Documentation
¶
Index ¶
- Constants
- Variables
- func AppendToSecurityTable(x ...GinLoginType)
- func BindFormOrJSON(c *gin.Context, bindTo interface{}) (err error)
- func BindFormOrJSONOptional(c *gin.Context, bindTo interface{}) (err error)
- func CallDatabaseJSONFunction(c *gin.Context, fCall string, encPat string, data ...interface{}) (rv string, err error)
- func CallDatabaseJSONFunctionNoErr(c *gin.Context, fCall string, encPat string, data ...interface{}) (rv string, err error)
- func Confirm2faSetupAccount(c *gin.Context, UserId string)
- func ConfirmEmailAccount(c *gin.Context, EmailVerifyToken string) (rv, stmt string, err error)
- func ConnectToDb()
- func ConvPrivs(Privileges string) (rv string, mr map[string]bool)
- func ConvPrivs2(Privileges []string) (rv string, mr map[string]bool)
- func CookieHeaderAuthMiddleware(ginSetupTable []GinLoginType) gin.HandlerFunc
- func CreateJWTSignedCookie(c *gin.Context, DBAuthToken, email_addr string) (rv string, err error)
- func CreateJWTSignedCookieNoErr(DBAuthToken, email_addr string) (rv string, err error)
- func DecryptText(key, text []byte) ([]byte, error)
- func DisConnectToDb()
- func DumpParamsToLog(when string, c *gin.Context)
- func EmptyDflt(s, d string) string
- func EncryptText(key, text []byte) ([]byte, error)
- func EncryptTextIndexable(key, xiv, text []byte) ([]byte, error)
- func EncryptTextToB64(key, text []byte) string
- func EncryptTextToB64Indexable(key, iv, text []byte) string
- func GenUUID() string
- func GenerateSecret() string
- func GetAuthToken(c *gin.Context) (UserId string, AuthToken string)
- func GetMapKeys[K comparable, V any](m map[K]V) []K
- func GetUserId(c *gin.Context) (UserId string, err error)
- func GinInitAuthPaths(router *gin.Engine)
- func HasCookie(cookieName string, c *gin.Context) (has bool, val string)
- func IsLoggedIn(c *gin.Context) (ItIs bool)
- func IsTLS(c *gin.Context) bool
- func IsXDBOn(name string) (b bool)
- func LogJsonReturned(x interface{}) interface{}
- func MintQRPng(c *gin.Context, InputString string) (qrurl string)
- func ParseBool(s string) (b bool)
- func ReadJson(fn string, x interface{}) (err error)
- func RmExt(filename string) string
- func SVar(v interface{}) string
- func SVarI(v interface{}) string
- func SaveState(cookieValue string, UserId string, c *gin.Context) (err error)
- func SetCookie(cookieName, cookieValue string, c *gin.Context)
- func SetDefaultRunner()
- func SetInsecureCookie(cookieName, cookieValue string, c *gin.Context)
- func SetJsonHdr(c *gin.Context)
- func SetupConnectToJwtAuth(xctx context.Context, xconn *pgxpool.Pool, gcfg *data.GlobalConfigData, ...)
- func SetupNewInstall() (err error)
- func SortSlice[T constraints.Ordered](s []T)
- func SortedMapKeys[K constraints.Ordered, V any](m map[K]V) []K
- func SqlRunStmt(c *gin.Context, stmt string, encPat string, data ...interface{}) (rv []map[string]interface{}, err error)
- func StatusSuccess(s string, c *gin.Context) string
- func TestSendEmail(SendTestEmail, SendTestEmailTemplateToRun string)
- func TokenAuthMiddleware() gin.HandlerFunc
- func UrlGetServer(s string) (rv string)
- func UrlShortCreateHandler(c *gin.Context)
- func UrlShortHandler(c *gin.Context)
- func ValidatePasswords() (err error)
- func ValidateXsrfId(c *gin.Context, XsrfId string) (err error)
- func XArgs(v ...interface{}) string
- func ZadditionalEscape(s string) (rv string)
- type AcctSetupSuccess
- type ApiAdminChangePassword
- type ApiAuthChangeEmail
- type ApiAuthChangePassword
- type ApiAuthEmailValidate
- type ApiAuthLogin
- type ApiAuthQrForSecret
- type ApiAuthRecoverPassword03SetPassword
- type ApiAuthRecoveryPassword02FetchInfo
- type ApiAuthRefreshToken
- type ApiAuthRegister
- type ApiAuthRegisterClientAdmin
- type ApiAuthResendEmailRegister
- type ApiAuthSetDebugFlag
- type ApiAuthSipLogin0
- type ApiAuthSipRegister
- type ApiAuthUn
- type ApiAuthValidate2faToken
- type ApiCreateClient
- type ApiCreateRegistrationToken
- type ApiEmail
- type ApiEmailOptional
- type ApiGetRegistrationToken
- type ApiSetUserConfig
- type ApiUrlShortCreateType
- type ApiUrlShortType
- type CreateClientSuccess
- type CreateClientSuccess2
- type CreateRegistrationStuccess
- type EmailConfirmSuccess
- type EmailSetupSuccess
- type GetUserConfigSuccess
- type GinLoginType
- type JwtClaims
- type LoginSuccess
- type NvPair
- type QrForSecretSuccess
- type RecoverPassword02Success
- type RecoverPassword03SetPasswordSuccess
- type RefreshTokenSuccess
- type RegenOTPSuccess
- type RegisterSuccess
- type ResendEmailRegisterSuccess
- type ReturnStatusSuccess
- type ReturnSuccess
- type RvChangeEmailAddressType
- type RvChangePasswordAdminType
- type RvChangePasswordType
- type RvCreateClientType
- type RvCreateRegistrationTokenType
- type RvDeleteAccountType
- type RvEmailConfirm
- type RvGetRegistrationTokenType
- type RvGetSecretType
- type RvGetUserConfigType
- type RvLoginType
- type RvRecoverPassword01Setup
- type RvRecoverPassword02FetchInfo
- type RvRecoverPassword03SetPassword
- type RvRefreshTokenType
- type RvRegenOTPType
- type RvRegisterClientAdminType
- type RvRegisterTokenAccountType
- type RvRegisterType
- type RvRegisterUnPwAccountType
- type RvResendEmailRegisterType
- type RvUrlShortCreateReturned
- type RvUrlShortReturned
- type RvValidate2faTokenType
- type SQLAcctStatusType
- type SQLIntType
- type SQLStatusType
- type SQLStringType
- type SQLUserIdPrivsType
- type SetDebugFlagSuccess
- type SipLogin0Success
- type SipLogin1Success
- type SipLogin22uccess
- type StdErrorReturn
- type Validate2faTokenSuccess
- type X2faSetupSuccess
Constants ¶
View Source
const ( LoginRequired = 1 PublicApiCall = 0 LoginOptional = 2 )
Variables ¶
View Source
var GinSetupTable = []GinLoginType{ {Method: "POST", Path: "/api/v1/auth/login", Fx: authHandleLogin, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/register", Fx: authHandleRegister, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/register-client-admin", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/create-user-admin", Fx: authHandleRegister, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/validate-2fa-token", Fx: authHandleValidate2faToken, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/email-confirm", Fx: authHandlerEmailConfirm, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/recover-password-01-setup", Fx: authHandleRecoverPassword01Setup, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/recover-password-01-setup", Fx: authHandleRecoverPassword01Setup, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/recover-password-02-fetch-info", Fx: authHandleRecoverPassword02FetchInfo, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/recover-password-02-fetch-info", Fx: authHandleRecoverPassword02FetchInfo, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/recover-password-03-set-password", Fx: authHandleRecoverPassword03SetPassword, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/no-login-status", Fx: authHandleNoLoginStatus, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/no-login-status", Fx: authHandleNoLoginStatus, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/2fa-has-been-setup", Fx: authHandle2faHasBeenSetup, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/email-has-been-validated", Fx: authHandleEmailHasBeenSetup, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/acct-status", Fx: authHandleAcctHasBeenSetup, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/id.json", Fx: loginTrackingJsonHandler, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/set-debug-flag", Fx: authHandlerSetDebugFlag, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/resend-registration-email", Fx: authHandleResendRegistrationEmail, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/setup.js", Fx: authHandlerGetXsrfIdFile, UseLogin: PublicApiCall}, {Method: "POST", Path: "/api/v1/auth/generate-qr-for-secret", Fx: authHandleGenerateQRForSecret, UseLogin: PublicApiCall}, {Method: "GET", Path: "/api/v1/auth/logout", Fx: authHandleLogout, UseLogin: LoginOptional}, {Method: "POST", Path: "/api/v1/auth/logout", Fx: authHandleLogout, UseLogin: LoginOptional}, {Method: "POST", Path: "/api/v1/auth/login-status", Fx: authHandleLoginStatus, UseLogin: LoginRequired}, {Method: "GET", Path: "/api/v1/auth/login-status", Fx: authHandleLoginStatus, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/change-password", Fx: authHandleChangePassword, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/delete-acct", Fx: authHandleDeleteAccount, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/regen-otp", Fx: authHandleRegenOTP, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/register-un-pw", Fx: authHandleRegisterUnPw, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/register-token", Fx: authHandleRegisterToken, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/change-email-address", Fx: authHandleChangeEmailAddress, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/change-account-info", Fx: authHandleChangeAccountInfo, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/change-password-admin", Fx: authHandleChangePasswordAdmin, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/refresh-token", Fx: authHandleRefreshToken, UseLogin: LoginRequired}, {Method: "GET", Path: "/api/v1/auth/get-user-config", Fx: authHandleGetUserConfig, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/get-user-config", Fx: authHandleGetUserConfig, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/set-user-config", Fx: authHandleSetUserConfig, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/create-client", Fx: authHandleCreateClient, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/create-registration-token", Fx: authHandleCreateRegistrationToken, UseLogin: LoginRequired}, {Method: "POST", Path: "/api/v1/auth/get-registration-token", Fx: authHandleGetRegistrationToken, UseLogin: LoginRequired}, }
View Source
var PrivilegedNames = []string{"__is_logged_in__", "__user_id__", "__auth_token__", "__privs__", "__privs_map__", "__jwt_token__", "__email_hmac_password__", "__user_password__", "__client_id__"}
View Source
var XDbOn = make(map[string]bool)
View Source
var XDbOnLock = sync.RWMutex{}
Functions ¶
func AppendToSecurityTable ¶
func AppendToSecurityTable(x ...GinLoginType)
-------------------------------------------------------------------------------------------------------------------------
func BindFormOrJSON ¶
func BindFormOrJSONOptional ¶
func Confirm2faSetupAccount ¶
-------------------------------------------------------------------------------------------------------------------------
func ConfirmEmailAccount ¶
-------------------------------------------------------------------------------------------------------------------------
ConfirmEmailAccount uses the token to lookup a user and confirms that the email that received the token is real.
