# Functions
AccessTokenByNameExists checks if a token name has been used already by a user.
CleanupSessions cleans up expired sessions.
ContainsCategory checks if a list of categories contains a specific category.
CountSessions returns the number of sessions.
CreateCredential will create a new WebAuthnCredential from the given Credential.
CreateOAuth2Application inserts a new oauth2 application.
CreateSource inserts a AuthSource in the DB if not already existing with the given name.
DeleteAccessTokenByID deletes access token by given ID.
DeleteCredential will delete WebAuthnCredential.
DeleteOAuth2Application deletes the application with the given id and the grants and auth codes related to it.
DeleteTwoFactorByID deletes two-factor authentication token by given ID.
DestroySession destroys a session.
ExistSession checks if a session exists.
ExistsWebAuthnCredentialsForUID returns if the given user has credentials.
GetAccessTokenBySHA returns access token by given token value.
GetActiveOAuth2SourceByName returns a OAuth2 AuthSource based on the given name.
GetOAuth2ApplicationByClientID returns the oauth2 application with the given client_id.
GetOAuth2ApplicationByID returns the oauth2 application with the given id.
GetOAuth2AuthorizationByCode returns an authorization by its code.
GetOAuth2GrantByID returns the grant with the given ID.
GetOAuth2GrantsByUserID lists all grants of a certain user.
GetRequiredScopes gets the specific scopes for a given level and categories.
GetScopeLevelFromAccessMode converts permission access mode to scope level.
GetSourceByID returns login source by given ID.
GetTwoFactorByUID returns the two-factor authentication token associated with the user, if any.
GetWebAuthnCredentialByCredID returns WebAuthn credential by credential ID.
GetWebAuthnCredentialByID returns WebAuthn credential by id.
GetWebAuthnCredentialByName returns WebAuthn credential by id.
GetWebAuthnCredentialsByUID returns all WebAuthn credentials of the given user.
HashToken return the hashable salt.
HasTwoFactorByUID returns the two-factor authentication token associated with the user, if any.
HasWebAuthnRegistrationsByUID returns whether a given user has WebAuthn registrations.
IsErrAccessTokenEmpty checks if an error is a ErrAccessTokenEmpty.
IsErrAccessTokenNotExist checks if an error is a ErrAccessTokenNotExist.
IsErrOAuthApplicationNotFound checks if an error is a ErrReviewNotExist.
IsErrOauthClientIDInvalid checks if an error is a ErrOAuthClientIDInvalid.
IsErrSourceAlreadyExist checks if an error is a ErrSourceAlreadyExist.
IsErrSourceInUse checks if an error is a ErrSourceInUse.
IsErrSourceNotExist checks if an error is a ErrSourceNotExist.
IsErrTwoFactorNotEnrolled checks if an error is a ErrTwoFactorNotEnrolled.
IsErrWebAuthnCredentialNotExist checks if an error is a ErrWebAuthnCredentialNotExist.
IsSSPIEnabled returns true if there is at least one activated login source of type LoginSSPI.
NewAccessToken creates new access token.
NewTwoFactor creates a new two-factor authentication token.
ReadSession reads the data for the provided session.
RegenerateSession regenerates a session from the old id.
RegisterTypeConfig register a config for a provided type.
RevokeOAuth2Grant deletes the grant with grantID and userID.
UpdateAccessToken updates information of access token.
UpdateOAuth2Application updates an oauth2 application.
UpdateSession updates the session with provided id.
UpdateSource updates a Source record in DB.
UpdateTwoFactor updates a two-factor authentication token.
WebAuthnCredentials implements the webauthn.User interface.
# Constants
for all categories, write implies read.
WARN: this is now just a placeholder, don't remove it which will change the following values.
limited to public orgs/repos.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
for all categories, write implies read.
5.
2.
Note: new type must append to the end of list to maintain compatibility.
6.
4.
1.
3.
7.
# Variables
AllAccessTokenScopeCategories contains all access token scope categories.
Names contains the name of LoginType values.
# Structs
AccessToken represents a personal access token.
CreateOAuth2ApplicationOptions holds options to create an oauth2 application.
ErrAccessTokenEmpty represents a "AccessTokenEmpty" kind of error.
ErrAccessTokenNotExist represents a "AccessTokenNotExist" kind of error.
ErrOAuthApplicationNotFound will be thrown if id cannot be found.
ErrOAuthClientIDInvalid will be thrown if client id cannot be found.
ErrSourceAlreadyExist represents a "SourceAlreadyExist" kind of error.
ErrSourceInUse represents a "SourceInUse" kind of error.
ErrSourceNotExist represents a "SourceNotExist" kind of error.
ErrTwoFactorNotEnrolled indicates that a user is not enrolled in two-factor authentication.
ErrWebAuthnCredentialNotExist represents a "ErrWebAuthnCRedentialNotExist" kind of error.
ListAccessTokensOptions contain filter options.
OAuth2Application represents an OAuth2 client (RFC 6749).
OAuth2AuthorizationCode is a code to obtain an access token in combination with the client secret once.
OAuth2Grant represents the permission of an user for a specific application to access resources.
Session represents a session compatible for go-chi session.
Source represents an external way for authorizing users.
TwoFactor represents a two-factor authentication token.
UpdateOAuth2ApplicationOptions holds options to update an oauth2 application.
WebAuthnCredential represents the WebAuthn credential data for a public-key credential conformant to WebAuthn Level 1.
# Interfaces
Config represents login config as far as the db is concerned.
HasTLSer configurations provide a HasTLS to check if TLS can be enabled.
RegisterableSource configurations provide RegisterSource which needs to be run on creation.
SkipVerifiable configurations provide a IsSkipVerify to check if SkipVerify is set.
SourceSettable configurations can have their authSource set on them.
SSHKeyProvider configurations provide ProvidesSSHKeys to check if they provide SSHKeys.
UseTLSer configurations provide a HasTLS to check if TLS is enabled.
# Type aliases
AccessTokenScope represents the scope for an access token.
AccessTokenScopeCategory represents the scope category for an access token.
AccessTokenScopeLevel represents the access levels without a given scope category.
Type represents an login type.
WebAuthnCredentialList is a list of *WebAuthnCredential.