You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
53 lines
1.8 KiB
Go
53 lines
1.8 KiB
Go
package auth
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"git.phc.dm.unipi.it/phc/website/model"
|
|
)
|
|
|
|
// ErrInvalidSession is thrown when an AuthenticatorService is given a missing
|
|
// or invalid session token
|
|
var ErrInvalidSession = fmt.Errorf(`invalid session token`)
|
|
|
|
// Service is an authentication service abstraction. When a user is logged in a
|
|
// new session token is returned, this can be used to read and modify user
|
|
// properties without having to re-send the user password. (TODO: implement
|
|
// token renewal)
|
|
type Service interface {
|
|
// GetUser retrieves the user info given the username
|
|
GetUser(username string) (*model.User, error)
|
|
// GetUsers retrieves the full user list from the authentication service
|
|
GetUsers() ([]*model.User, error)
|
|
// GetSession retrieves the user session associated to a session token
|
|
GetSession(token string) (*model.Session, error)
|
|
// Login tries to log in a user given username and password and if successful returns a new user session
|
|
Login(username, password string) (*model.Session, error)
|
|
}
|
|
|
|
// UserForSession returns the user linked to the given session token, this is just a shortcut for calling [AuthenticatorService.GetSession] and then [AuthenticatorService.GetUser]
|
|
func UserForSession(as Service, token string) (*model.User, error) {
|
|
session, err := as.GetSession(token)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
user, err := as.GetUser(session.Username)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return user, nil
|
|
}
|
|
|
|
// NewDefaultService create an AuthenticatorService given an "host" string,
|
|
// If host is ":memory:" then this uses the [auth.Memory] implementation,
|
|
// otherwise for now this defaults to [auth.LDAPAuthService]
|
|
func NewDefaultService(host string) Service {
|
|
if host == ":memory:" {
|
|
return exampleMemoryUsers
|
|
}
|
|
|
|
return newLDAPAuthService(host)
|
|
}
|