auth

package

v0.6.1 Latest Latest Go to latest Published: Oct 17, 2023 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/isaqueveras/powersso

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func ErrAuthentication2factorNotConfigured() *oops.Error
func ErrEmailOrPasswordIsNotValid() *oops.Error
func ErrOTPTokenInvalid() *oops.Error
func ErrTokenIsNotValid() *oops.Error
func ErrUserBlockedTemporarily() *oops.Error
func ErrUserExists() *oops.Error
func ErrUserNotExists() *oops.Error
type ActivateAccount
- func (a *ActivateAccount) IsValid() bool
type ChangePassword
- func (c *ChangePassword) ValidatePassword() bool
type CreateAccount
- func (rr *CreateAccount) GeneratePassword() error
- func (rr *CreateAccount) Prepare() (err error)
- func (rr *CreateAccount) RefreshTokenKey()
- func (rr *CreateAccount) SanitizePassword()
type Flag
type IAuth
type IAuthService
- func NewAuthService(repoFlag IFlag, repoOTP IOTP) IAuthService
type IFlag
type IOTP
type ISession
type IUser
type Level
type Login
- func (l *Login) ComparePasswords(passw, key *string) error
- func (l *Login) SanitizePassword()
- func (l *Login) Validate()
type Service
- func (s *Service) Configure2FA(userID *uuid.UUID) (err error)
- func (s *Service) GenerateQrCode2FA(userID *uuid.UUID) (url *string, err error)
type Session
type Steps
type User
- func (u *User) GetUserLevel(s *config.Secrets) string
- func (u *User) HasFlag(flag Flag) bool
- func (u *User) IsActive() bool
- func (u *User) IsBlocked() bool
- func (u *User) OTPConfigured() bool

Constants ¶

View Source

const (
	// CostHashPasswordProduction is the cost of hashing password in production
	CostHashPasswordProduction int = 14
	// CostHashPasswordDevelopment is the cost of hashing the password in development mode
	CostHashPasswordDevelopment int = 1
)

Variables ¶

This section is empty.

Functions ¶

func ErrAuthentication2factorNotConfigured ¶ added in v0.6.0

func ErrAuthentication2factorNotConfigured() *oops.Error

ErrAuthentication2factorNotConfigured user with 2-factor authentication token not configured

func ErrEmailOrPasswordIsNotValid ¶

func ErrEmailOrPasswordIsNotValid() *oops.Error

ErrEmailOrPasswordIsNotValid creates and returns an error when the email or password is not valid

func ErrOTPTokenInvalid ¶

func ErrOTPTokenInvalid() *oops.Error

ErrOTPTokenInvalid creates and returns an error when validate token OTP

func ErrTokenIsNotValid ¶

func ErrTokenIsNotValid() *oops.Error

ErrTokenIsNotValid creates and returns an error when the token is not valid

func ErrUserBlockedTemporarily ¶

func ErrUserBlockedTemporarily() *oops.Error

ErrUserBlockedTemporarily creates and returns an error when the user is blocked temporarily

func ErrUserExists ¶

func ErrUserExists() *oops.Error

ErrUserExists creates and returns an error when the user already exists

func ErrUserNotExists ¶

func ErrUserNotExists() *oops.Error

ErrUserNotExists creates and returns an error when the user does not exists

Types ¶

type ActivateAccount ¶

type ActivateAccount struct {
	ID        *uuid.UUID `sql:"id"`
	UserID    *uuid.UUID `sql:"user_id"`
	Used      *bool      `sql:"used"`
	Valid     *bool
	ExpiresAt *time.Time `sql:"expires_at"`
	CreatedAt *time.Time `sql:"created_at"`
}

ActivateAccount model the data to activate user account

func (*ActivateAccount) IsValid ¶

func (a *ActivateAccount) IsValid() bool

IsValid check if the token is valid

type ChangePassword ¶ added in v0.5.0

type ChangePassword struct {
	UserID          *uuid.UUID `json:"user_id"`
	Password        *string    `json:"password"`
	ConfirmPassword *string    `json:"confirm_password"`
	CodeOTP         *string    `json:"code_otp"`
	Key             *string    `json:"-"`
}

func (*ChangePassword) ValidatePassword ¶ added in v0.5.0

func (c *ChangePassword) ValidatePassword() bool

ValidatePassword validate passwords for change password

type CreateAccount ¶

type CreateAccount struct {
	FirstName *string `sql:"first_name" json:"first_name"`
	LastName  *string `sql:"last_name" json:"last_name"`
	Email     *string `sql:"email" json:"email"`
	Password  *string `sql:"password" json:"password"`
	Key       *string `sql:"key" json:"-"`
	Level     *Level  `sql:"level" json:"-"`
}

CreateAccount models the data to create an account

func (*CreateAccount) GeneratePassword ¶

func (rr *CreateAccount) GeneratePassword() error

GeneratePassword hash user password with bcrypt

func (*CreateAccount) Prepare ¶

func (rr *CreateAccount) Prepare() (err error)

Prepare prepare data for registration

func (*CreateAccount) RefreshTokenKey ¶

func (rr *CreateAccount) RefreshTokenKey()

RefreshTokenKey generates and sets new random token key. >> invalidate previously issued tokens

func (*CreateAccount) SanitizePassword ¶

func (rr *CreateAccount) SanitizePassword()

