ComparePasswords compares a plaintext password against a hashed password, returning true if they match, false otherwise.

ConsoleDebug prints a message to the console if the following we are running in the dev or test environment and we are not running automated tests.

Context returns an APTContext object, which includes global config settings and a connection to the postgres database.

CopyFile copies the file at src path to dst path.

CountryCodeAndPhone returns the country code and phone number for a phoneNumber in format that begins with plus country code, e.g.

EncryptPassword returns the password run through bcrypt 2a with the specified salt and cost.

Expands the tilde in a directory path to the current user's home directory.

Returns true if the file at path exists, false if not.

Hash returns an encrypted version of plaintext that cannot be decrypted.

InterfaceList converts a list of strings to a list of interfaces.

IsEmptyString returns true if str, stripped of leading and trailing whitespace, is empty.

IsTrueString returns true if param s is "true", "yes", or "1".

ListIsEmpty returns true if the slice contains no elements, or if all the elements are empty strings.

LoadRelativeFile loads the file at the specified path relative to ProjectRoot() and returns the contents as a byte array.

LooksEncrypted returns true if string s looks like it's been through our EncryptePassword fuction.

LooksLikeUUID returns true if uuid looks like a valid UUID.

Returns a new config based on APT_ENV.

NewOTP returns a six-digit code suitable for use as a one-time password.

PasswordMeetsRequirements returns true if param pwd meets our minimum password requirements.

PrintAndExit prints a message to STDERR and exits.

ProjectRoot returns the project root.

RandomToken returns a string of random hex digits suitable for use as a secure token.

SanitizeIdentifier strips everything but letters, numbers, underscores periods and double quotes from str.

SplitCamelCase splits camel-case identifiers into multiple words.

TestsAreRunning returns true when code is running under "go test".

ToHumanSize converts a raw byte count (size) to a human-friendly representation.

Cost is the cost of the bcrypt digest.

EncryptedTokenPrefix is the prefix that should appear on all our encrypted passwords and tokens in the database.

ErrAccountDeactivated means the user logged in to a deactivated account.

ErrActiveFiles occurs when we try to delete an IntellectualObject that has active files.

ErrAlreadyHasAuthyID occurs when we try to register a user with Authy and they already have an Authy ID.

ErrCountTypeNotSupported indicates that we cannot get counts for the given type from the *_counts views.

ErrMissingReferer means we got a cross-site request on an unsafe methods such as POST, PUT, DELETE.

ErrDecodeCookie occurs when we get a bad authentication cookie.

ErrIdentifierChange occurs when someone tries to change the identifier of a resource.

ErrIDMismatch can indicate that the specified resource does not belong to the specified institition, or (more likely) that resource/institution IDs in a URL do not match resource/institution IDs submitted in the PUT/POST body of an HTML request.

ErrInstIDChange occurs when someone tries to change the institution id of a resource.

ErrInternal is a runtime error that is not the user's fault, hence probably the programmer's fault.

ErrInvalidAPICredentials means the user supplied the wrong email or API token while trying to access a REST API endpoint.

ErrInvalidCSRFToken is specifically for POST/PUT/DELETE where we have a missing or invalid CSRF token.

ErrInvalidLogin means the user supplied the wrong login name or password while trying to sign in.

ErrInvalidObjectID occurs when requesting a batch deletion that contains one or more invalid object ids.

ErrInvalidParam means the HTTP request contained an invalid parameter.

ErrInvalidRequestorID occurs when APTrust admin submits batch delete request on behalf of a user who is not allowed to initiate a batch deletion.

ErrInvalidToken means that the token presented for an action like password reset or deletion confirmation does not match the encrypted token in the database.

ErrMissingReferer means the request had no http referer header, so we can't tell where it came from.

ErrMustCompleteReset occurs when a user is supposed to be resetting their own password but tries instead to reset someone else's.

ErrNoAuthyID occurs when a user requests two-factor login via Authy but does not have an Authy ID.

ErrNotSignedIn means user has not signed in.

ErrNotSupported is an internal error that occurs, for example, when we try to delete an object that does not support deletion.

ErrParentRecordNotFound occurs when we cannot find the parent record required to check a user's permission.

ErrPasswordReqs indicates that the password the user is trying to set does not meet minimum requirements.

ErrPendingWorkItems occurs when a user wants to restore or delete an object or file but the WorkItems list shows other operations are pending on that item.

ErrPermissionDenied means the user tried to access a resource withouth sufficient permission.

ErrRequestAlreadyApproved occurs when someone tries to approve or cancel a request that was previously approved.

ErrRequestAlreadyCancelled occurs when someone tries to approve or cancel a request that was previously cancelled.

ErrResourcePermission occurs when Authorization middleware cannot determine which permission is required to access the specified resoruce.

ErrStorageOptionChange indicates someone tried to change the storage option on an active object.

ErrSubclassMustImplement indicates that a subclass has not implemented a method inherited from a base class.

ErrWrongAPI occurs when a non-admin user tries to access the admin API.

ErrWrongDataType occurs when the user submits data of the wrong type, such string data that cannot be converted to a number, bool, date, or whatever type the application is expecting.

DBConfig contains info for connecting to the Postgres database.

EmailConfig describes how to connect to Amazon SES or another SMTP service.

RetentionMinimum describes the minimum number of days items must remain in preservation storage before they can be deleted.

TwoFactorConfig contains info for sending push messages through Authy and SMS text messages through AWS SNS.