handlers

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 7, 2024 License: Apache-2.0 Imports: 41 Imported by: 0

Documentation

Overview

Package handlers contains custom handler functions

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrBadRequest is returned when the request cannot be processed
	ErrBadRequest = errors.New("invalid request")

	// ErrProcessingRequest is returned when the request cannot be processed
	ErrProcessingRequest = errors.New("error processing request, please try again")

	// ErrMissingRequiredFields is returned when the login request has an empty username or password
	ErrMissingRequiredFields = errors.New("invalid request, missing username and/or password")

	// ErrDuplicate is returned when the request violates the unique constraints
	ErrDuplicate = errors.New("unique constraint violated on model")

	// ErrMissingRelation is returned when a foreign key restricted is violated
	ErrMissingRelation = errors.New("foreign key relation violated on model")

	// ErrNotNull is returned when a field is required but not provided
	ErrNotNull = errors.New("not null constraint violated on model")

	// ErrConstraint is returned when a database constraint is violated
	ErrConstraint = errors.New("database constraint violated")

	// ErrNotFound is returned when the requested object is not found
	ErrNotFound = errors.New("object not found in the database")

	// ErrMissingField is returned when a field is missing duh
	ErrMissingField = errors.New("missing required field")

	// ErrInvalidCredentials is returned when the password is invalid or missing
	ErrInvalidCredentials = errors.New("datum credentials are missing or invalid")

	// ErrUnverifiedUser is returned when email_verified on the user is false
	ErrUnverifiedUser = errors.New("user is not verified")

	// ErrUnableToVerifyEmail is returned when user's email is not able to be verified
	ErrUnableToVerifyEmail = errors.New("could not verify email")

	// ErrNoEmailFound is returned when using an oauth provider and the email address cannot be determined
	ErrNoEmailFound = errors.New("no email found from oauth provider")

	// ErrNoAuthUser is returned when the user couldn't be identified by the request
	ErrNoAuthUser = errors.New("could not identify authenticated user in request")

	// ErrPassWordResetTokenInvalid is returned when the provided token and secret do not match the stored
	ErrPassWordResetTokenInvalid = errors.New("password reset token invalid")
)

Functions

func ErrorResponse added in v0.2.3 

func ErrorResponse(err interface{}) *echo.HTTPError

ErrorResponse constructs a new response for an error or simply returns unsuccessful

func IsConstraintError added in v0.2.2 

func IsConstraintError(err error) bool

IsConstraintError returns true if the error resulted from a database constraint violation.

func IsForeignKeyConstraintError added in v0.2.2 

func IsForeignKeyConstraintError(err error) bool

IsForeignKeyConstraintError reports if the error resulted from a database foreign-key constraint violation. e.g. parent row does not exist.

func IsUniqueConstraintError added in v0.2.2 

func IsUniqueConstraintError(err error) bool

IsUniqueConstraintError reports if the error resulted from a DB uniqueness constraint violation. e.g. duplicate value in unique index.

Types

type CheckFunc 

type CheckFunc func(ctx context.Context) error

CheckFunc is a function that can be used to check the status of a service

type Checks 

type Checks struct {
	// contains filtered or unexported fields
}

func (*Checks) ReadyHandler 

func (c *Checks) ReadyHandler(ctx echo.Context) error

type ForgotPasswordRequest added in v0.2.3 

type ForgotPasswordRequest struct {
	Email string `json:"email"`
}

ForgotPasswordRequest contains fields for a forgot password request

type GithubConfig added in v0.2.7 

type GithubConfig struct {
	ClientID       string   `yaml:"clientId" split_words:"true"`
	ClientSecret   string   `yaml:"clientSecret" split_words:"true"`
	ClientEndpoint string   `yaml:"clientEndpoint" split_words:"true" default:"http://localhost:17608"`
	Scopes         []string `yaml:"scopes" split_words:"true" default:"user:email,read:user"`
	RedirectURL    string   `yaml:"redirectURL" split_words:"true" default:"/v1/github/callback"`
	Orgs           []string `yaml:"orgs" split_words:"true"`
}

GithubConfig represents the configuration settings for a Github Oauth Provider

type GoogleConfig added in v0.2.7 

type GoogleConfig struct {
	ClientID       string   `yaml:"clientId" split_words:"true"`
	ClientSecret   string   `yaml:"clientSecret" split_words:"true"`
	ClientEndpoint string   `yaml:"clientEndpoint" split_words:"true" default:"http://localhost:17608"`
	RedirectURL    string   `yaml:"redirectURL" split_words:"true" default:"/v1/google/callback"`
	Scopes         []string `yaml:"scopes" split_words:"true" default:"email, profile"`
}