func ConnectToDb ¶
func ConnectToDb()
func ConvPrivs ¶
Input : [{"priv_name":"May Change Password"}, {"priv_name":"May Password"}] Outupt : {"May Change Password":true, "May Password":true}
func ConvPrivs2 ¶
Input : ["May Change Password", "May Do Whatever"] Outupt : {"May Change Password":true, "May Do Whatever":true}
func CookieHeaderAuthMiddleware ¶
func CookieHeaderAuthMiddleware(ginSetupTable []GinLoginType) gin.HandlerFunc
func CreateJWTSignedCookie ¶
func DecryptText ¶
func DumpParamsToLog ¶
func EncryptText ¶
func EncryptTextIndexable ¶
func EncryptTextToB64 ¶
func GenerateSecret ¶
func GenerateSecret() string
-------------------------------------------------------------------------------------------------------------------------
func GetMapKeys ¶
func GetMapKeys[K comparable, V any](m map[K]V) []K
GetMapKeys Get all the keys from any typed map. (generic)
func GetUserId ¶
------------------------------------------------------------------------------------------------------------------------- GetUserId will return a UserID - if the user is currently logged in then it is from __user_id__ in the context. If the user is not logged in then 0 will be returned.
func GinInitAuthPaths ¶
-------------------------------------------------------------------------------------------------------------------------
func HasCookie ¶
HasCookie returns true, `has` and a value if the cookie exists. If not then it returns false.
func IsLoggedIn ¶
------------------------------------------------------------------------------------------------------------------------- IsLoggedIn returns true if the user is currently logged in or if the user can be logged in. The login can be determined with a cookie or an berrer auth token. This call has side-effects - it will add authentication information to the context like, __is_logged_in__. See GetAuthToken().
This is the fucntion to call to login a user.
func LogJsonReturned ¶
func LogJsonReturned(x interface{}) interface{}
func MintQRPng ¶
-------------------------------------------------------------------------------------------------------------------------
func RmExt ¶
RmExt removes the extenstion from a file name if it exits. if filename is "bc.js", then "bc" will be retuend.
func SVarI ¶
func SVarI(v interface{}) string
SVarI return the JSON encoded version of the data with tab indentation.
func SaveState ¶
-------------------------------------------------------------------------------------------------------------------------
func SetCookie ¶
SetCookie sets the header to create a cookie. If using TLS then this will be a secure HTTP-Only cookie.
func SetDefaultRunner ¶
func SetDefaultRunner()
func SetInsecureCookie ¶
func SetJsonHdr ¶
SetJsonHdr will set a content-type header to "application/json; charset=utf-8"
func SetupConnectToJwtAuth ¶
func SetupConnectToJwtAuth(xctx context.Context, xconn *pgxpool.Pool, gcfg *data.GlobalConfigData, log *os.File, xem email.EmailSender)
func SetupNewInstall ¶
func SetupNewInstall() (err error)
func SortSlice ¶
func SortSlice[T constraints.Ordered](s []T)
SortSlice will Sort a slice of any type. (generic)
func SortedMapKeys ¶
func SortedMapKeys[K constraints.Ordered, V any](m map[K]V) []K
SortMapKeys will sort the keys on a map and return a slice of sorted keys (generic)
func SqlRunStmt ¶
func SqlRunStmt(c *gin.Context, stmt string, encPat string, data ...interface{}) (rv []map[string]interface{}, err error)
-------------------------------------------------------------------------------------------------------------------------
func StatusSuccess ¶
StatusSuccess prepends to a JSON return value with a status:success. This will also set the "Content-Type" to "application/json; charset=utf-8".
func TestSendEmail ¶
func TestSendEmail(SendTestEmail, SendTestEmailTemplateToRun string)
func TokenAuthMiddleware ¶
func TokenAuthMiddleware() gin.HandlerFunc
func UrlGetServer ¶
func loginTrackingGifHandler(c *gin.Context) {
output, _ := base64.StdEncoding.DecodeString(base64GifPixel)
// output_len = len(output)
var newId string
inm := c.Request.Header.Get("If-None-Match")
dbgo.Printf("%(Yellow)Header Tags: %(Green)If-None-Match ->%s<- at:%(LF)\n", inm)
if inm != "" {
dbgo.Printf("At:%(LF)\n")
// RFC 7232 section 4.1:
// a sender SHOULD NOT generate representation metadata other than the
// above listed fields unless said metadata exists for the purpose of
// guiding cache updates (e.g., Last-Modified might be useful if the
// response does not have an ETag field).
if inm != "" {
dbgo.Printf("At:%(LF) ---------- if none match ------------\n")
dbgo.Fprintf(os.Stderr, "ETag(If-None-Match): %s previous\n", inm)
newId = GenUUID()
stmt := "q_auth_v1_etag_seen ( $1, $2, $3, $4 )"
rv, e0 := CallDatabaseJSONFunction(c, stmt, "..!!", newId, inm, gCfg.EncryptionPassword, gCfg.UserdataPassword)
if e0 != nil {
dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF), err:%s\n", e0)
goto gen
}
// File: /Users/philip/go/src/github.com/pschlump/qr_svr2/gin-upload/jwt_auth/clear_gif.go LineNo:58:
// rv={"status":"success", "user_id":"", "id":"8343616b-d8be-48d4-787c-f69ce98c7aa0"}
dbgo.Fprintf(os.Stderr, "%(cyan)%(LF): rv=%s\n", rv)
type rvEtagData struct {
Status string `json:"status"`
UserId int `json:"user_id"`
RowId string `json:"id"`
Msg string `json:"msg"`
}
var rvData rvEtagData
err := json.Unmarshal([]byte(rv), &rvData)
if err != nil {
dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF), err:%s\n", err)
goto gen
}
dbgo.Fprintf(os.Stderr, "%(cyan)%(LF): parsed data=%s\n", dbgo.SVarI(rvData))
if rvData.Msg == "created" {
dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF) %(red) -- If-None-Match Value Not Found! -- sending back a 200\n")
goto gen
}
h := c.Writer.Header()
delete(h, "Content-Type")
delete(h, "Content-Length")
delete(h, "Last-Modified")
delete(h, "ETag")
h.Set("ETag", inm)
h.Set("Cache-Control", "max-age=31536000") // 1 year
c.Writer.WriteHeader(http.StatusNotModified)
dbgo.Printf("At:%(LF)\n")
return
}
}
gen:
newId = GenUUID()
output = append(output, []byte(newId)...) // tack ID on the end.
