auth

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 25, 2019 License: MIT Imports: 9 Imported by: 0

Documentation

Overview

package auth provides a default authentication framework based on user name and password. To use it, call RegisterAuthenticationService and pass it a structure that will handle the various routines for authentication.

Index

Constants

View Source 
const (
	AuthHello        string = "hello" // Requires a session in order to create a new user. Helps us rate limit new user requests.
	AuthNewUser      string = "new"
	AuthOpLogin      string = "login"
	AuthOpTokenLogin string = "token"
	AuthOpRevoke     string = "logout"
	AuthOpRecover    string = "recover"
)

Variables

View Source 
var ApiEndpoint = "/auth"

ApiEndpoint is the url for the authorization api. Feel free to change the default during startup.

View Source 
var HackerDelay = 20 * time.Second

HackerDelay is the amount of time to delay a response if we detect a hacker. Feel free to change the default during startup.

View Source 
var LoginRateLimit int64 = 2

Number of seconds to permit between login attempts. Attempts to login faster than this will be rejected.

Functions

func MakeAuthApiServer 

func MakeAuthApiServer(a app.ApplicationI) http.Handler

func RegisterAuthenticationService 

func RegisterAuthenticationService(a AuthI)

Types

type AuthI 

type AuthI interface {
	// NewUser should create a new user in your database with the given credentials. If you are using token based
	// authentication, send back the token you have created and saved in your database. You can send it back in the
	// body of your response, or as a header. You should also save an identifier for the user in the session so that
	// the new user is also logged in. Return true if the attempt was successful, false if not.
	// One reason for an unsuccessful attempt might
	// be too short a user name, or an insecure password. Communicate that information in your response to the client.
	NewUser(ctx context.Context, user string, password string, w http.ResponseWriter) bool
	// Login attempts to log in using the given user name and password. Return true if the login attempt was
	// successful, and false if not. If using tokens, return a saved token on successful login. Also, put the user
	// id in the session. If login was not
	// successful, return that information to the client, likely by returning a 401 response code in the header.
	Login(ctx context.Context, user string, password string, w http.ResponseWriter) bool
	// TokenLogin attempts to log in using the given token. This would be a token that you have previously returned
	// in one of the above methods. Put a user id in the session if successful. Return true if successful and false if not.
	TokenLogin(ctx context.Context, token string, w http.ResponseWriter) bool
	// RevokeToken will revoke the given token and will close the session. You should delete the token from the database.
	RevokeToken(ctx context.Context, token string)
	// Recover should give the user information on how to reset the password. We do not immediately reset anything,
	// since this might come from a malicious attack. Only after the user has successfully completed the recovery
	// process should you remove all tokens associated with this user.
	Recover(ctx context.Context, method string)
}

AuthI describes the interface for the authorization service you should implement. Note that rate limiting and general hacker protection has already been done for you.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.