database

package
v0.0.0-...-26f6338 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 1, 2025 License: MIT Imports: 16 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func MustDecrypt 

func MustDecrypt(encrypted_secret string, key []byte) string

MustDecrypt decrypts an encrypted secret using AES-GCM with a key derived from the server's secret or an Argon2ID derived key. The function expects the encrypted secret and the encoded key as base64 encoded strings. It panics if any errors occur during the decryption process, such as decoding failures, cipher setup issues, or decryption errors.

Parameters:

  • encrypted_secret: The base64 encoded encrypted data to be decrypted.
  • encoded_key: The base64 encoded key used for decryption.

Returns:

  • The decrypted plaintext as a string.

func MustEncrypt 

func MustEncrypt(plaintext string, key []byte) string

MustEncrypt encrypts the given plaintext using AES-GCM encryption with a key derived from the encoded key. The key is expected to be the base64 encoded server secret key, or a Argon2ID derived key.

This function panics if there is an issue with the key, or if there is an issue with the encryption process.

Parameters:

  • plaintext: The text to be encrypted.
  • encoded_key: The base64 encoded server secret key.

Returns:

  • A base64 encoded string of the encrypted data.

Types

type Database 

type Database struct {
	DB           *gorm.DB // The database connection.
	ServerSecret string   // A 32-byte (256-bit) secret used for encryption/decryption.
	Cache        *types.DBCache
}

func (*Database) AddVerificationCode 

func (d *Database) AddVerificationCode(user string, code string, expires time.Time) error

func (*Database) AutoDestroyExpiredSessions 

func (d *Database) AutoDestroyExpiredSessions(user_id string) error

func (*Database) CreateSession 

func (d *Database) CreateSession(user *types.User, session_id string, origin string, user_agent string, ip string, expires time.Time) error

func (*Database) CreateUser 

func (d *Database) CreateUser(user *types.User) error

func (*Database) CreateUserSecret 

func (d *Database) CreateUserSecret() (string, error)

CreateUserSecret generates a new 256-bit random secret for a user, encrypts it using AES-GCM with the server's secret, and returns the encrypted secret as a base64 encoded string. Returns an error if there is an issue generating the random secret.

func (*Database) Decrypt 

func (d *Database) Decrypt(user *types.User, encrypted_secret string) (string, error)

Decrypts a given encrypted secret using AES-GCM encryption and the user's secret.

Parameters:

  • ulid: The unique user identifier used to retrieve the user's secret.
  • encrypted_secret: The text to be decrypted.

Returns:

  • A plaintext string of the decrypted data.
  • An error if any issue arises during decryption.

func (*Database) DeleteSession 

func (d *Database) DeleteSession(session_id string) error

func (*Database) DeleteVerificationCodes 

func (d *Database) DeleteVerificationCodes(user string) error

func (*Database) DoesNameExist 

func (d *Database) DoesNameExist(name string) (bool, error)

func (*Database) Encrypt 

func (d *Database) Encrypt(user *types.User, plaintext string) (string, error)

Encrypt encrypts the given plaintext using AES-GCM with a key derived from the user's secret. It retrieves the user's secret based on the provided ULID, truncates it to the first 32 bytes, and uses it to create an AES cipher. The plaintext is encrypted with a randomly generated nonce, and the resulting ciphertext is base64 encoded.

Parameters:

  • ulid: The unique user identifier used to retrieve the user's secret.
  • plaintext: The text to be encrypted.

Returns:

  • A base64 encoded string of the encrypted data.
  • An error if any issue arises during encryption.

func (*Database) GetAllSessions 

func (d *Database) GetAllSessions(user_id string) ([]*types.UserSession, error)

func (*Database) GetRecoveryCodes 

func (d *Database) GetRecoveryCodes(user *types.User) ([]string, error)

GetRecoveryCodes retrieves all recovery codes for a given user from the database. Each code is decrypted before being returned to the caller. If the user does not have any recovery codes, an empty slice is returned. If an error occurs while retrieving or decrypting the codes, the error is returned.

func (*Database) GetSession 

func (d *Database) GetSession(session_id string) (*types.UserSession, error)

func (*Database) GetSimilarUserByUsername 

func (d *Database) GetSimilarUserByUsername(username string) (*types.User, error)

func (*Database) GetTotpSecret 

func (d *Database) GetTotpSecret(user *types.User) string

Decrypts and returns the user's TOTP secret based on AES-GCM encryptuion using the user's password hash

func (*Database) GetUser 

func (d *Database) GetUser(id string) (*types.User, error)

func (*Database) GetUserByEmail 

func (d *Database) GetUserByEmail(email string) (*types.User, error)

func (*Database) GetUserFromProvider 

func (d *Database) GetUserFromProvider(id string, provider string) (*types.User, error)

func (*Database) GetUserLogs 

func (d *Database) GetUserLogs(user_id string, page int) ([]*constants.UserLog, int64, error)

func (*Database) GetUsers 

func (d *Database) GetUsers() []*types.User

func (*Database) GetVerificationCode 

func (d *Database) GetVerificationCode(user string) (string, error)

func (*Database) LinkUserToProvider 

func (d *Database) LinkUserToProvider(user string, provider_user string, provider string) error

func (*Database) StoreRecoveryCodes 

func (d *Database) StoreRecoveryCodes(user *types.User, codes []string) error

StoreRecoveryCodes stores a list of recovery codes for a given user in the database. It encrypts each code before storing it. If the user already has recovery codes stored, this function will delete them first before writing the new ones. If an error occurs while encrypting or writing the codes to the database, it will be returned.

func (*Database) StoreTotpSecret 

func (d *Database) StoreTotpSecret(user *types.User, key string)

Encrypts and stores the user's TOTP secret using AES-GCM encryption and the user's password hash.

func (*Database) UpdateUserPassword 

func (d *Database) UpdateUserPassword(id string, password string) error

func (*Database) UpdateUserState 

func (d *Database) UpdateUserState(id string, state bitfield.Bitfield8) error

func (*Database) VerifyCode 

func (d *Database) VerifyCode(user string, code string) (bool, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.