auth

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 22, 2021 License: MIT Imports: 3 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrAffiliationNameEmpty           = errors.New("auth: affiliation name is empty")
	ErrAffiliationOwnerUserIDEmpty    = errors.New("auth: affiliation owner user id is empty")
	ErrAffiliationSharedWalletIDEmpty = errors.New("auth: affiliation shared wallet id is empty")
	ErrAffiliationStreetAddressEmpty  = errors.New("auth: affiliation street address is empty")
	ErrAffiliationCityEmpty           = errors.New("auth: affiliation city is empty")
	ErrAffiliationStateEmpty          = errors.New("auth: affiliation state is empty")
	ErrAffiliationCountryISOEmpty     = errors.New("auth: affiliation country iso is empty")
	ErrAffiliationZipCodeEmpty        = errors.New("auth: affiliation zip code is empty")
	ErrAffiliationContactEmailEmpty   = errors.New("auth: affiliation contact email is empty")
)

Functions

func CheckoutMFA

func CheckoutMFA(userID uint64, extentionType string) (string, error)

Read

func ClearMFA

func ClearMFA(userID uint64, extentionType string) error

Delete

func ConfirmMFA

func ConfirmMFA(userID uint64, extentionType string) error

Update

func CreateAffiliation

func CreateAffiliation(affiliation *Affiliation) error

func DeleteTmpEntry

func DeleteTmpEntry(userID uint64, extentionType, indexKey string) error

Delete

func EnabledMFA

func EnabledMFA(userID uint64) ([]string, error)

func InitMFA

func InitMFA(userID uint64, extentionType, extentionData string) error

Create

func InsertTmpEntry

func InsertTmpEntry(userID uint64, extentionType, indexKey, storedValue string) error

*********** Temporary Database *********** Create

func MFAEnabled

func MFAEnabled(userID uint64, extentionType string) (bool, error)

Read

func ReadTmpEntry

func ReadTmpEntry(userID uint64, extentionType, indexKey string) (string, error)

Read

func Setup

func Setup(dbConn *sql.DB, tblPrefixOverride string)

func UpdateMFA

func UpdateMFA(userID uint64, extentionType, extentionData string) error

Update

func UpdateTmpEntry

func UpdateTmpEntry(userID uint64, extentionType, indexKey, storedValue string) error

Update

Types

type Affiliation

type Affiliation struct {
	Name           string
	ParentID       uint64
	OwnerUserID    uint64 // must be a valid user id with a wallet (to be shared among users with permission)
	SharedWalletID uint64 // must be a valid wallet id
	StreetAddress  string
	Suite          string
	City           string
	State          string
	CountryISO     string
	ZipCode        string
	ContactEmail   string
	// contains filtered or unexported fields
}

func GetAffiliationByID

func GetAffiliationByID(id uint64) (*Affiliation, error)

func (*Affiliation) Parent

func (affiliation *Affiliation) Parent() (*Affiliation, error)

func (*Affiliation) UpdateAffiliation

func (affiliation *Affiliation) UpdateAffiliation() error

type MultiFactorAuthentication

type MultiFactorAuthentication interface {
	Registered(userID uint64) bool

	// Register associate a MFA credential to user
	InitSignUp(userID uint64, username string) (map[string]interface{}, error)
	CompleteSignUp(userID uint64, mfaConf map[string]string) error

	// Challenge is called when user try to verify identity using the selected MFA.
	NewChallenge(userID uint64) (map[string]interface{}, error)
	SubmitChallenge(userID uint64, challengeResponse map[string]string) error

	// Remove the MFA credential from the database
	Remove(userID uint64) error
}

type Role

type Role uint32
const (
	/************ Global Role ************/
	GLOBAL_EVALUATION_USER Role = 1 << iota // EVALUATION_USER may not order products
	GLOBAL_PRODUCTION_USER                  // PRODUCTION_USER may order products
	GLOBAL_INTERNAL_USER                    // STAGING_USER may order products free of charge
	GLOBAL_ADMIN                            // ADMIN owns all access to management interface

	/************ Exemptional Role ************/
	EXEMPT_MARKETING_CONTACT // User won't be contacted for marketing purposes
	EXEMPT_BILLING_CONTACT   // User won't be notified for billing updates
	EXEMPT_SUPPORT_CONTACT   // User won't be notified for supporting case updates

	/************ Affiliation Role ************/
	// Affiliations (enterprises) may purchase products and set them
	// to be shared by users
	AFFILIATION_ACCOUNT_USER  // ACCOUNT_USER is a user belong to an enterprise
	AFFILIATION_ACCOUNT_ADMIN // ACCOUNT_ADMIN may create users and manage users (assigning roles, etc)

	AFFILIATION_PRODUCT_USER  // PRODUCT_USER may only view(and use) products
	AFFILIATION_PRODUCT_ADMIN // PRODUCT_ADMIN may create and edit shared products

	AFFILIATION_BILLING_USER  // BILLING_USER may purchase products with Affiliation-owned wallet
	AFFILIATION_BILLING_ADMIN // BILLING_ADMIN may deposit funds into Affiliation-owned wallet and view/manage associated products

	ROLELESS Role = 0
)

Known roles as unambiguous binary flags allowing cascading

func Roles

func Roles(roles ...Role) Role

func (Role) AddRole

func (r Role) AddRole(role Role) Role

func (Role) Includes

func (r Role) Includes(other Role) bool

func (Role) RemoveRole

func (r Role) RemoveRole(role Role) Role

type User

type User struct {
	Email         string `json:"email"`
	Password      string `json:"password"` // HMAC-Hashed
	Role          Role   `json:"role"`
	AffiliationID uint64 `json:"affiliation"`
	// contains filtered or unexported fields
}

func GetUserByEmailPassword

func GetUserByEmailPassword(email, password string) (*User, error)

GetUserByEmail should be called for user login return nil, err when error/mismatch

func GetUserByID

func GetUserByID(id uint64) (*User, error)

GetUserByID should be called only after the user has been authenticated (Token validated)

func GetUsersByAffiliationID

func GetUsersByAffiliationID(affiliationID uint64) ([]*User, error)

func (*User) CreateUser

func (user *User) CreateUser() error

CreateUser should be called when registering a new user

func (*User) ID added in v0.1.3

func (user *User) ID() uint64

func (*User) Info

func (user *User) Info() (*UserInfo, error)

func (*User) NewUserInfo

func (user *User) NewUserInfo(info *UserInfo) error

func (*User) UpdateInfo

func (user *User) UpdateInfo(info *UserInfo) error

func (*User) UpdateUser

func (user *User) UpdateUser() error

UpdateUser

func (*User) UserEmailExists

func (user *User) UserEmailExists() (bool, error)

UserEmailExists should be called before submitting user creation form.

func (*User) WipeUserData

func (user *User) WipeUserData() error

Wipe User Data

type UserInfo

type UserInfo struct {
	// Personal Info - Mandatory
	FirstName string `json:"first_name"` // Preferred First Name
	LastName  string `json:"last_name"`  // Preferred Last Name

	// Billing Info - Optional
	StreetAddress string `json:"street_address"`
	Suite         string `json:"suite"`
	City          string `json:"city"`
	State         string `json:"state"`
	CountryISO    string `json:"country_iso"`
	ZipCode       string `json:"zip_code"`
}

Directories

Path Synopsis
examples
mfa

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL