auth

package
v1.3.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 1, 2026 License: AGPL-3.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateTOTPSecret 

func GenerateTOTPSecret() (string, error)

func TOTPProvisioningURI 

func TOTPProvisioningURI(issuer, username, secret string) string

func ValidatePassword 

func ValidatePassword(cfg *config.Config, password string) error

func VerifyTOTP 

func VerifyTOTP(secret, code string, now time.Time) bool

Types

type Identity 

type Identity struct {
	Username     string   `json:"username"`
	Name         string   `json:"name"`
	Email        string   `json:"email"`
	Role         string   `json:"role,omitempty"`
	Capabilities []string `json:"capabilities,omitempty"`
	MFAComplete  bool     `json:"mfa_complete,omitempty"`
	CSRFToken    string   `json:"csrf_token,omitempty"`
}

func IdentityFromContext 

func IdentityFromContext(ctx context.Context) (*Identity, bool)

type Middleware 

type Middleware struct {
	// contains filtered or unexported fields
}

func New 

func New(cfg *config.Config) *Middleware

func (*Middleware) Authenticate 

func (m *Middleware) Authenticate(w http.ResponseWriter, r *http.Request) (*Identity, error)

func (*Middleware) Authorize 

func (m *Middleware) Authorize(r *http.Request) error

func (*Middleware) CompletePasswordReset 

func (m *Middleware) CompletePasswordReset(req types.PasswordResetCompleteRequest) error

func (*Middleware) DisableTOTP 

func (m *Middleware) DisableTOTP(identity *Identity, username string) error

func (*Middleware) EnableTOTP 

func (m *Middleware) EnableTOTP(identity *Identity, username, code string) error

func (*Middleware) Login 

func (m *Middleware) Login(w http.ResponseWriter, r *http.Request, username, password, totpCode string) (*Identity, error)

func (*Middleware) Logout 

func (m *Middleware) Logout(w http.ResponseWriter, r *http.Request) error

func (*Middleware) RevokeAllSessions 

func (m *Middleware) RevokeAllSessions() int

func (*Middleware) RevokeUserSessions 

func (m *Middleware) RevokeUserSessions(username string) int

func (*Middleware) SessionTTL 

func (m *Middleware) SessionTTL() time.Duration

func (*Middleware) SetupTOTP 

func (m *Middleware) SetupTOTP(identity *Identity, username string) (*types.TOTPSetupResponse, error)

func (*Middleware) StartPasswordReset 

func (m *Middleware) StartPasswordReset(identity *Identity, username string) (*types.PasswordResetStartResponse, error)

func (*Middleware) Wrap 

func (m *Middleware) Wrap(next http.Handler) http.Handler

func (*Middleware) WrapCapability 

func (m *Middleware) WrapCapability(next http.Handler, requiredCapability string) http.Handler

func (*Middleware) WrapRole 

func (m *Middleware) WrapRole(next http.Handler, requiredRole string) http.Handler

type Session 

type Session struct {
	Token        string    `yaml:"token"`
	CSRFToken    string    `yaml:"csrf_token"`
	Username     string    `yaml:"username"`
	Name         string    `yaml:"name"`
	Email        string    `yaml:"email"`
	Role         string    `yaml:"role"`
	Capabilities []string  `yaml:"capabilities,omitempty"`
	MFAComplete  bool      `yaml:"mfa_complete,omitempty"`
	IssuedAt     time.Time `yaml:"issued_at"`
	LastSeen     time.Time `yaml:"last_seen"`
	ExpiresAt    time.Time `yaml:"expires_at"`
}

type SessionManager 

type SessionManager struct {
	// contains filtered or unexported fields
}

func NewSessionManager 

func NewSessionManager(path string, ttl time.Duration) *SessionManager

func (*SessionManager) Authenticate 

func (m *SessionManager) Authenticate(token string, now time.Time) (Session, bool)

func (*SessionManager) Issue 

func (m *SessionManager) Issue(identity Identity, now time.Time) (Session, error)

func (*SessionManager) Revoke 

func (m *SessionManager) Revoke(token string)

func (*SessionManager) RevokeAll 

func (m *SessionManager) RevokeAll() int

func (*SessionManager) RevokeUser 

func (m *SessionManager) RevokeUser(username string) int

func (*SessionManager) TTL 

func (m *SessionManager) TTL() time.Duration

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.