authboss/storage.go

package authboss

// A concious decision was made to put all storer
// and user types into this file despite them truly
// belonging to outside modules. The reason for this
// is because documentation-wise, it was previously
// difficult to find what you had to implement or even
// what you could implement.

import (
	"context"

	"github.com/pkg/errors"
)

// Data store constants for attribute names.
const (
	StoreEmail    = "email"
	StoreUsername = "username"
	StorePassword = "password"
)

// Data store constants for OAuth2 attribute names.
const (
	StoreOAuth2UID      = "oauth2_uid"
	StoreOAuth2Provider = "oauth2_provider"
	StoreOAuth2Token    = "oauth2_token"
	StoreOAuth2Refresh  = "oauth2_refresh"
	StoreOAuth2Expiry   = "oauth2_expiry"
)

var (
	// ErrUserFound should be returned from Create (see ConfirmUser) when the primaryID
	// of the record is found.
	ErrUserFound = errors.New("user found")
	// ErrUserNotFound should be returned from Get when the record is not found.
	ErrUserNotFound = errors.New("user not found")
	// ErrTokenNotFound should be returned from UseToken when the record is not found.
	ErrTokenNotFound = errors.New("token not found")
)

// ServerStorer represents the data store that's capable of loading users
// and giving them a context with which to store themselves.
type ServerStorer interface {
	// Load will look up the user based on the passed the PrimaryID
	Load(ctx context.Context, key string) (User, error)

	// Save persists the user in the database, this should never
	// create a user and instead return ErrUserNotFound if the user
	// does not exist.
	Save(ctx context.Context, user User) error
}

// CreatingServerStorer is used for creating new users
// like when Registration is being done.
type CreatingServerStorer interface {
	ServerStorer

	// New creates a blank user, it is not yet persisted in the database
	// but is just for storing data
	New(ctx context.Context) User
	// Create the user in storage, it should not overwrite a user
	// and should return ErrUserFound if it currently exists.
	Create(ctx context.Context, user User) error
}

// ConfirmingServerStorer can find a user by a confirm token
type ConfirmingServerStorer interface {
	ServerStorer

	// LoadByConfirmToken finds a user by his confirm token field
	// and should return ErrUserNotFound if that user cannot be found.
	LoadByConfirmToken(ctx context.Context, token string) (ConfirmableUser, error)
}

// RecoveringServerStorer allows users to be recovered by a token
type RecoveringServerStorer interface {
	ServerStorer

	// LoadByRecoverToken finds a user by his recover token field
	// and should return ErrUserNotFound if that user cannot be found.
	LoadByRecoverToken(ctx context.Context, token string) (RecoverableUser, error)
}

// RememberingServerStorer allows users to be remembered across sessions
type RememberingServerStorer interface {
	// AddRememberToken to a user
	AddRememberToken(pid, token string) error
	// DelRememberTokens removes all tokens for the given pid
	DelRememberTokens(pid string) error
	// UseRememberToken finds the pid-token pair and deletes it.
	// If the token could not be found return ErrTokenNotFound
	UseRememberToken(pid, token string) error
}

// EnsureCanCreate makes sure the server storer supports create operations
func EnsureCanCreate(storer ServerStorer) CreatingServerStorer {
	s, ok := storer.(CreatingServerStorer)
	if !ok {
		panic("could not upgrade ServerStorer to CreatingServerStorer, check your struct")
	}

	return s
}

// EnsureCanConfirm makes sure the server storer supports confirm-lookup operations
func EnsureCanConfirm(storer ServerStorer) ConfirmingServerStorer {
	s, ok := storer.(ConfirmingServerStorer)
	if !ok {
		panic("could not upgrade ServerStorer to ConfirmingServerStorer, check your struct")
	}

	return s
}

// EnsureCanRecover makes sure the server storer supports confirm-lookup operations
func EnsureCanRecover(storer ServerStorer) RecoveringServerStorer {
	s, ok := storer.(RecoveringServerStorer)
	if !ok {
		panic("could not upgrade ServerStorer to RecoveringServerStorer, check your struct")
	}

	return s
}

// EnsureCanRemember makes sure the server storer supports remember operations
func EnsureCanRemember(storer ServerStorer) RememberingServerStorer {
	s, ok := storer.(RememberingServerStorer)
	if !ok {
		panic("could not upgrade ServerStorer to RememberingServerStorer, check your struct")
	}

	return s
}
Add some more infrastructure. - Add module system. - Add storer interface. 2015-01-03 22:03:57 +02:00			`package authboss`

