| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146 | package auth // import "imuslab.com/arozos/mod/auth"FUNCTIONSfunc Hash(raw string) string    Hash the given raw string into sha512 hashTYPEStype AuthAgent struct {	//Session related	SessionName             string	SessionStore            *sessions.CookieStore	Database                *db.Database	LoginRedirectionHandler func(http.ResponseWriter, *http.Request)	//Token related	ExpireTime int64 //Set this to 0 to disable token access	//Autologin Related	AllowAutoLogin bool	// Has unexported fields.}func NewAuthenticationAgent(sessionName string, key []byte, sysdb *db.Database, allowReg bool, loginRedirectionHandler func(http.ResponseWriter, *http.Request)) *AuthAgent    Constructorfunc (a *AuthAgent) CheckAuth(r *http.Request) bool    Check authentication from request header's session valuefunc (a *AuthAgent) CheckLogin(w http.ResponseWriter, r *http.Request)    Check if the user has logged in, return true / false in JSONfunc (a *AuthAgent) ClearTokenStore()    Run a token store scan and remove all expired tokensfunc (a *AuthAgent) Close()    Close the authAgent listenerfunc (a *AuthAgent) CreateUserAccount(newusername string, password string, group []string) error    Create user accountfunc (a *AuthAgent) ExportUserListAsCSV() string    Export all the users into a csv file. Should only be usable via command line    as a form of db backup. DO NOT EXPOSE THIS TO HTTP SERVERfunc (a *AuthAgent) GetTokenOwner(tokenString string) (string, error)    Get the token owner from the given tokenfunc (a *AuthAgent) GetTokensFromUsername(username string) []AutoLoginTokenfunc (a *AuthAgent) GetUserCounts() int    Get the number of users in the systemfunc (a *AuthAgent) GetUserName(w http.ResponseWriter, r *http.Request) (string, error)    Get the current session username from requestfunc (a *AuthAgent) GetUsernameFromToken(token string) (string, error)func (a *AuthAgent) HandleAutologinTokenLogin(w http.ResponseWriter, r *http.Request)func (a *AuthAgent) HandleCheckAuth(w http.ResponseWriter, r *http.Request, handler func(http.ResponseWriter, *http.Request))    This function will handle an http request and redirect to the given login    address if not logged infunc (a *AuthAgent) HandleCreateUserAccountsFromCSV(w http.ResponseWriter, r *http.Request)    CreateUserAccountsFromCSV    This function allow mass import of user accounts for organization purpses.    Must be in the format of:{ username, default password, default group }    format. Each user occupied one new linefunc (a *AuthAgent) HandleLogin(w http.ResponseWriter, r *http.Request)    Handle login request, require POST username and passwordfunc (a *AuthAgent) HandleLogout(w http.ResponseWriter, r *http.Request)    Handle logout, reply OK after logged out. WILL NOT DO REDIRECTIONfunc (a *AuthAgent) HandleRegister(w http.ResponseWriter, r *http.Request)    Handle new user register. Require POST username, password, group.func (a *AuthAgent) HandleUnregister(w http.ResponseWriter, r *http.Request)    Handle de-register of users. Require POST username. THIS FUNCTION WILL NOT    CHECK FOR PERMISSION. PLEASE USE WITH PERMISSION HANDLERfunc (a *AuthAgent) HandleUserDeleteByGroup(w http.ResponseWriter, r *http.Request)    HandleUserDeleteByGroup handles user batch delete request by group name Set    exact = true will only delete users which the user is 1. inside the given    group and 2. that group is his / her only group    Require paramter: group, exactfunc (a *AuthAgent) ListUsers() []string    List all username within the systemfunc (a *AuthAgent) LoadAutologinTokenFromDB() errorfunc (a *AuthAgent) LoginUserByRequest(w http.ResponseWriter, r *http.Request, username string, rememberme bool)func (a *AuthAgent) Logout(w http.ResponseWriter, r *http.Request) errorfunc (a *AuthAgent) NewAutologinToken(username string) stringfunc (a *AuthAgent) NewToken(owner string) string    Generate and return a new token that will be valid for the given timefunc (a *AuthAgent) NewTokenFromRequest(w http.ResponseWriter, r *http.Request) (string, error)    Create a new token based on the given HTTP requestfunc (a *AuthAgent) RegisterPublicAPIs(ep AuthEndpoints)    Register APIs that requires public accessfunc (a *AuthAgent) RemoveAutologinToken(token string)func (a *AuthAgent) RemoveAutologinTokenByUsername(username string)func (a *AuthAgent) TokenValid(tokenString string) bool    validate if the given token is validfunc (a *AuthAgent) UnregisterUser(username string) errorfunc (a *AuthAgent) UpdateSessionExpireTime(w http.ResponseWriter, r *http.Request) bool    Update the session expire time given the request header.func (a *AuthAgent) UserExists(username string) bool    Check if the given username existsfunc (a *AuthAgent) ValidateUsernameAndPassword(username string, password string) booltype AuthEndpoints struct {	Login         string	Logout        string	Register      string	CheckLoggedIn string	Autologin     string}type AutoLoginToken struct {	Owner string	Token string}    Autologin token. This token will not expire until admin removal
 |