go/authboss
1
0
Fork 0
mirror of https://github.com/volatiletech/authboss.git synced 2025-07-17 01:32:24 +02:00
Code Issues Releases Activity

Make RememberStorer more independent.

Browse Source 
- RememberStorer checks to see if either provided storer is of the correct
  type. If neither are then the module fails to load.
- Fix #48
This commit is contained in:
Aaron
2015-03-27 09:34:36 -07:00
parent 1c275a132a
commit a4fd382287
2 changed files with 33 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -252,6 +252,9 @@ their new password is stored, they are logged in and redirected to the RecoverOK
A separate table/Nested Array containing many tokens for any given user
- Token (string)
**RememberStorer:** A remember storer is an interface that must be satisfied by one of the authboss.Cfg.Storer or authboss.Cfg.OAuth2Storer if
neither satisfies the requirement the module will fail to load.
**How it works:** When the authentication form is submitted if the form value rm is set to "true" the remember module will automatically
create a remember token for the user and set this in the database as well as in a cookie. As for OAuth2 logins, it will look for
an encoded state parameter that is automatically included by simply passing rm=true in the query arguments to the initial oauth2 login

40
remember/remember.go
View File

@ -25,8 +25,10 @@ var (
// storage requirements. If the implementer is a typical database then
// the tokens should be stored in a separate table since they require a 1-n
// with the user for each device the user wishes to remain logged in on.
//
// Remember storer will look at both authboss's configured Storer and OAuth2Storer
// for compatibility.
type RememberStorer interface {
authboss.Storer
// AddToken saves a new token for the key.
AddToken(key, token string) error
// DelTokens removes all tokens for a given key.
@ -45,12 +47,14 @@ type Remember struct{}
// Initialize module
func (r *Remember) Initialize() error {
if authboss.Cfg.Storer == nil {
if authboss.Cfg.Storer == nil && authboss.Cfg.OAuth2Storer == nil {
return errors.New("remember: Need a RememberStorer")
}
if _, ok := authboss.Cfg.Storer.(RememberStorer); !ok {
return errors.New("remember: RememberStorer required for remember functionality")
if _, ok := authboss.Cfg.OAuth2Storer.(RememberStorer); !ok {
return errors.New("remember: RememberStorer required for remember functionality")
}
}
authboss.Cfg.Callbacks.Before(authboss.EventGetUserSession, r.auth)
@ -68,7 +72,9 @@ func (r *Remember) Routes() authboss.RouteTable {
// Storage requirements
func (r *Remember) Storage() authboss.StorageOptions {
return nil
return authboss.StorageOptions{
authboss.Cfg.PrimaryID: authboss.String,
}
}
// afterAuth is called after authentication is successful.
@ -146,12 +152,15 @@ func (r *Remember) afterPassword(ctx *authboss.Context) error {
}
ctx.CookieStorer.Del(authboss.CookieRemember)
rememberStorer, ok := authboss.Cfg.Storer.(RememberStorer)
if !ok {
return nil
var storer RememberStorer
if storer, ok = authboss.Cfg.Storer.(RememberStorer); !ok {
if storer, ok = authboss.Cfg.OAuth2Storer.(RememberStorer); !ok {
return nil
}
}
return rememberStorer.DelTokens(id)
return storer.DelTokens(id)
}
// new generates a new remember token and stores it in the configured RememberStorer.
@ -170,8 +179,14 @@ func (r *Remember) new(cstorer authboss.ClientStorer, storageKey string) (string
finalToken := base64.URLEncoding.EncodeToString(token)
storageToken := base64.StdEncoding.EncodeToString(sum[:])
var storer RememberStorer
var ok bool
if storer, ok = authboss.Cfg.Storer.(RememberStorer); !ok {
storer, ok = authboss.Cfg.OAuth2Storer.(RememberStorer)
}
// Save the token in the DB
if err := authboss.Cfg.Storer.(RememberStorer).AddToken(storageKey, storageToken); err != nil {
if err := storer.AddToken(storageKey, storageToken); err != nil {
return "", err
}
@ -210,7 +225,12 @@ func (r *Remember) auth(ctx *authboss.Context) (authboss.Interrupt, error) {
// Verify the tokens match.
sum := md5.Sum(token)
err = authboss.Cfg.Storer.(RememberStorer).UseToken(givenKey, base64.StdEncoding.EncodeToString(sum[:]))
var storer RememberStorer
if storer, ok = authboss.Cfg.Storer.(RememberStorer); !ok {
storer, ok = authboss.Cfg.OAuth2Storer.(RememberStorer)
}
err = storer.UseToken(givenKey, base64.StdEncoding.EncodeToString(sum[:]))
if err == authboss.ErrTokenNotFound {
return authboss.InterruptNone, nil
} else if err != nil {