Adjust mocks and code to fit new register - Document various gotchas about Preserve fields. - Move configuration around to the proper modules. 2018-02-26 01:20:57 +02:00			`// A concious decision was made to put all storer`
			`// and user types into this file despite them truly`
			`// belonging to outside modules. The reason for this`
			`// is because documentation-wise, it was previously`
			`// difficult to find what you had to implement or even`
			`// what you could implement.`

Add some more infrastructure. - Add module system. - Add storer interface. 2015-01-03 22:03:57 +02:00			`import (`
Prototyping 2017-02-21 00:28:38 +02:00			`"context"`
Fix errors package - Fix many compilation errors 2017-02-22 01:04:30 +02:00
			`"github.com/pkg/errors"`
Add some more infrastructure. - Add module system. - Add storer interface. 2015-01-03 22:03:57 +02:00			`)`

Finish confirm module (except tests). 2015-02-10 10:43:45 +02:00			`// Data store constants for attribute names.`
			`const (`
Finish tests for confirm. - Rename UserXXX to StoreXXX in confirm/authboss. 2015-02-16 23:27:29 +02:00			`StoreEmail = "email"`
			`StoreUsername = "username"`
			`StorePassword = "password"`
Finish confirm module (except tests). 2015-02-10 10:43:45 +02:00			`)`

Add initial oauth2 support. - Needs more providers and more tests. 2015-03-13 04:20:36 +02:00			`// Data store constants for OAuth2 attribute names.`
			`const (`
Make OAuth2 implementation less shoddy. - Add a new storer specifically for OAuth2 to enable clients to choose regular database storing OR Oauth2 but not have to have both. - Stop storing OAuth2 credentials in a combined form inside username. - Add new events to capture OAuth events just like auth. - Have pass-through parameters for OAuth init urls, this allows us to pass additional behavior options (redirects and remember me) as well as other things that should be present on the page that is redirected to. - Context.LoadUser is now OAuth aware. - Remember's callbacks now include an OAuth check to see if a horribly packed state variable contains a flag to say that we want to be remembered. - Change the OAuth2 Callback to use Attributes instead of that custom struct to allow people to append whatever attributes they want into the user that will be saved. 2015-03-14 01:23:43 +02:00			`StoreOAuth2UID = "oauth2_uid"`
			`StoreOAuth2Provider = "oauth2_provider"`
			`StoreOAuth2Token = "oauth2_token"`
			`StoreOAuth2Refresh = "oauth2_refresh"`
			`StoreOAuth2Expiry = "oauth2_expiry"`
Add initial oauth2 support. - Needs more providers and more tests. 2015-03-13 04:20:36 +02:00			`)`

Cleanup various sad things. - Export ModuleAttrMeta so the modules can access it. - Add a couple new events for later use. - Fix a few compile errors. - Prefix err constants with Err. 2015-01-24 01:56:24 +02:00			`var (`
Rewrite the remember module - Add context keys and storage pieces for remember 2018-03-08 01:13:06 +02:00			`// ErrUserFound should be returned from Create (see ConfirmUser) when the primaryID`
			`// of the record is found.`
			`ErrUserFound = errors.New("user found")`
More work on cleaning up recover - Add email layouts 2015-02-02 00:17:18 +02:00			`// ErrUserNotFound should be returned from Get when the record is not found.`
Fix errors package - Fix many compilation errors 2017-02-22 01:04:30 +02:00			`ErrUserNotFound = errors.New("user not found")`
More work on cleaning up recover - Add email layouts 2015-02-02 00:17:18 +02:00			`// ErrTokenNotFound should be returned from UseToken when the record is not found.`
Fix errors package - Fix many compilation errors 2017-02-22 01:04:30 +02:00			`ErrTokenNotFound = errors.New("token not found")`
Cleanup various sad things. - Export ModuleAttrMeta so the modules can access it. - Add a couple new events for later use. - Fix a few compile errors. - Prefix err constants with Err. 2015-01-24 01:56:24 +02:00			`)`
Add many new files and types. - Add context. - Add handler type. - Add new storers for client storage and sessions. - Add start of remember module. 2015-01-11 08:52:39 +02:00
Re(move) swaths of code - Document more things - Remove module code - Remove callbacks code - Remove data makers, flash messages, and context providers in exchange for middlewares that use context (unwritten) - Move more implementations (responses, redirector, router) to defaults package - Rename key interfaces (again), Storer -> User, StoreLoader -> ServerStorer (opposite of ClientStateStorer) if this is the last time I rename these I'll be shocked 2018-02-01 03:07:11 +02:00			`// ServerStorer represents the data store that's capable of loading users`
Prototyping 2017-02-21 00:28:38 +02:00			`// and giving them a context with which to store themselves.`
Re(move) swaths of code - Document more things - Remove module code - Remove callbacks code - Remove data makers, flash messages, and context providers in exchange for middlewares that use context (unwritten) - Move more implementations (responses, redirector, router) to defaults package - Rename key interfaces (again), Storer -> User, StoreLoader -> ServerStorer (opposite of ClientStateStorer) if this is the last time I rename these I'll be shocked 2018-02-01 03:07:11 +02:00			`type ServerStorer interface {`
			`// Load will look up the user based on the passed the PrimaryID`
			`Load(ctx context.Context, key string) (User, error)`