GoogleConfig represents the configuration settings for a Google Oauth Provider

type Handler 

type Handler struct {
	// DBClient to interact with the generated ent schema
	DBClient *ent.Client
	// RedisClient to interact with redis
	RedisClient *redis.Client
	// TM contains the token manager in order to validate auth requests
	TM *tokens.TokenManager
	// Logger provides the zap logger to do logging things from the handlers
	Logger *zap.SugaredLogger
	// ReadyChecks is a set of checkFuncs to determine if the application is "ready" upon startup
	ReadyChecks Checks
	// JWTKeys contains the set of valid JWT authentication key
	JWTKeys jwk.Set
	// SessionConfig to handle sessions
	SessionConfig *sessions.SessionConfig
	// EmailManager to handle sending emails
	EmailManager *emails.EmailManager
	// TaskMan manages tasks in a separate goroutine to allow for non blocking operations
	TaskMan *marionette.TaskManager
	// OauthProvider contains the configuration settings for all supported Oauth2 providers
	OauthProvider OauthProviderConfig
}

Handler contains configuration options for handlers

func (*Handler) AddReadinessCheck 

func (h *Handler) AddReadinessCheck(name string, f CheckFunc)

AddReadinessCheck will accept a function to be ran during calls to /readyz These functions should accept a context and only return an error. When adding a readiness check a name is also provided, this name will be used when returning the state of all the checks

func (*Handler) BeginWebauthnLogin added in v0.3.0 

func (h *Handler) BeginWebauthnLogin(ctx echo.Context) error

func (*Handler) BeginWebauthnRegistration added in v0.3.0 

func (h *Handler) BeginWebauthnRegistration(ctx echo.Context) error

func (*Handler) CheckAndCreateUser added in v0.3.0 

func (h *Handler) CheckAndCreateUser(ctx context.Context, name, email string, provider enums.AuthProvider) (*ent.User, error)

CheckAndCreateUser takes a user with an OauthTooToken set in the context and checks if the user is already created if the user already exists, update last seen

func (*Handler) FinishWebauthnLogin added in v0.3.0 

func (h *Handler) FinishWebauthnLogin(ctx echo.Context) error

func (*Handler) FinishWebauthnRegistration added in v0.3.0 

func (h *Handler) FinishWebauthnRegistration(ctx echo.Context) error

func (*Handler) ForgotPassword added in v0.2.3 

func (h *Handler) ForgotPassword(ctx echo.Context) error

ForgotPassword will send an forgot password email if the provided email exists

func (*Handler) GetGitHubLoginHandlers added in v0.2.7 

func (h *Handler) GetGitHubLoginHandlers() (http.Handler, http.Handler)

GetGitHubLoginHandlers returns the github login and callback handlers

func (*Handler) GetGoogleLoginHandlers added in v0.2.7 

func (h *Handler) GetGoogleLoginHandlers() (http.Handler, http.Handler)

GetGoogleLoginHandlers returns the google login and callback handlers

func (*Handler) IsAuthenticated added in v0.2.7 

func (h *Handler) IsAuthenticated(req *http.Request) bool

IsAuthenticated checks the sessions to a valid session cookie

func (*Handler) JWKSWellKnownHandler 

func (h *Handler) JWKSWellKnownHandler(ctx echo.Context) error

JWKSWellKnownHandler provides the JWK used to verify all Datum-issued JWTs

func (*Handler) LoginHandler 

func (h *Handler) LoginHandler(ctx echo.Context) error

LoginHandler validates the user credentials and returns a valid cookie this only supports username password login today (not oauth)

func (*Handler) Logout added in v0.2.7 

func (h *Handler) Logout(ctx echo.Context) error

func (*Handler) OpenIDConfiguration added in v0.3.0 

func (h *Handler) OpenIDConfiguration(ctx echo.Context) error

OpenIDConfiguration returns a JSON document with the OpenID configuration as defined by the OpenID Connect standard: https://connect2id.com/learn/openid-connect. This document helps clients understand how to authenticate with Datum.