hash_output := append(output, []byte(gCfg.EtagPassword)...)
etag := fmt.Sprintf("%x", HashStrings.HashBytes(hash_output))[0:20] // Hash the file
dbgo.Printf("%(cyan)Generate Etag at:%(LF) ->%s<-\n", etag) // Dump so we can see what we are inserting
if db100 {
stmt := "q_auth_v1_etag_seen ( $1, $2, $3, $4 )"
rv, e0 := CallDatabaseJSONFunction(c, stmt, "..!!", newId, etag, gCfg.EncryptionPassword, gCfg.UserdataPassword)
if e0 != nil {
dbgo.Fprintf(os.Stderr, "%(cyan)In Handler at %(LF), err:%s\n", e0)
}
dbgo.Fprintf(logFilePtr, "%(cyan)%(LF): rv=%s\n", rv)
}
h := c.Writer.Header()
h.Set("Content-Type", "image/gif")
h.Set("ETag", etag)
h.Set("Cache-Control", "max-age=31536000") // 1 year
io.WriteString(c.Writer, string(output))
}
2. Just keep the http[s]://Name/ section
func UrlShortCreateHandler ¶
func UrlShortHandler ¶
func ValidatePasswords ¶
func ValidatePasswords() (err error)
func ZadditionalEscape ¶
Types ¶
type AcctSetupSuccess ¶
type AcctSetupSuccess struct {
Status string `json:"status"`
X2faValidated string `json:"x2fa_validated,omitempty"`
EmailValidated string `json:"email_validated,omitempty"`
Msg string `json:"msg,omitempty"`
}
Output returned
type ApiAdminChangePassword ¶
type ApiAuthChangeEmail ¶
type ApiAuthChangeEmail struct {
NewEmail string `json:"new_email" form:"new_email" binding:"required"`
OldEmail string `json:"old_email" form:"old_email" binding:"required"`
Pw string `json:"password" form:"password" binding:"required"`
X2FaPin string `json:"x2fa_pin" form:"x2fa_pin" binding:"required"`
}
Input for api endpoint
type ApiAuthChangePassword ¶
type ApiAuthChangePassword struct {
Email string `json:"email" form:"email" binding:"required,email"`
NewPw string `json:"new_pw" form:"new_pw" binding:"required"`
OldPw string `json:"old_pw" form:"old_pw" binding:"required"`
X2FaPin string `json:"x2fa_pin" form:"x2fa_pin" binding:"required"`
}
------------------------------------------------------------------------------------------------------------------------- jwtConfig.authInternalHandlers["POST:/api/v1/auth/change-password"] = authHandleChangePassword // change passwword Input for api endpoint
type ApiAuthEmailValidate ¶
type ApiAuthEmailValidate struct {
Email string `json:"email" form:"email" `
EmailVerifyToken string `json:"email_verify_token" form:"email_verify_token" binding:"required"`
RedirectTo string `json:"redirect_to" form:"redirect_to"`
}
Input for api endpoint
type ApiAuthLogin ¶
type ApiAuthLogin struct {
Email string `json:"email" form:"email" binding:"required,email"`
Pw string `json:"password" form:"password" binding:"required"`
AmIKnown string `json:"am_i_known" form:"am_i_known"`
XsrfId string `json:"xsrf_id" form:"xsrf_id" binding:"required"`
}
Input for login
type ApiAuthQrForSecret ¶
type ApiAuthRecoverPassword03SetPassword ¶
type ApiAuthRecoverPassword03SetPassword struct {
Email string `json:"email" form:"email" binding:"required,email"`
NewPw string `json:"new_pw" form:"new_pw" binding:"required"`
RecoveryToken string `json:"recovery_token" form:"recovery_token" binding:"required"`
X2FaPin string `json:"x2fa_pin" form:"x2fa_pin" binding:"required"`
}
Input for api endpoint
type ApiAuthRecoveryPassword02FetchInfo ¶
type ApiAuthRecoveryPassword02FetchInfo struct {
Email string `json:"email" form:"email" binding:"required,email"`
RecoveryToken string `json:"recovery_token" form:"recovery_token" binding:"required"`
}
Input for api endpoint
type ApiAuthRefreshToken ¶
type ApiAuthRefreshToken struct {
AmIKnown string `json:"am_i_known" form:"am_i_known"`
XsrfId string `json:"xsrf_id" form:"xsrf_id" binding:"required"`
}
Input for refresh token
type ApiAuthRegister ¶
type ApiAuthRegister struct {
Email string `json:"email" form:"email" binding:"required,email"`
FirstName string `json:"first_name" form:"first_name" binding:"required"`
LastName string `json:"last_name" form:"last_name" binding:"required"`
Pw string `json:"password" form:"password" binding:"required"`
}
Input for api endpoint
type ApiAuthRegisterClientAdmin ¶
type ApiAuthRegisterClientAdmin struct {
Email string `json:"email" form:"email" binding:"required,email"`
FirstName string `json:"first_name" form:"first_name" binding:"required"`
LastName string `json:"last_name" form:"last_name" binding:"required"`
Pw string `json:"password" form:"password" binding:"required"`
Token string `json:"token" form:"token" binding:"required"`
}
Input for api endpoint
type ApiAuthResendEmailRegister ¶
type ApiAuthResendEmailRegister struct {
Email string `json:"email" form:"email" binding:"required,email"` // yes
TmpToken string `json:"tmp_token" form:"tmp_token" binding:"required"` // yes -- used to validate resend of email?
}
Input for api endpoint
type ApiAuthSetDebugFlag ¶
type ApiAuthSetDebugFlag struct {
Name string `json:"name" form:"name" binding:"required"`
Value string `json:"value" form:"value" binding:"required"`
AuthKey string `json:"auth_key" form:"auth_key"`
}
Input for api endpoint
type ApiAuthSipLogin0 ¶
type ApiAuthSipRegister ¶
type ApiAuthSipRegister struct {
Email string `json:"email" form:"email" binding:"required,email"`
FirstName string `json:"first_name" form:"first_name" binding:"required"`
LastName string `json:"last_name" form:"last_name" binding:"required"`
Validator string `json:"validator" form:"validator" binding:"required"`
}
type ApiAuthUn ¶
type ApiAuthUn struct {
Email string `json:"email" form:"email"`
}
Input for api endpoint
type ApiAuthValidate2faToken ¶
type ApiAuthValidate2faToken struct {
Email string `json:"email" form:"email" binding:"required"`
TmpToken string `json:"tmp_token" form:"tmp_token" binding:"required"`
X2FaPin string `json:"x2fa_pin" form:"x2fa_pin" binding:"required"`
AmIKnown string `json:"am_i_known" form:"am_i_known"`
EmailVerifyToken string `json:"email_verify_token" form:"email_verify_token"`
}
authHandleValidate2faToken is called after login to validate a 2fa token and after registration to comnplete the registration.
This calls: "q_auth_v1_validate_2fa_token ( $1, $2, $3, $4, $5 )" in the databse. This sets q_qr_users.setup_complete_2fa = 'y' to mark the account as fully registered. Login requires that this is a 'y' before login occures.
Input for api endpoint
type ApiCreateClient ¶
type ApiCreateClient struct {
ClientName string `json:"client_name" form:"client_name" binding:"required"`
Description string `json:"description" form:"description" binding:"required"`
RoleName string `json:"role_name" form:"role_name"`
Email string `json:"email" form:"email"`
}
------------------------------------------------------------------------------------------------------------------------- Create a new Client
type ApiCreateRegistrationToken ¶
type ApiCreateRegistrationToken struct {
Description string `json:"description" form:"description" binding:"required"`
ClientId string `json:"client_id" form:"client_id"`
RoleName string `json:"role_name" form:"role_name"`
EmailNote string `json:"email_note" form:"email_note"`
}
------------------------------------------------------------------------------------------------------------------------- Input for login
type ApiEmail ¶
type ApiEmail struct {
Email string `json:"email" form:"email" binding:"required,email"`
}
Input for api endpoint
type ApiEmailOptional ¶
type ApiEmailOptional struct {
Email string `json:"email" form:"email"`
}
Input for api endpoint
type ApiGetRegistrationToken ¶
type ApiGetRegistrationToken struct {
UserName string `json:"user_name" form:"user_name"`
}
------------------------------------------------------------------------------------------------------------------------- Create a new Client
type ApiSetUserConfig ¶
type ApiSetUserConfig struct {
Name string `json:"name,omitempty" form:"name"`
Value string `json:"value,omitempty" form:"value"`
}
-------------------------------------------------------------------------------------------------------------------------
type ApiUrlShortCreateType ¶
type ApiUrlShortCreateType struct {
Id string `json:"id" form:"id" binding:"required"`
DestinationURL string `json:"destination_url" form:"destination_url" binding:"required"`
ShouldProxy string `json:"should_proxy" form:"should_proxy" binding:"required"`
Headers []NvPair `json:"headers"`
Params []NvPair `json:"params"`
Method string `json:"method"`
}
-------------------------------------------------------------------------------------------------------------------------
type ApiUrlShortType ¶
type ApiUrlShortType struct {
Id string `json:"id" form:"id" binding:"required"`
}
-------------------------------------------------------------------------------------------------------------------------
type CreateClientSuccess ¶
type CreateClientSuccess struct {
Status string `json:"status"`
RegistrationToken string `json:"token_registration,omitempty"`
}
Output returned
type CreateClientSuccess2 ¶
type CreateClientSuccess2 struct {
Status string `json:"status"`
RegistrationToken string `json:"token_registration,omitempty"`
ClientId string `json:"client_id,omitempty"`
}
Output returned
type CreateRegistrationStuccess ¶
type CreateRegistrationStuccess struct {
Status string `json:"status"`
ClientId string `json:"client_id" form:"client_id"`
RegistrationToken string `json:"registration_token" form:"registration_token" db:"registration_token"`
}
Output returned
type EmailConfirmSuccess ¶
type EmailConfirmSuccess struct {
Status string `json:"status"`
TmpToken string `json:"tmp_token"`
AcctState string `json:"acct_state,omitempty"`
}
Output returned
type EmailSetupSuccess ¶
type EmailSetupSuccess struct {
Status string `json:"status"`
Msg string `json:"msg"`
EmailValidated string `json:"email_validated,omitempty"`
}
Output returned
type GetUserConfigSuccess ¶
type GetUserConfigSuccess struct {
Status string `json:"status"`
UserConfig map[string]string `json:"user_config,omitempty"`
}
Output returned
type GinLoginType ¶
type JwtClaims ¶
type JwtClaims struct {
AuthToken string `json:"auth_token"`
jwt.StandardClaims
}
type LoginSuccess ¶
type LoginSuccess struct {
Status string `json:"status"`
TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
Token string `json:"token,omitempty"` // the JWT Token???