Adjust mocks and code to fit new register - Document various gotchas about Preserve fields. - Move configuration around to the proper modules. 2018-02-26 01:20:57 +02:00			`// Save persists the user in the database, this should never`
			`// create a user and instead return ErrUserNotFound if the user`
			`// does not exist.`
Re(move) swaths of code - Document more things - Remove module code - Remove callbacks code - Remove data makers, flash messages, and context providers in exchange for middlewares that use context (unwritten) - Move more implementations (responses, redirector, router) to defaults package - Rename key interfaces (again), Storer -> User, StoreLoader -> ServerStorer (opposite of ClientStateStorer) if this is the last time I rename these I'll be shocked 2018-02-01 03:07:11 +02:00			`Save(ctx context.Context, user User) error`
Prototyping 2017-02-21 00:28:38 +02:00			`}`
Add many new files and types. - Add context. - Add handler type. - Add new storers for client storage and sessions. - Add start of remember module. 2015-01-11 08:52:39 +02:00
Adjust mocks and code to fit new register - Document various gotchas about Preserve fields. - Move configuration around to the proper modules. 2018-02-26 01:20:57 +02:00			`// CreatingServerStorer is used for creating new users`
			`// like when Registration is being done.`
			`type CreatingServerStorer interface {`
Fully re-implement recover - Add back the feature to log in after password recovery - Add new storer functionality to mocks - Add RecoveringServerStorer - Add RecoverableUser - Add RecoverStartValuer, RecoverMiddleValuer, RecoverEndValuer - Change storers to differentiate between tokens (recover vs confirm) - Change BCryptCost to be a generic module configuration (doesn't belong to register) 2018-03-06 03:47:11 +02:00			`ServerStorer`

Adjust mocks and code to fit new register - Document various gotchas about Preserve fields. - Move configuration around to the proper modules. 2018-02-26 01:20:57 +02:00			`// New creates a blank user, it is not yet persisted in the database`
			`// but is just for storing data`
			`New(ctx context.Context) User`
			`// Create the user in storage, it should not overwrite a user`
			`// and should return ErrUserFound if it currently exists.`
			`Create(ctx context.Context, user User) error`
			`}`

Split up users and storers into separate files - Add storers & users for confirm module 2018-02-26 01:32:27 +02:00			`// ConfirmingServerStorer can find a user by a confirm token`
			`type ConfirmingServerStorer interface {`
Fully re-implement recover - Add back the feature to log in after password recovery - Add new storer functionality to mocks - Add RecoveringServerStorer - Add RecoverableUser - Add RecoverStartValuer, RecoverMiddleValuer, RecoverEndValuer - Change storers to differentiate between tokens (recover vs confirm) - Change BCryptCost to be a generic module configuration (doesn't belong to register) 2018-03-06 03:47:11 +02:00			`ServerStorer`

			`// LoadByConfirmToken finds a user by his confirm token field`
			`// and should return ErrUserNotFound if that user cannot be found.`
			`LoadByConfirmToken(ctx context.Context, token string) (ConfirmableUser, error)`
			`}`

			`// RecoveringServerStorer allows users to be recovered by a token`
			`type RecoveringServerStorer interface {`
			`ServerStorer`