func (*Handler) OrganizationInviteAccept added in v0.2.6 

func (h *Handler) OrganizationInviteAccept(ctx echo.Context) error

OrganizationInviteAccept is responsible for handling the invitation of a user to an organization. It receives a request with the user's invitation details, validates the request, and creates organization membership for the user On success, it returns a response with the organization information

func (*Handler) RefreshHandler 

func (h *Handler) RefreshHandler(ctx echo.Context) error

RefreshHandler allows users to refresh their access token using their refresh token.

func (*Handler) RegisterHandler added in v0.2.2 

func (h *Handler) RegisterHandler(ctx echo.Context) error

RegisterHandler handles the registration of a new datum user, creating the user, personal organization and sending an email verification to the email address in the request the user will not be able to authenticate until the email is verified

func (*Handler) RequireLogin added in v0.2.7 

func (h *Handler) RequireLogin(next http.Handler) http.Handler

RequireLogin redirects unauthenticated users to the login route

func (*Handler) ResendEmail added in v0.2.3 

func (h *Handler) ResendEmail(ctx echo.Context) error

ResendEmail will resend an email verification email if the provided email exists

func (*Handler) ResetPassword added in v0.2.4 

func (h *Handler) ResetPassword(ctx echo.Context) error

ResetPassword allows the user (after requesting a password reset) to set a new password - the password reset token needs to be set in the request and not expired. If the request is successful, a confirmation of the reset is sent to the user and a 204 no content is returned

func (*Handler) RobotsHandler added in v0.2.5 

func (h *Handler) RobotsHandler(ctx echo.Context) error

RobotsHandler # https://www.robotstxt.org/robotstxt.html

func (*Handler) SecurityHandler added in v0.2.5 

func (h *Handler) SecurityHandler(ctx echo.Context) error

SecurityHandler hosts the /security.txt endpoint https://securitytxt.org/, signed with our GPG key

func (*Handler) SendOrgInvitationEmail added in v0.2.6 

func (h *Handler) SendOrgInvitationEmail(i *emails.Invite) error

SendOrgInvitationEmail sends an email inviting a user to join Datum and an existing organization

func (*Handler) SendPasswordResetRequestEmail added in v0.2.2 

func (h *Handler) SendPasswordResetRequestEmail(user *User) error

SendPasswordResetRequestEmail Send an email to a user to request them to reset their password

func (*Handler) SendPasswordResetSuccessEmail added in v0.2.2 

func (h *Handler) SendPasswordResetSuccessEmail(user *User) error

SendPasswordResetSuccessEmail Send an email to a user to inform them that their password has been reset

func (*Handler) SendVerificationEmail added in v0.2.2 

func (h *Handler) SendVerificationEmail(user *User) error

func (*Handler) VerifyEmail added in v0.2.3 

func (h *Handler) VerifyEmail(ctx echo.Context) error

type Invite added in v0.2.6 

type Invite struct {
	Token     string
	Password  string `json:"password"`
	FirstName string `json:"first_name"`
	LastName  string `json:"last_name"`
	Email     string
	DestOrgID ulid.ULID
	Role      enums.Role
	InviteToken
}

Invite holds the Token, InviteToken references, and the additional user input to // complete acceptance of the invitation

func (*Invite) GetInviteExpires added in v0.2.6 

func (i *Invite) GetInviteExpires() (time.Time, error)

GetInviteExpires returns the expiration time of invite token

func (*Invite) GetInviteToken added in v0.2.6 

func (i *Invite) GetInviteToken() string

GetInviteToken returns the invitation token if its valid

type InviteReply added in v0.2.6 

type InviteReply struct {
	ID          string `json:"user_id"`
	Email       string `json:"email"`
	Message     string `json:"message"`
	JoinedOrgID string `json:"joined_org_id"`
	Role        string `json:"role"`
}

InviteReply holds the fields that are sent on a response to an accepted invitation

type InviteRequest added in v0.2.6 

type InviteRequest struct {
	FirstName string `json:"first_name"`
	LastName  string `json:"last_name"`
	Password  string `json:"password"`
}

InviteRequest holds the additional input from the user collected during acceptance

type InviteToken added in v0.2.6 

type InviteToken struct {
	Expires sql.NullString
	Token   sql.NullString
	Secret  []byte
}

InviteToken holds data specific to a future user of the system for invite logic

type LoginRequest added in v0.2.3 

type LoginRequest struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

LoginRequest to authenticate with the Datum Sever

type MissingRequiredFieldError added in v0.2.2 

type MissingRequiredFieldError struct {
	// RequiredField that is missing
	RequiredField string
}