SanitizePassword sanitize user password

type Flag ¶

type Flag int

Flag set the data type to flag the user

const (
	// FlagEnabledAccount defines that the user has already activated his account
	FlagEnabledAccount Flag = iota + 1
	// FlagOTPEnable defines that the user has OTP enabled
	FlagOTPEnable
	// FlagOTPSetup defines that the user has OTP configured
	FlagOTPSetup
)

type IAuth ¶

type IAuth interface {
	CreateAccount(*CreateAccount) (userID *uuid.UUID, err error)
	AddAttempts(userID *uuid.UUID) error
	LoginSteps(email *string) (*Steps, error)
}

IAuth define an interface for data layer access methods

type IAuthService ¶ added in v0.6.0

type IAuthService interface {
	Configure2FA(userID *uuid.UUID) error
	GenerateQrCode2FA(userID *uuid.UUID) (*string, error)
}

IAuthService defines an interface for service methods to access the data layer

func NewAuthService ¶ added in v0.6.0

func NewAuthService(repoFlag IFlag, repoOTP IOTP) IAuthService

NewAuthService init new service

type IFlag ¶ added in v0.5.0

type IFlag interface {
	Get(userID *uuid.UUID) (*int64, error)
	Set(userID *uuid.UUID, flag Flag) error
}

IFlag define an interface for data layer access methods

type IOTP ¶

type IOTP interface {
	GetToken(userID *uuid.UUID) (*string, *string, error)
	SetToken(userID *uuid.UUID, secret *string) error
}

IOTP define an interface for data layer access methods

type ISession ¶

type ISession interface {
	Create(userID *uuid.UUID, clientIP, userAgent *string) (*uuid.UUID, error)
	Delete(ids ...*uuid.UUID) error
	Get(userID *uuid.UUID) ([]*uuid.UUID, error)
}

ISession define an interface for data layer access methods

type IUser ¶

type IUser interface {
	GetUser(*User) error
	ChangePassword(*ChangePassword) error
	AccountExists(email *string) error
	DisableUser(userUUID *uuid.UUID) error
}

IUser define an interface for data layer access methods

type Level ¶

type Level string

Level set data type to user level

const (
	// UserLevel is the user role
	UserLevel Level = "user"
	// AdminLevel is the admin role
	AdminLevel Level = "admin"
	// IntegrationLevel is the integration role
	IntegrationLevel Level = "integration"
)

type Login struct {
	Email     *string `json:"email" binding:"required,lte=60,email"`
	Password  *string `json:"password" binding:"required,gte=6"`
	OTP       *string `json:"otp,omitempty"`
	ClientIP  *string `json:"-"`
	UserAgent *string `json:"-"`
}

Login models the data for the user to log in with their account

func (l *Login) ComparePasswords(passw, key *string) error

ComparePasswords compare user password and payload

func (l *Login) SanitizePassword()

SanitizePassword sanitize user password

func (l *Login) Validate()

Validate prepare data for login

type Service ¶ added in v0.6.0

type Service struct {
	// contains filtered or unexported fields
}

Service structure with repositories

func (*Service) Configure2FA ¶ added in v0.6.0

func (s *Service) Configure2FA(userID *uuid.UUID) (err error)

Configure2FA add the flags to the configured 2fa user and generates the 2fa token

func (*Service) GenerateQrCode2FA ¶ added in v0.6.0

func (s *Service) GenerateQrCode2FA(userID *uuid.UUID) (url *string, err error)

GenerateQrCode2FA return the formatted url to configure 2-factor authentication

type Session ¶

type Session struct {
	SessionID *uuid.UUID `json:"session_id,omitempty"`
	UserID    *uuid.UUID `json:"user_id,omitempty"`
	Email     *string    `json:"email,omitempty"`
	FirstName *string    `json:"first_name,omitempty"`
	LastName  *string    `json:"last_name,omitempty"`
	Level     *Level     `json:"level,omitempty"`
	Token     *string    `json:"token,omitempty"`
	CreatedAt *time.Time `json:"created_at,omitempty"`
	ExpiresAt *time.Time `json:"expires_at,omitempty"`
}

Session models the data of a user session

type Steps ¶

type Steps struct {
	Name *string
	OTP  *bool
}

Steps contains login steps

type User ¶

type User struct {
	ID        *uuid.UUID
	Email     *string
	Password  *string `json:"-"`
	FirstName *string
	LastName  *string
	Flag      *Flag
	Level     *Level
	Blocked   *bool
	Key       *string
	Active    *bool
	OTPToken  *string
	OTPEnable *bool
	OTPSetUp  *bool
	CreatedBy *uuid.UUID
	CreatedAt *time.Time
	LastLogin *time.Time
}

func (*User) GetUserLevel ¶ added in v0.6.0

func (u *User) GetUserLevel(s *config.Secrets) string

GetUserLevel returns the authentication token and duration by user level

func (*User) HasFlag ¶

func (u *User) HasFlag(flag Flag) bool

HasFlag return 'true' if has flag

func (*User) IsActive ¶

func (u *User) IsActive() bool

IsActive check if the user has their account activated

func (*User) IsBlocked ¶

func (u *User) IsBlocked() bool

IsBlocked check if the user has the account temporarily blocked

func (*User) OTPConfigured ¶

func (u *User) OTPConfigured() bool

OTPConfigured checks if the user has the OTP token configured

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL