go/authboss
1
0
Fork 0
mirror of https://github.com/volatiletech/authboss.git synced 2025-02-21 19:50:20 +02:00
Code Issues Releases Activity

Add control over confirm http method

Browse Source
This commit is contained in:
Aaron L 2018-09-12 19:58:16 -07:00
parent 79d1893bdc
commit 2eeaf342f9
3 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -12,6 +12,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
- Add Config option for MailRoot. This is a URL that overrides the typical
URL building using Root/MountPath that recover and confirm do to enable
creating mail links to a different location than where the API is hosted.
- Add a configuration option that allows confirm to change the method type
it expects since in an API setting a GET is strange as there is body details.
### Changed

8
config.go
View File

@ -1,6 +1,7 @@
package authboss
import (
"net/http"
"time"
"golang.org/x/crypto/bcrypt"
@ -50,6 +51,12 @@ type Config struct {
// BCryptCost is the cost of the bcrypt password hashing function.
BCryptCost int
// ConfirmMethod controls which http method confirm expects. This is because
// typically this is a GET request since it's a link from an e-mail, but in
// api-like cases it needs to be able to be a post since there's data that
// must be sent to it.
ConfirmMethod string
// ExpireAfter controls the time an account is idle before being logged out
// by the ExpireMiddleware.
ExpireAfter time.Duration
@ -183,6 +190,7 @@ func (c *Config) Defaults() {
c.Paths.RootURL = "http://localhost:8080"
c.Modules.BCryptCost = bcrypt.DefaultCost
c.Modules.ConfirmMethod = http.MethodGet
c.Modules.ExpireAfter = time.Hour
c.Modules.LockAfter = 3
c.Modules.LockWindow = 5 * time.Minute

9
confirm/confirm.go
View File

@ -55,7 +55,14 @@ func (c *Confirm) Init(ab *authboss.Authboss) (err error) {
return err
}
c.Authboss.Config.Core.Router.Get("/confirm", c.Authboss.Config.Core.ErrorHandler.Wrap(c.Get))
var callbackMethod func(string, http.Handler)
switch c.Config.Modules.ConfirmMethod {
case http.MethodGet:
callbackMethod = c.Authboss.Config.Core.Router.Get
case http.MethodPost:
callbackMethod = c.Authboss.Config.Core.Router.Post
}
callbackMethod("/confirm", c.Authboss.Config.Core.ErrorHandler.Wrap(c.Get))
c.Events.Before(authboss.EventAuth, c.PreventAuth)
c.Events.After(authboss.EventRegister, c.StartConfirmationWeb)