MissingRequiredFieldError is returned when a required field was not provided in a request

func (*MissingRequiredFieldError) Error added in v0.2.2 

func (e *MissingRequiredFieldError) Error() string

Error returns the InvalidEmailConfigError in string format

type OauthProviderConfig added in v0.2.7 

type OauthProviderConfig struct {
	RedirectURL string `yaml:"redirectURL" split_words:"true" default:"http://localhost:3001/api/auth/callback/datum"`
	GithubConfig
	GoogleConfig
}

OauthProviderConfig represents the configuration for OAuth providers such as Github and Google

type RefreshRequest 

type RefreshRequest struct {
	RefreshToken string `json:"refresh_token"`
}

type RegisterReply added in v0.2.2 

type RegisterReply struct {
	ID      string `json:"user_id"`
	Email   string `json:"email"`
	Message string `json:"message"`
	// TODO: remove this before go live, we shouldn't actually return the token here
	Token string `json:"token"`
}

RegisterReply holds the fields that are sent on a response to the `/register` endpoint

type RegisterRequest added in v0.2.2 

type RegisterRequest struct {
	FirstName string `json:"first_name"`
	LastName  string `json:"last_name"`
	Email     string `json:"email"`
	Password  string `json:"password"`
}

RegisterRequest holds the fields that should be included on a request to the `/register` endpoint

func (*RegisterRequest) Validate added in v0.2.2 

func (r *RegisterRequest) Validate() error

Validate the register request ensuring that the required fields are available and that the password is valid - an error is returned if the request is not correct. This method also performs some basic data cleanup, trimming whitespace

type ResendReply added in v0.2.3 

type ResendReply struct {
	Message string `json:"message"`
}

ResendReply holds the fields that are sent on a response to the `/resend` endpoint

type ResendRequest added in v0.2.3 

type ResendRequest struct {
	Email string `json:"email"`
}

ResendRequest contains fields for a resend email verification request

type ResetPassword added in v0.2.4 

type ResetPassword struct {
	Password string
	Token    string
}

ResetPassword contains the full request to validate a password reset

type ResetPasswordReply added in v0.2.4 

type ResetPasswordReply struct {
	Message string `json:"message"`
}

ResetPasswordReply is the response returned from a non-successful password reset request on success, no content is returned (204)

type ResetPasswordRequest added in v0.2.4 

type ResetPasswordRequest struct {
	Password string `json:"password"`
}

ResetPasswordRequest contains user input required to reset a user's password

type Response 

type Response struct {
	StatusCode int         `json:"status,omitempty"`
	Message    string      `json:"message,omitempty"`
	Data       interface{} `json:"data,omitempty"`
}

type URLToken added in v0.2.6 

type URLToken struct {
	Expires sql.NullString
	Token   sql.NullString
	Secret  []byte
}

URLToken holds data specific to a future user of the system for invite logic

type User 

type User struct {
	ID                       string
	FirstName                string
	LastName                 string
	Name                     string
	Email                    string
	Password                 *string
	EmailVerificationExpires sql.NullString
	EmailVerificationToken   sql.NullString
	EmailVerificationSecret  []byte
	PasswordResetExpires     sql.NullString
	PasswordResetToken       sql.NullString
	PasswordResetSecret      []byte
	URLToken
}

User holds data specific to the datum user for the REST handlers for login, registration, verification, etc

func (*User) CreatePasswordResetToken added in v0.2.4 

func (u *User) CreatePasswordResetToken() error

CreatePasswordResetToken creates a new reset token for the user

func (*User) CreateVerificationToken added in v0.2.2 

func (u *User) CreateVerificationToken() error

CreateVerificationToken creates a new email verification token for the user

func (*User) GetPasswordResetExpires added in v0.2.3 

func (u *User) GetPasswordResetExpires() (time.Time, error)

GetPasswordResetExpires returns the expiration time of password verification token

func (*User) GetPasswordResetToken added in v0.2.3 

func (u *User) GetPasswordResetToken() string

GetPasswordResetToken returns the password reset token if its valid

func (*User) GetVerificationExpires added in v0.2.2 

func (u *User) GetVerificationExpires() (time.Time, error)

GetVerificationExpires returns the expiration time of email verification token

func (*User) GetVerificationToken added in v0.2.2 

func (u *User) GetVerificationToken() string

GetVerificationToken returns the verification token if its valid

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.