computer or a SPA.
	//
	// The page, using the JS SDK, will transmit through the PostMessage and the callback function the result of
	// the authorization, the token and the time of its completion.
	CallBack(echo.Context, *models.Oauth2CallBackForm) (*models.Oauth2CallBackResponse, *models.GeneralError)

	// Logout removes the authentication cookie and redirects the user to the specified URL.
	//
	// Url should be in the list of trusted ones, as well as during authorization and registration.
	Logout(echo.Context, *models.Oauth2LogoutForm) (string, *models.GeneralError)
}

type PasswordLessManager struct {
}