Require2fa string `json:"require_2fa,omitempty"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
AcctState string `json:"acct_state,omitempty"`
UserConfig map[string]string `json:"user_config,omitempty"`
}
Output returned
type QrForSecretSuccess ¶
type QrForSecretSuccess struct {
Status string `json:"status"`
Secret string `json:"secret"`
URLFor2faQR string `json:"url_for_2fa_qr"`
}
------------------------------------------------------------------------------------------------------------------------- -------------------------------------------------------------------------------------------------------------------------
type RecoverPassword02Success ¶
type RecoverPassword02Success struct {
Status string `json:"status"`
Email string `json:"email,omitempty"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
Output returned
type RecoverPassword03SetPasswordSuccess ¶
type RecoverPassword03SetPasswordSuccess struct {
Status string `json:"status"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
Output returned
type RefreshTokenSuccess ¶
type RefreshTokenSuccess struct {
Status string `json:"status"`
Token string `json:"token,omitempty"` // the JWT Token???
AccountType string `json:"account_type,omitempty"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
AcctState string `json:"acct_state,omitempty"`
UserConfig map[string]string `json:"user_config,omitempty"`
}
Output returned
type RegenOTPSuccess ¶
type RegenOTPSuccess struct {
Status string `json:"status"`
Otp []string `json:"otp,omitempty"`
Msg string `json:"msg"`
}
Output returned
type RegisterSuccess ¶
type RegisterSuccess struct {
Status string `json:"status"`
URLFor2faQR string `json:"url_for_2fa_qr"`
TotpSecret string `json:"totp_secret"`
UserConfig map[string]string `json:"user_config,omitempty"`
Otp []string `json:"otp,omitempty"`
TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
}
Output returned
type ResendEmailRegisterSuccess ¶
type ResendEmailRegisterSuccess struct {
Status string `json:"status"`
URLFor2faQR string `json:"url_for_2fa_qr"`
TotpSecret string `json:"totp_secret"`
TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
}
Output returned
type ReturnStatusSuccess ¶
Output returned
type RvChangeEmailAddressType ¶
type RvChangeEmailAddressType struct {
StdErrorReturn
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
type RvChangePasswordAdminType ¶
type RvChangePasswordAdminType struct {
StdErrorReturn
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
type RvChangePasswordType ¶
type RvChangePasswordType struct {
StdErrorReturn
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
DB Reutrn Data
type RvCreateClientType ¶
type RvCreateClientType struct {
StdErrorReturn
RegistrationToken string `json:"token_registration,omitempty" db:"token_registration"`
ClientId string `json:"client_id" db:"client_id"`
}
type RvCreateRegistrationTokenType ¶
type RvCreateRegistrationTokenType struct {
StdErrorReturn
ClientId string `json:"client_id" form:"client_id" db:"client_id"`
RegistrationToken string `json:"registration_token" form:"registration_token" db:"registration_token"`
}
Create a new Registration Token
type RvDeleteAccountType ¶
type RvDeleteAccountType struct {
StdErrorReturn
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
type RvEmailConfirm ¶
type RvEmailConfirm struct {
StdErrorReturn
Email string `json:"email,omitempty"`
TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
AcctState string `json:"acct_state,omitempty"`
}
DB Reutrn Data
type RvGetRegistrationTokenType ¶
type RvGetRegistrationTokenType struct {
StdErrorReturn
RegistrationToken string `json:"token_registration,omitempty" db:"token_registration"`
}
l_token_registration
type RvGetSecretType ¶
type RvGetSecretType struct {
StdErrorReturn
Secret2fa string `json:"secret_2fa"`
UserId string `json:"user_id"`
}
type RvGetUserConfigType ¶
type RvGetUserConfigType struct {
StdErrorReturn
UserConfig map[string]string `json:"user_config,omitempty" db:"user_config"`
}
------------------------------------------------------------------------------------------------------------------------- DB Reutrn Data
type RvLoginType ¶
type RvLoginType struct {
StdErrorReturn
UserId string `json:"user_id,omitempty"`
AuthToken string `json:"auth_token,omitempty"` // May be "" - meaning no auth.
TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
Token string `json:"token,omitempty"` // the JWT Token???
Require2fa string `json:"require_2fa,omitempty"`
Secret2fa string `json:"secret_2fa,omitempty"`
AccountType string `json:"account_type,omitempty"`
Privileges []string `json:"privileges,omitempty"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
IsNewDeviceLogin string `json:"is_new_device_login,omitempty"`
ClientId string `json:"client_id,omitempty"`
AcctState string `json:"acct_state,omitempty"`
UserConfig map[string]string `json:"user_config,omitempty"`
}
DB Reutrn Data
type RvRecoverPassword01Setup ¶
type RvRecoverPassword01Setup struct {
StdErrorReturn
RecoveryToken string `json:"recovery_token,omitempty"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
DB Reutrn Data
type RvRecoverPassword02FetchInfo ¶
type RvRecoverPassword02FetchInfo struct {
StdErrorReturn
Email string `json:"email,omitempty"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
DB Reutrn Data
type RvRecoverPassword03SetPassword ¶
type RvRecoverPassword03SetPassword struct {
StdErrorReturn
RecoveryToken string `json:"recovery_token,omitempty"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
DB Reutrn Data
type RvRefreshTokenType ¶
type RvRefreshTokenType struct {
StdErrorReturn
AuthToken string `json:"auth_token,omitempty"`
Token string `json:"token,omitempty"` // the JWT Token???
