account

package
v1.6.16 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 21, 2026 License: GPL-3.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func HandleAddPasskeyBegin 

func HandleAddPasskeyBegin(w http.ResponseWriter, r *http.Request)

HandleAddPasskeyBegin godoc @Summary Begin passkey registration @Description Initiates a WebAuthn registration ceremony to add a new passkey to the authenticated user's account. @Tags account-security @Produce json @Security UserAuth @Success 200 {object} map[string]any "Challenge ID and WebAuthn creation options" @Failure 401 {object} model.ApiError @Failure 500 {object} model.ApiError @Router /account/api/passkeys/register/begin [post]

func HandleAddPasskeyFinish 

func HandleAddPasskeyFinish(w http.ResponseWriter, r *http.Request)

HandleAddPasskeyFinish godoc @Summary Complete passkey registration @Description Completes the WebAuthn registration ceremony and stores the new passkey credential. @Tags account-security @Accept json @Produce json @Param challenge_id query string true "Challenge ID from begin registration" @Security UserAuth @Success 200 {object} map[string]string @Failure 400 {object} model.ApiError @Failure 401 {object} model.ApiError @Failure 403 {object} model.ApiError @Router /account/api/passkeys/register/finish [post]

func HandleDeleteMfa 

func HandleDeleteMfa(w http.ResponseWriter, r *http.Request)

HandleDeleteMfa godoc @Summary Disable MFA @Description Disables TOTP MFA for the authenticated user. Requires current password and a valid TOTP code. Revokes all sessions after disabling. @Tags account-security @Accept json @Produce json @Param request body DisableMfaRequest true "Password and TOTP code for confirmation" @Security UserAuth @Success 200 {object} map[string]string @Failure 400 {object} model.ApiError @Failure 401 {object} model.ApiError @Failure 403 {object} model.ApiError @Router /account/api/mfa/totp [delete]

func HandleDeletePasskey 

func HandleDeletePasskey(w http.ResponseWriter, r *http.Request)

HandleDeletePasskey godoc @Summary Delete a passkey @Description Deletes a registered passkey belonging to the authenticated user. @Tags account-security @Produce json @Param id path string true "Passkey ID" @Security UserAuth @Success 200 {object} map[string]string @Failure 400 {object} model.ApiError @Failure 401 {object} model.ApiError @Failure 403 {object} model.ApiError @Router /account/api/passkeys/{id} [delete]

func HandleDisconnectProvider 

func HandleDisconnectProvider(w http.ResponseWriter, r *http.Request)

HandleDisconnectProvider godoc @Summary Disconnect a provider @Description Removes a linked external identity provider. Cannot disconnect the only login method. @Tags account-federation @Produce json @Param id path string true "Federated identity ID" @Security UserAuth @Success 200 {object} map[string]string @Failure 400 {object} model.ApiError @Failure 401 {object} model.ApiError @Failure 403 {object} model.ApiError @Router /account/api/connected-providers/{id} [delete]

func HandleGetMfaStatus 

func HandleGetMfaStatus(w http.ResponseWriter, r *http.Request)

HandleGetMfaStatus godoc @Summary Get MFA status @Description Returns the MFA enrollment status for the authenticated user. @Tags account-security @Produce json @Security UserAuth @Success 200 {object} MfaStatusResponse @Failure 401 {object} model.ApiError @Router /account/api/mfa [get]

func HandleGetProfile 

func HandleGetProfile(w http.ResponseWriter, r *http.Request)

HandleGetProfile godoc @Summary Get current user profile @Description Returns the authenticated user's profile information. @Tags account @Produce json @Security UserAuth @Success 200 {object} user.UserResponse @Failure 401 {object} model.ApiError @Router /account/api/profile [get]

func HandleGetSettings 

func HandleGetSettings(w http.ResponseWriter, r *http.Request)

