auth

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 18, 2021 License: MIT Imports: 3 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrAffiliationNameEmpty           = errors.New("auth: affiliation name is empty")
	ErrAffiliationOwnerUserIDEmpty    = errors.New("auth: affiliation owner user id is empty")
	ErrAffiliationSharedWalletIDEmpty = errors.New("auth: affiliation shared wallet id is empty")
	ErrAffiliationStreetAddressEmpty  = errors.New("auth: affiliation street address is empty")
	ErrAffiliationCityEmpty           = errors.New("auth: affiliation city is empty")
	ErrAffiliationStateEmpty          = errors.New("auth: affiliation state is empty")
	ErrAffiliationCountryISOEmpty     = errors.New("auth: affiliation country iso is empty")
	ErrAffiliationZipCodeEmpty        = errors.New("auth: affiliation zip code is empty")
	ErrAffiliationContactEmailEmpty   = errors.New("auth: affiliation contact email is empty")
)

Functions

func CheckoutMFA 

func CheckoutMFA(userID uint64, extentionType string) (string, error)

Read

func ClearMFA 

func ClearMFA(userID uint64, extentionType string) error

Delete

func ConfirmMFA 

func ConfirmMFA(userID uint64, extentionType string) error

Update

func CreateAffiliation 

func CreateAffiliation(affiliation *Affiliation) error

func DeleteTmpEntry 

func DeleteTmpEntry(userID uint64, extentionType, indexKey string) error

Delete

func EnabledMFA 

func EnabledMFA(userID uint64) ([]string, error)

func InitMFA 

func InitMFA(userID uint64, extentionType, extentionData string) error

Create

func InsertTmpEntry 

func InsertTmpEntry(userID uint64, extentionType, indexKey, storedValue string) error

*********** Temporary Database *********** Create

func MFAEnabled 

func MFAEnabled(userID uint64, extentionType string) (bool, error)

Read

func ReadTmpEntry 

func ReadTmpEntry(userID uint64, extentionType, indexKey string) (string, error)

Read

func Setup 

func Setup(dbConn *sql.DB, tblPrefixOverride string)

func UpdateMFA 

func UpdateMFA(userID uint64, extentionType, extentionData string) error

Update

func UpdateTmpEntry 

func UpdateTmpEntry(userID uint64, extentionType, indexKey, storedValue string) error

Update

Types

type Affiliation 

type Affiliation struct {
	Name           string
	ParentID       uint64
	OwnerUserID    uint64 // must be a valid user id with a wallet (to be shared among users with permission)
	SharedWalletID uint64 // must be a valid wallet id
	StreetAddress  string
	Suite          string
	City           string
	State          string
	CountryISO     string
	ZipCode        string
	ContactEmail   string
	// contains filtered or unexported fields
}

func GetAffiliationByID 

func GetAffiliationByID(id uint64) (*Affiliation, error)

func (*Affiliation) Parent 

func (affiliation *Affiliation) Parent() (*Affiliation, error)

func (*Affiliation) UpdateAffiliation 

func (affiliation *Affiliation) UpdateAffiliation() error

type MultiFactorAuthentication 

type MultiFactorAuthentication interface {
	Registered(userID uint64) bool

	// Register associate a MFA credential to user
	InitSignUp(userID uint64, username string) (map[string]interface{}, error)
	CompleteSignUp(userID uint64, mfaConf map[string]string) error

	// Challenge is called when user try to verify identity using the selected MFA.
	NewChallenge(userID uint64) (map[string]interface{}, error)
	SubmitChallenge(userID uint64, challengeResponse map[string]string) error

	// Remove the MFA credential from the database
	Remove(userID uint64) error
}

type Role 

type Role uint32
const (
	/************ Global Role ************/
	GLOBAL_EVALUATION_USER Role = 1 << iota // EVALUATION_USER may not order products
	GLOBAL_PRODUCTION_USER                  // PRODUCTION_USER may order products
	GLOBAL_INTERNAL_USER                    // STAGING_USER may order products free of charge
	GLOBAL_ADMIN                            // ADMIN owns all access to management interface

	/************ Exemptional Role ************/
	EXEMPT_MARKETING_CONTACT // User won't be contacted for marketing purposes
	EXEMPT_BILLING_CONTACT   // User won't be notified for billing updates
	EXEMPT_SUPPORT_CONTACT   // User won't be notified for supporting case updates

	/************ Affiliation Role ************/
	// Affiliations (enterprises) may purchase products and set them
	// to be shared by users
	AFFILIATION_ACCOUNT_USER  // ACCOUNT_USER is a user belong to an enterprise
	AFFILIATION_ACCOUNT_ADMIN // ACCOUNT_ADMIN may create users and manage users (assigning roles, etc)

	AFFILIATION_PRODUCT_USER  // PRODUCT_USER may only view(and use) products
	AFFILIATION_PRODUCT_ADMIN // PRODUCT_ADMIN may create and edit shared products

	AFFILIATION_BILLING_USER  // BILLING_USER may purchase products with Affiliation-owned wallet
	AFFILIATION_BILLING_ADMIN // BILLING_ADMIN may deposit funds into Affiliation-owned wallet and view/manage associated products

	ROLELESS Role = 0
)

Known roles as unambiguous binary flags allowing cascading

func Roles 

func Roles(roles ...Role) Role

func (Role) AddRole 

func (r Role) AddRole(role Role) Role

func (Role) Includes 

func (r Role) Includes(other Role) bool

func (Role) RemoveRole 

func (r Role) RemoveRole(role Role) Role

type User 

type User struct {
	Email         string `json:"email"`
	Password      string `json:"password"` // HMAC-Hashed
	Role          Role   `json:"role"`
	AffiliationID uint64 `json:"affiliation"`
	// contains filtered or unexported fields
}

func GetUserByEmailPassword 

func GetUserByEmailPassword(email, password string) (*User, error)

GetUserByEmail should be called for user login return nil, err when error/mismatch

func GetUserByID 

func GetUserByID(id uint64) (*User, error)

GetUserByID should be called only after the user has been authenticated (Token validated)

func GetUsersByAffiliationID 

func GetUsersByAffiliationID(affiliationID uint64) ([]*User, error)

func (*User) CreateUser 

func (user *User) CreateUser() error

CreateUser should be called when registering a new user

func (*User) Info 

func (user *User) Info() (*UserInfo, error)

func (*User) NewUserInfo 

func (user *User) NewUserInfo(info *UserInfo) error

func (*User) UpdateInfo 

func (user *User) UpdateInfo(info *UserInfo) error

func (*User) UpdateUser 

func (user *User) UpdateUser() error

UpdateUser

func (*User) UserEmailExists 

func (user *User) UserEmailExists() (bool, error)

UserEmailExists should be called before submitting user creation form.

func (*User) WipeUserData 

func (user *User) WipeUserData() error

Wipe User Data

type UserInfo 

type UserInfo struct {
	// Personal Info - Mandatory
	FirstName string `json:"first_name"` // Preferred First Name
	LastName  string `json:"last_name"`  // Preferred Last Name

	// Billing Info - Optional
	StreetAddress string `json:"street_address"`
	Suite         string `json:"suite"`
	City          string `json:"city"`
	State         string `json:"state"`
	CountryISO    string `json:"country_iso"`
	ZipCode       string `json:"zip_code"`
}

Source Files

View all Source files

Directories

Path Synopsis
examples
totp command
webauthn command
mfa
totp
webauthn

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.