UserId string `json:"user_id,omitempty"`
AccountType string `json:"account_type,omitempty"`
Email string `json:"email_address"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
AcctState string `json:"acct_state,omitempty"`
UserConfig map[string]string `json:"user_config,omitempty"`
}
------------------------------------------------------------------------------------------------------------------------- {Method: "POST", Path: "/api/v1/auth/refresh-token", Fx: authHandleRefreshToken, UseLogin: LoginRequired}, // (TODO - wrong function now)
type RvRegenOTPType ¶
type RvRegenOTPType struct {
StdErrorReturn
Otp []string `json:"otp,omitempty"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
DB Reutrn Data
type RvRegisterClientAdminType ¶
type RvRegisterClientAdminType struct {
StdErrorReturn
UserId string `json:"user_id,omitempty"`
EmailVerifyToken string `json:"email_verify_token,omitempty"`
Require2fa string `json:"require_2fa,omitempty"`
Secret2fa string `json:"secret_2,omitempty"`
URLFor2faQR string `json:"url_for_2fa_qr"`
TotpSecret string `json:"totp_secret"`
Otp []string `json:"otp,omitempty"`
TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
}
------------------------------------------------------------------------------------------------------------------------- register client user account.
{Method: "POST", Path: "/api/v1/auth/register-client-admin", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall}, // un + pw + first_name + last_name + token to lead to client account
{Method: "POST", Path: "/api/v1/auth/register-client-admin", Fx: authHandleRegisterClientAdmin, UseLogin: PublicApiCall}, // un + pw + first_name + last_name + token to lead to client account:w
create or replace function q_auth_v1_register_client ( p_email varchar, p_pw varchar, p_hmac_password varchar, p_first_name varchar, p_last_name varchar, p_userdata_password varchar, p_secret varchar, p_registration_token uuid )
-------------------------------------------------------------------------------------------------------------------------
type RvRegisterTokenAccountType ¶
type RvRegisterTokenAccountType struct {
StdErrorReturn
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
Email string `json:"email,omitempty"`
}
type RvRegisterType ¶
type RvRegisterType struct {
StdErrorReturn
UserId string `json:"user_id,omitempty"`
EmailVerifyToken string `json:"email_verify_token,omitempty"`
Require2fa string `json:"require_2fa,omitempty"`
Secret2fa string `json:"secret_2,omitempty"`
URLFor2faQR string `json:"url_for_2fa_qr"`
TotpSecret string `json:"totp_secret"`
UserConfig map[string]string `json:"user_config,omitempty"`
Otp []string `json:"otp,omitempty"`
TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
}
Returned form stored procedure
l_data = '{"status":"error","msg":"Account already exists. Please login or recover password.","code":"0007","location":"m4___file__ m4___line__"}';
||', "user_id":' ||coalesce(to_json(l_user_id)::text,'""')
DB Reutrn Data
type RvRegisterUnPwAccountType ¶
type RvRegisterUnPwAccountType struct {
StdErrorReturn
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
Email string `json:"email,omitempty"`
}
type RvResendEmailRegisterType ¶
type RvResendEmailRegisterType struct {
StdErrorReturn
UserId *int `json:"user_id,omitempty"`
EmailVerifyToken string `json:"email_verify_token,omitempty"`
Require2fa string `json:"require_2fa,omitempty"`
Secret2fa string `json:"secret_2,omitempty"`
URLFor2faQR string `json:"url_for_2fa_qr"`
TotpSecret string `json:"totp_secret"`
TmpToken string `json:"tmp_token,omitempty"` // May be "" - used in 2fa part 1 / 2
FirstName string `json:"first_name"`
LastName string `json:"last_name"`
}
DB Reutrn Data
type RvUrlShortCreateReturned ¶
type RvUrlShortCreateReturned struct {
StdErrorReturn
ShortId string `json:"short_id"`
}
type RvUrlShortReturned ¶
type RvUrlShortReturned struct {
StdErrorReturn
ShortId string `json:"short_id"`
ShouldProxy string `json:"should_proxy"`
DestinationURL string `json:"destination_url"`
}
type RvValidate2faTokenType ¶
type RvValidate2faTokenType struct {
StdErrorReturn
UserId string `json:"user_id,omitempty"`
AuthToken string `json:"auth_token,omitempty"` // May be "" - meaning no auth.
Token string `json:"token,omitempty"`
Expires string `json:"expires,omitempty"`
Privileges []string `json:"privileges,omitempty"`
Secret2fa string `json:"secret_2fa,omitempty"`
EmailValidated string `json:"email_validated,omitempty"`
X2faValidated string `json:"x2fa_validated,omitempty"`
ClientId string `json:"client_id,omitempty"`
AcctState string `json:"acct_state,omitempty"`
}
DB Reutrn Data
type SQLAcctStatusType ¶
type SQLIntType ¶
type SQLIntType struct {
X *int
}
type SQLStatusType ¶
jwt_auth.SetupNewInstall()
if err := jwt_auth.ValidatePasswords(); err != nil {
-- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- -- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- create table if not exists q_qr_validate_startup (
once_id int unique primary key, -- only one row in table ever, no generation of PKs. validation_value_hmac bytea not null, validation_value_enc bytea not null
);
-- -- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- create or replace function q_auth_v1_setup_startup_one_time ( p_hmac_password varchar, p_userdata_password varchar )
returns text as $$
DECLARE
l_data text; l_fail bool;
BEGIN
-- Copyright (C) Philip Schlump, 2008-2021.