HandleGetSettings godoc @Summary Get account settings @Description Returns public-facing configuration the account UI needs (theme, auth mode, profile field visibility, etc.). @Tags account @Produce json @Security UserAuth @Success 200 {object} map[string]any @Router /account/api/settings [get]

func HandleListConnectedProviders 

func HandleListConnectedProviders(w http.ResponseWriter, r *http.Request)

HandleListConnectedProviders godoc @Summary List connected providers @Description Returns all external identity providers linked to the authenticated user's account. @Tags account-federation @Produce json @Security UserAuth @Success 200 {array} ConnectedProviderResponse @Failure 401 {object} model.ApiError @Router /account/api/connected-providers [get]

func HandleListPasskeys 

func HandleListPasskeys(w http.ResponseWriter, r *http.Request)

HandleListPasskeys godoc @Summary List passkeys @Description Returns all registered passkeys for the authenticated user. @Tags account-security @Produce json @Security UserAuth @Success 200 {array} PasskeyResponse @Failure 401 {object} model.ApiError @Router /account/api/passkeys [get]

func HandleListSessions 

func HandleListSessions(w http.ResponseWriter, r *http.Request)

HandleListSessions godoc @Summary List current user's sessions @Description Returns all active sessions for the authenticated user, with the current session flagged. @Tags account-security @Produce json @Security UserAuth @Success 200 {array} SessionResponse @Failure 401 {object} model.ApiError @Router /account/api/sessions [get]

func HandleListTrustedDevices 

func HandleListTrustedDevices(w http.ResponseWriter, r *http.Request)

HandleListTrustedDevices godoc @Summary List trusted devices @Description Returns all trusted devices for the authenticated user (devices that bypass MFA). @Tags account-security @Produce json @Security UserAuth @Success 200 {array} TrustedDeviceResponse @Failure 401 {object} model.ApiError @Router /account/api/trusted-devices [get]

func HandleRenamePasskey 

func HandleRenamePasskey(w http.ResponseWriter, r *http.Request)

HandleRenamePasskey godoc @Summary Rename a passkey @Description Updates the display name of a registered passkey. @Tags account-security @Accept json @Produce json @Param id path string true "Passkey ID" @Param request body PasskeyRenameRequest true "Rename payload" @Security UserAuth @Success 200 {object} map[string]string @Failure 400 {object} model.ApiError @Failure 401 {object} model.ApiError @Failure 403 {object} model.ApiError @Router /account/api/passkeys/{id} [patch]

func HandleRevokeSession 

func HandleRevokeSession(w http.ResponseWriter, r *http.Request)

HandleRevokeSession godoc @Summary Revoke a session @Description Revokes one of the authenticated user's sessions. Cannot revoke the current session. @Tags account-security @Produce json @Param id path string true "Session ID" @Security UserAuth @Success 200 {object} map[string]string @Failure 400 {object} model.ApiError @Failure 401 {object} model.ApiError @Failure 403 {object} model.ApiError @Failure 404 {object} model.ApiError @Router /account/api/sessions/{id} [delete]

func HandleRevokeTrustedDevice 

func HandleRevokeTrustedDevice(w http.ResponseWriter, r *http.Request)

HandleRevokeTrustedDevice godoc @Summary Revoke a trusted device @Description Removes a trusted device so it will require MFA again on next login. @Tags account-security @Produce json @Param id path string true "Trusted device ID" @Security UserAuth @Success 200 {object} map[string]string @Failure 400 {object} model.ApiError @Failure 401 {object} model.ApiError @Failure 403 {object} model.ApiError @Router /account/api/trusted-devices/{id} [delete]

func HandleSetupTotp 

func HandleSetupTotp(w http.ResponseWriter, r *http.Request)

HandleSetupTotp godoc @Summary Begin TOTP setup @Description Generates a TOTP secret and QR code URI for enrollment. Must be verified before activation. @Tags account-security @Produce json @Security UserAuth @Success 200 {object} TotpSetupResponse @Failure 401 {object} model.ApiError @Failure 409 {object} model.ApiError @Router /account/api/mfa/totp/setup [post]

func HandleUpdatePassword 

func HandleUpdatePassword(w http.ResponseWriter, r *http.Request)