			`// LoadByRecoverToken finds a user by his recover token field`
			`// and should return ErrUserNotFound if that user cannot be found.`
			`LoadByRecoverToken(ctx context.Context, token string) (RecoverableUser, error)`
Split up users and storers into separate files - Add storers & users for confirm module 2018-02-26 01:32:27 +02:00			`}`

Rewrite the remember module - Add context keys and storage pieces for remember 2018-03-08 01:13:06 +02:00			`// RememberingServerStorer allows users to be remembered across sessions`
			`type RememberingServerStorer interface {`
			`// AddRememberToken to a user`
			`AddRememberToken(pid, token string) error`
			`// DelRememberTokens removes all tokens for the given pid`
			`DelRememberTokens(pid string) error`
			`// UseRememberToken finds the pid-token pair and deletes it.`
			`// If the token could not be found return ErrTokenNotFound`
			`UseRememberToken(pid, token string) error`
			`}`

Adjust mocks and code to fit new register - Document various gotchas about Preserve fields. - Move configuration around to the proper modules. 2018-02-26 01:20:57 +02:00			`// EnsureCanCreate makes sure the server storer supports create operations`
			`func EnsureCanCreate(storer ServerStorer) CreatingServerStorer {`
			`s, ok := storer.(CreatingServerStorer)`
			`if !ok {`
Rewrite the remember module - Add context keys and storage pieces for remember 2018-03-08 01:13:06 +02:00			`panic("could not upgrade ServerStorer to CreatingServerStorer, check your struct")`
Adjust mocks and code to fit new register - Document various gotchas about Preserve fields. - Move configuration around to the proper modules. 2018-02-26 01:20:57 +02:00			`}`

			`return s`
			`}`

Split up users and storers into separate files - Add storers & users for confirm module 2018-02-26 01:32:27 +02:00			`// EnsureCanConfirm makes sure the server storer supports confirm-lookup operations`
			`func EnsureCanConfirm(storer ServerStorer) ConfirmingServerStorer {`
			`s, ok := storer.(ConfirmingServerStorer)`
			`if !ok {`
Rewrite the remember module - Add context keys and storage pieces for remember 2018-03-08 01:13:06 +02:00			`panic("could not upgrade ServerStorer to ConfirmingServerStorer, check your struct")`
Rewrite auth module Discovered many problems with the abstractions along the way and did small fixes to get to the end of the auth module. - Use more constants for random strings - Create forcing functions to deal with the upgrades to different interfaces 2018-02-05 07:24:55 +02:00			`}`
Split up users and storers into separate files - Add storers & users for confirm module 2018-02-26 01:32:27 +02:00
			`return s`
Rewrite auth module Discovered many problems with the abstractions along the way and did small fixes to get to the end of the auth module. - Use more constants for random strings - Create forcing functions to deal with the upgrades to different interfaces 2018-02-05 07:24:55 +02:00			`}`
Fully re-implement recover - Add back the feature to log in after password recovery - Add new storer functionality to mocks - Add RecoveringServerStorer - Add RecoverableUser - Add RecoverStartValuer, RecoverMiddleValuer, RecoverEndValuer - Change storers to differentiate between tokens (recover vs confirm) - Change BCryptCost to be a generic module configuration (doesn't belong to register) 2018-03-06 03:47:11 +02:00
			`// EnsureCanRecover makes sure the server storer supports confirm-lookup operations`
			`func EnsureCanRecover(storer ServerStorer) RecoveringServerStorer {`
			`s, ok := storer.(RecoveringServerStorer)`
			`if !ok {`
Rewrite the remember module - Add context keys and storage pieces for remember 2018-03-08 01:13:06 +02:00			`panic("could not upgrade ServerStorer to RecoveringServerStorer, check your struct")`
			`}`

			`return s`
			`}`

			`// EnsureCanRemember makes sure the server storer supports remember operations`
			`func EnsureCanRemember(storer ServerStorer) RememberingServerStorer {`
			`s, ok := storer.(RememberingServerStorer)`
			`if !ok {`
			`panic("could not upgrade ServerStorer to RememberingServerStorer, check your struct")`
Fully re-implement recover - Add back the feature to log in after password recovery - Add new storer functionality to mocks - Add RecoveringServerStorer - Add RecoverableUser - Add RecoverStartValuer, RecoverMiddleValuer, RecoverEndValuer - Change storers to differentiate between tokens (recover vs confirm) - Change BCryptCost to be a generic module configuration (doesn't belong to register) 2018-03-06 03:47:11 +02:00			`}`

			`return s`
			`}`