-- BSD 3 Clause Licensed. See LICENSE.bsd
-- version: m4_ver_version() tag: m4_ver_tag() build_date: m4_ver_date()
l_fail = false;
insert into t_output ( msg ) values ( 'function ->q_auth_v1_setup_startup_one_time<- m4___file__ m4___line__' );
begin
insert into q_qr_validate_startup ( once_id, validation_value_hmac, validation_value_enc ) values
( 1
, q_auth_v1_hmac_encode ( 'test@test.com', p_hmac_password )
, pgp_sym_encrypt('test@test.com', p_userdata_password)
);
exception
when others then
l_fail = true;
l_data = '{"status":"error","msg":"Not initialized properly - incorrect passwrods","code":"2004","location":"m4___file__ m4___line__"}';
insert into q_qr_auth_log ( user_id, activity, code, location ) values ( l_user_id, 'Not initialized properly - incorrect passwords', '2005', 'File:m4___file__ Line No:m4___line__');
end;
if not l_fail then
l_data = '{"status":"success"'
||'}';
end if;
RETURN l_data;
END; $$ LANGUAGE plpgsql;
-- -- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- create or replace function q_auth_v1_validate_startup_passwords ( p_hmac_password varchar, p_userdata_password varchar )
returns text as $$
DECLARE
l_data text; l_fail bool; l_debug_on bool; l_id uuid; l_junk text;
BEGIN
l_debug_on = q_get_config_bool ( 'debug' );
-- Copyright (C) Philip Schlump, 2008-2021.
-- BSD 3 Clause Licensed. See LICENSE.bsd
-- version: m4_ver_version() tag: m4_ver_tag() build_date: m4_ver_date()
l_fail = false;
l_data = '{"status":"unknown"}';
if l_debug_on then
insert into t_output ( msg ) values ( 'function ->q_auth_v1_validate_startup_passwords<- m4___file__ m4___line__' );
end if;
begin
select 'found'
into l_junk
from q_qr_validate_startup
where once_id = 1
and validation_value_hmac = q_auth_v1_hmac_encode ( 'test@test.com', p_hmac_password )
and pgp_sym_decrypt(validation_value_enc, p_userdata_password) = 'test@test.com'
;
if not found then
l_fail = true;
l_data = '{"status":"error","msg":"Not configured properly - incorrect passwrods","code":"2005","location":"m4___file__ m4___line__"}';
end if;
exception
when others then
l_fail = true;
l_data = '{"status":"error","msg":"Not configured properly - incorrect passwrods","code":"2007","location":"m4___file__ m4___line__"}';
end;
if not l_fail then
l_data = '{"status":"success"'
||'}';
end if;
RETURN l_data;
END; $$ LANGUAGE plpgsql;
delete from q_qr_validate_startup ;
select q_auth_v1_setup_startup_one_time ( 'bob', 'bob' ); select q_auth_v1_validate_startup_passwords ( 'bb', 'ob' );
delete from q_qr_validate_startup ;
type SQLStringType ¶
type SQLStringType struct {
X string
}
-------------------------------------------------------------------------------------------------------------------------
type SQLUserIdPrivsType ¶
type SQLUserIdPrivsType struct {
UserId string `json:"user_id,omitempty" db:"user_id"`
Privileges string `json:"privileges,omitempty"`
ClientId string `json:"client_id,omitempty" db:"client_id"`
Email string `json:"email" db:"email"`
}
------------------------------------------------------------------------------------------------------------------------- Use:
AuthJWTPublic string `json:"auth_jwt_public_file" default:""` // Public Key File AuthJWTPrivate string `json:"auth_jwt_private_file" default:""` // Private Key File AuthJWTKeyType string `json:"auth_jwt_key_type" default:"ES" validate:"v.In(['ES256','RS256', 'ES512', 'RS512'])"` // Key type ES = ESDSA or RS = RSA
type SetDebugFlagSuccess ¶
type SetDebugFlagSuccess struct {
Status string `json:"status"`
}
Output returned
type SipLogin0Success ¶
type SipLogin0Success struct {
Status string `json:"status"`
TmpToken string `json:"tmp_token,omitempty"`
Challenge string `json:"challenge,omitempty"`
Require2fa string `json:"require_2fa,omitempty"`
Privileges string `json:"privileges,omitempty"`
FirstName string `json:"first_name,omitempty"`
LastName string `json:"last_name,omitempty"`
}
type SipLogin1Success ¶
type SipLogin1Success struct {
Status string `json:"status"`
TmpToken string `json:"tmp_token,omitempty"`
Challenge string `json:"challenge,omitempty"`
}
-------------------------------------------------------------------------------------------------------------------------
type SipLogin22uccess ¶
type SipLogin22uccess struct {
Status string `json:"status"`
TmpToken string `json:"tmp_token,omitempty"`
Proof string `json:"proof,omitempty"`
}
-------------------------------------------------------------------------------------------------------------------------
type StdErrorReturn ¶
type Validate2faTokenSuccess ¶
type Validate2faTokenSuccess struct {
Status string `json:"status"`
Token string `json:"token,omitempty"`
EmailValidated string `json:"email_validated,omitempty"`
X2faValidated string `json:"x2fa_validated,omitempty"`
Expires string `json:"expires,omitempty"`
AcctState string `json:"acct_state,omitempty"`
}
Output returned
type X2faSetupSuccess ¶
type X2faSetupSuccess struct {
Status string `json:"status"`
Msg string `json:"msg"`
X2faValidated string `json:"x2fa_validated,omitempty"`
}
Output returned
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.