HandleUpdatePassword godoc @Summary Change password @Description Changes the authenticated user's password. Requires the current password for verification. @Tags account-security @Accept json @Produce json @Param request body UpdatePasswordRequest true "Password change payload" @Security UserAuth @Success 200 {object} map[string]string @Failure 400 {object} model.ApiError @Failure 401 {object} model.ApiError @Failure 403 {object} model.ApiError @Router /account/api/password [post]

func HandleUpdateProfile 

func HandleUpdateProfile(w http.ResponseWriter, r *http.Request)

HandleUpdateProfile godoc @Summary Update current user profile @Description Updates the authenticated user's profile fields (username, email, name, etc.). @Tags account @Accept json @Produce json @Param request body user.UserUpdateRequest true "Profile update payload" @Security UserAuth @Success 200 {object} user.UserResponse @Failure 400 {object} model.ApiError @Failure 401 {object} model.ApiError @Failure 403 {object} model.ApiError @Failure 409 {object} model.ApiError @Router /account/api/profile [put]

func HandleVerifyTotp 

func HandleVerifyTotp(w http.ResponseWriter, r *http.Request)

HandleVerifyTotp godoc @Summary Verify TOTP enrollment @Description Verifies a TOTP code to complete enrollment. The secret must have been generated via setup first. @Tags account-security @Accept json @Produce json @Param request body TotpVerifyRequest true "TOTP verification code" @Security UserAuth @Success 200 {object} map[string]string @Failure 400 {object} model.ApiError @Failure 401 {object} model.ApiError @Router /account/api/mfa/totp/verify [post]

func Handler 

func Handler() http.Handler

Handler returns an http.Handler that serves the account SPA. Static files are served directly; all other paths fall back to index.html so that client-side routing works.

Types

type ConnectedProviderResponse 

type ConnectedProviderResponse struct {
	ID           string    `json:"id"`
	ProviderID   string    `json:"provider_id"`
	ProviderName string    `json:"provider_name"`
	Email        string    `json:"email,omitempty"`
	CreatedAt    time.Time `json:"created_at"`
}

type DisableMfaRequest 

type DisableMfaRequest struct {
	CurrentPassword string `json:"current_password"`
	Code            string `json:"code"`
}

type MfaStatusResponse 

type MfaStatusResponse struct {
	TotpEnabled bool `json:"totp_enabled"`
}

type PasskeyRenameRequest 

type PasskeyRenameRequest struct {
	Name string `json:"name"`
}

type PasskeyResponse 

type PasskeyResponse struct {
	ID         string     `json:"id"`
	Name       string     `json:"name"`
	CreatedAt  time.Time  `json:"created_at"`
	LastUsedAt *time.Time `json:"last_used_at,omitempty"`
}

type SessionResponse 

type SessionResponse struct {
	ID             string     `json:"id"`
	UserAgent      string     `json:"user_agent"`
	IPAddress      string     `json:"ip_address"`
	LastActivityAt *time.Time `json:"last_activity_at"`
	CreatedAt      time.Time  `json:"created_at"`
	IsCurrent      bool       `json:"is_current"`
}

type TotpSetupResponse 

type TotpSetupResponse struct {
	Secret     string `json:"secret"`
	QrCodeData string `json:"qr_code_data"`
}

type TotpVerifyRequest 

type TotpVerifyRequest struct {
	Code string `json:"code"`
}

type TrustedDeviceResponse 

type TrustedDeviceResponse struct {
	ID         string    `json:"id"`
	DeviceName string    `json:"device_name"`
	CreatedAt  time.Time `json:"created_at"`
	LastUsedAt time.Time `json:"last_used_at"`
	ExpiresAt  time.Time `json:"expires_at"`
}

type UpdatePasswordRequest 

type UpdatePasswordRequest struct {
	CurrentPassword string `json:"current_password"`
	NewPassword     string `json:"new_password"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.