Documentation
¶
Index ¶
- Constants
- Variables
- func IsErrAccountAlreadyExists(err error) bool
- func IsErrMalformedEmail(err error) bool
- func IsErrMalformedSessionID(err error) bool
- func IsErrNoAccountFound(err error) bool
- func IsErrNoApiKeyFound(err error) bool
- func IsErrNoSessionFound(err error) bool
- func IsErrPasswordHashingFailed(err error) bool
- func IsErrWrongCredentials(err error) bool
- type Account
- type AccountParams
- type Auth
- func (auth *Auth) Close() error
- func (auth *Auth) CreateAccount(email string, pass string, params ...AccountParams) (*account.Account, error)
- func (auth *Auth) CreateApiKey(namespace string, accessibleCollections []string, canRead bool, canWrite bool, ...) (*apikey.ApiKey, error)
- func (auth *Auth) CreateSession(account *account.Account, duration time.Duration) (*session.Session, error)
- func (auth *Auth) DeleteAccount(account account.Account) error
- func (auth *Auth) DeleteAccountByEmail(email string) error
- func (auth *Auth) DeleteApiKey(apiKey *apikey.ApiKey) error
- func (auth *Auth) FindAccountByEmail(email string) (*account.Account, error)
- func (auth *Auth) FindAccountByID(ID primitive.ObjectID) (*account.Account, error)
- func (auth *Auth) FindAccountBySession(session *session.Session) (*account.Account, error)
- func (auth *Auth) FindApiKeyByKey(key string) (*apikey.ApiKey, error)
- func (auth *Auth) FindSessionByID(sessionID primitive.ObjectID) (*session.Session, error)
- func (auth *Auth) FindSessionByToken(sessionToken string) (*session.Session, error)
- func (auth *Auth) GarbageCollectApiKeys() (int64, error)
- func (auth *Auth) GarbageCollectSessions() (int64, error)
- func (auth *Auth) InvalidateSession(session *session.Session) error
- func (auth *Auth) InvalidateSessionByID(sessionID primitive.ObjectID) error
- func (auth *Auth) InvalidateSessionByToken(sessionToken string) error
- func (auth *Auth) ValidateApiKey(apiKey *apikey.ApiKey) bool
- func (auth *Auth) ValidateApiKeyByKey(key string) (bool, error)
- func (auth *Auth) ValidateSession(session *session.Session) bool
- func (auth *Auth) ValidateSessionByToken(sessionToken string) (bool, error)
- func (auth *Auth) VerifyAccountCredentials(account *account.Account, pass string) bool
- func (auth *Auth) VerifyAccountCredentialsByEmail(email string, pass string) (bool, error)
- type AuthConfig
Constants ¶
const DEFAULT_PERMISSION_LEVEL = globals.DEFAULT_PERMISSION_LEVEL
The default permission level used when creating an account
Variables ¶
var ErrAccountAlreadyExists = errors.New("the account to be created already exists")
var ErrMalformedEmail = errors.New("malformed email")
var ErrMalformedSessionID = errors.New("malformed session id")
var ErrNoAccountFound = errors.New("found no account with that id/email")
var ErrNoApiKeyFound = errors.New("found no api key with that id")
var ErrNoSessionFound = errors.New("found no session with that id")
var ErrPasswordHashingFailed = errors.New("failed to hash password")
var ErrWrongCredentials = errors.New("account credentials didn't match")
Functions ¶
func IsErrMalformedEmail ¶
func IsErrMalformedSessionID ¶
func IsErrNoAccountFound ¶
func IsErrNoApiKeyFound ¶
func IsErrNoSessionFound ¶
func IsErrWrongCredentials ¶
Types ¶
type AccountParams ¶
type AccountParams struct {
PermissionLevel uint8
CustomData interface{}
}
This type represents the parameters used for creating an account.
type Auth ¶
type Auth struct {
// contains filtered or unexported fields
}
This type holds all necessary information for the library to work with the database.
func New ¶
This function creates an instance of happi-auth by using the provided database client, context, and config.
If no config was given, uses default values:
- Database: "happi-auth"
func (*Auth) Close ¶
This function does the cleanup work necessary. For now does nothing - kept as a placeholder for the future.
func (*Auth) CreateAccount ¶
func (auth *Auth) CreateAccount(email string, pass string, params ...AccountParams) (*account.Account, error)
This function creates an account and returns it.
It may fail if
- the email address is in an invalid format.
- the generation of a random password salt failed.
- the calculation of the password hash failed.
- the account already exists.
- there was an error while inserting into the database.
func (*Auth) CreateApiKey ¶
func (auth *Auth) CreateApiKey(namespace string, accessibleCollections []string, canRead bool, canWrite bool, expiresAt time.Time) (*apikey.ApiKey, error)
This function creates an api key for the collections given in the function parameters for the specified duration.
May fail if
- there was an error while inserting the session into the database.
func (*Auth) CreateSession ¶
func (auth *Auth) CreateSession(account *account.Account, duration time.Duration) (*session.Session, error)
This function creates a session for the account given in the function parameters for the specified duration.
May fail if
- there was an error while inserting the session into the database.
func (*Auth) DeleteAccount ¶
This function deletes the account given in the function prameters.
Deletion may fail if
- the account wasn't found.
- there was an error while removing the entry from the database.
func (*Auth) DeleteAccountByEmail ¶
This function deletes the account with the email given in the function prameters.
Deletion may fail if
- the account wasn't found.
- there was an error while removing the entry from the database.
func (*Auth) DeleteApiKey ¶
This function deletes the api key given in the function prameters.
Deletion may fail if
- the api key wasn't found.
- there was an error while removing the entry from the database.
func (*Auth) FindAccountByEmail ¶
This function searches the database for an account with the email address given in the function parameters.
Returns the account, or an error if it wasn't found, or if it couldn't be retrieved from the database.
func (*Auth) FindAccountByID ¶
This function searches the database for an account with the id given in the function parameters.
Returns the account, or an error if it wasn't found, or if it couldn't be retrieved from the database.
func (*Auth) FindAccountBySession ¶
This function works similar to `FindAccountByID` but uses a session as the parameter. If the account wasn't found additionaly deletes the session from the database.
Reteruns the account or an error if it wasn't found or if it couldn't be retrieved from the database.
func (*Auth) FindApiKeyByKey ¶
This function searches the database for a api key with the given key and returns it if it was found. If no match was found, returns an error.
func (*Auth) FindSessionByID ¶
This function searches the database for a session with the given ID and returns it if it was found. If no match was found, returns an error.
func (*Auth) FindSessionByToken ¶
This function searches the database for a session with the given token and returns it if it was found. If no match was found, returns an error.
func (*Auth) GarbageCollectApiKeys ¶
This function checks all active sessions in the database and deletes the entry if they're expired.
func (*Auth) GarbageCollectSessions ¶
This function checks all active sessions in the database and deletes the entry if they're expired.
func (*Auth) InvalidateSession ¶
Deletes the session specified in the function parameters out of the database.
May fail if
- the session wasn't found in the database.
- there was some issue while removing the database entry.
func (*Auth) InvalidateSessionByID ¶
Same as InvalidateSession but takes the session ID instead of the session directly.
func (*Auth) InvalidateSessionByToken ¶
Same as InvalidateSession but takes the session token instead of the session directly.
func (*Auth) ValidateApiKey ¶
This function checks if the api key specified in the functin parameters is still valid, or if it has expired.
If the api key has expired, will try to delete it from the database. Deletion can fail but no error will be returned, only an error will be printed to the log.
The reason for not returning an error is simple: it's not crucial if the operation fails as the api key is invalid anyways, and will eventually be garbage collected.
func (*Auth) ValidateApiKeyByKey ¶
Same as `ValidateApiKey()` but takes the api key token instead of the api key directly.
Can fail if
- the api key wasn't found in the database.
- there was some issue while communicating with the database.
func (*Auth) ValidateSession ¶
This function checks if the session specified in the functin parameters is still valid, or if it has expired.
If the session has expired, will try to delete it from the database. Deletion can fail but no error will be returned, only an error will be printed to the log.
The reason for not returning an error is simple: it's not crucial if the operation fails as the session is invalid anyways, and will eventually be garbage collected.
func (*Auth) ValidateSessionByToken ¶
Same as `ValidateSession()` but takes the sessionToken instead of the session directly.
Can fail if
- the session wasn't found in the database.
- there was some issue while communicating with the database.
func (*Auth) VerifyAccountCredentials ¶
This function returns whether the credentials for the account given in the function parameters are valid (true) or invalid (false).
func (*Auth) VerifyAccountCredentialsByEmail ¶
This function returns whether the credentials for the account with the email address given in the function parameters are valid (true) or invalid (false).
The function may fail if
- the account wasn't found in the database.
type AuthConfig ¶
type AuthConfig struct {
// Name of the database happi-auth uses.
// This should be reserved for usage with the library.
Database string
}
This type holds information for setting up the database for usage happi-auth.
Source Files
Directories