TC
/
arozos


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146
							
package auth // import "imuslab.com/arozos/mod/auth"


FUNCTIONS

func Hash(raw string) string
    Hash the given raw string into sha512 hash


TYPES

type AuthAgent struct {
	//Session related
	SessionName             string
	SessionStore            *sessions.CookieStore
	Database                *db.Database
	LoginRedirectionHandler func(http.ResponseWriter, *http.Request)

	//Token related
	ExpireTime int64 //Set this to 0 to disable token access

	//Autologin Related
	AllowAutoLogin bool
	// Has unexported fields.
}

func NewAuthenticationAgent(sessionName string, key []byte, sysdb *db.Database, allowReg bool, loginRedirectionHandler func(http.ResponseWriter, *http.Request)) *AuthAgent
    Constructor

func (a *AuthAgent) CheckAuth(r *http.Request) bool
    Check authentication from request header's session value

func (a *AuthAgent) CheckLogin(w http.ResponseWriter, r *http.Request)
    Check if the user has logged in, return true / false in JSON

func (a *AuthAgent) ClearTokenStore()
    Run a token store scan and remove all expired tokens

func (a *AuthAgent) Close()
    Close the authAgent listener

func (a *AuthAgent) CreateUserAccount(newusername string, password string, group []string) error
    Create user account

func (a *AuthAgent) ExportUserListAsCSV() string
    Export all the users into a csv file. Should only be usable via command line
    as a form of db backup. DO NOT EXPOSE THIS TO HTTP SERVER

func (a *AuthAgent) GetTokenOwner(tokenString string) (string, error)
    Get the token owner from the given token

func (a *AuthAgent) GetTokensFromUsername(username string) []AutoLoginToken

func (a *AuthAgent) GetUserCounts() int
    Get the number of users in the system

func (a *AuthAgent) GetUserName(w http.ResponseWriter, r *http.Request) (string, error)
    Get the current session username from request

func (a *AuthAgent) GetUsernameFromToken(token string) (string, error)

func (a *AuthAgent) HandleAutologinTokenLogin(w http.ResponseWriter, r *http.Request)

func (a *AuthAgent) HandleCheckAuth(w http.ResponseWriter, r *http.Request, handler func(http.ResponseWriter, *http.Request))
    This function will handle an http request and redirect to the given login
    address if not logged in

func (a *AuthAgent) HandleCreateUserAccountsFromCSV(w http.ResponseWriter, r *http.Request)
    CreateUserAccountsFromCSV

    This function allow mass import of user accounts for organization purpses.
    Must be in the format of:{ username, default password, default group }
    format. Each user occupied one new line

func (a *AuthAgent) HandleLogin(w http.ResponseWriter, r *http.Request)
    Handle login request, require POST username and password

func (a *AuthAgent) HandleLogout(w http.ResponseWriter, r *http.Request)
    Handle logout, reply OK after logged out. WILL NOT DO REDIRECTION

func (a *AuthAgent) HandleRegister(w http.ResponseWriter, r *http.Request)
    Handle new user register. Require POST username, password, group.

func (a *AuthAgent) HandleUnregister(w http.ResponseWriter, r *http.Request)
    Handle de-register of users. Require POST username. THIS FUNCTION WILL NOT
    CHECK FOR PERMISSION. PLEASE USE WITH PERMISSION HANDLER

func (a *AuthAgent) HandleUserDeleteByGroup(w http.ResponseWriter, r *http.Request)
    HandleUserDeleteByGroup handles user batch delete request by group name Set
    exact = true will only delete users which the user is 1. inside the given
    group and 2. that group is his / her only group

    Require paramter: group, exact

func (a *AuthAgent) ListUsers() []string
    List all username within the system

func (a *AuthAgent) LoadAutologinTokenFromDB() error

func (a *AuthAgent) LoginUserByRequest(w http.ResponseWriter, r *http.Request, username string, rememberme bool)

func (a *AuthAgent) Logout(w http.ResponseWriter, r *http.Request) error

func (a *AuthAgent) NewAutologinToken(username string) string

func (a *AuthAgent) NewToken(owner string) string
    Generate and return a new token that will be valid for the given time

func (a *AuthAgent) NewTokenFromRequest(w http.ResponseWriter, r *http.Request) (string, error)
    Create a new token based on the given HTTP request

func (a *AuthAgent) RegisterPublicAPIs(ep AuthEndpoints)
    Register APIs that requires public access

func (a *AuthAgent) RemoveAutologinToken(token string)

func (a *AuthAgent) RemoveAutologinTokenByUsername(username string)

func (a *AuthAgent) TokenValid(tokenString string) bool
    validate if the given token is valid

func (a *AuthAgent) UnregisterUser(username string) error

func (a *AuthAgent) UpdateSessionExpireTime(w http.ResponseWriter, r *http.Request) bool
    Update the session expire time given the request header.

func (a *AuthAgent) UserExists(username string) bool
    Check if the given username exists

func (a *AuthAgent) ValidateUsernameAndPassword(username string, password string) bool

type AuthEndpoints struct {
	Login         string
	Logout        string
	Register      string
	CheckLoggedIn string
	Autologin     string
}

type AutoLoginToken struct {
	Owner string
	Token string
}
    Autologin token. This token will not expire until admin removal