1
0
mirror of https://github.com/volatiletech/authboss.git synced 2025-01-10 04:17:59 +02:00
Commit Graph

271 Commits

Author SHA1 Message Date
Aaron L
982025bbc3 Finish implementing and testing confirm
- Rejig tests to remember to test the smtp mailer
2018-02-27 07:14:30 -08:00
Aaron L
3638e4f047 Split up users and storers into separate files
- Add storers & users for confirm module
2018-02-25 15:32:27 -08:00
Aaron L
dcd439e45a Adjust mocks and code to fit new register
- Document various gotchas about Preserve fields.
- Move configuration around to the proper modules.
2018-02-25 15:20:57 -08:00
Aaron L
948aa8a115 Finish register module 2018-02-25 15:19:43 -08:00
Aaron L
1068509540 Make auth tests more solid 2018-02-21 12:10:18 -08:00
Aaron L
d4f8d2f292 Finish auth module 2018-02-20 08:58:59 -08:00
Aaron L
77987afb8a Add formatting helpers to loggers 2018-02-16 11:56:47 -08:00
Aaron L
c89ca29827 Remove context and errors from get/set
I have a feeling that I wrote all this fanciness in when the
user was still able to fetch himself from the database. But since
that's been dropped I don't think any of this stuff is necessary.

In terms of setting without an error, we should do validation before
an attempt to save, not every time we set a field. This will just end
up being much nicer error handling, and the database is going to do
it's own validation and we can handle that error in the same way.
2018-02-16 11:27:22 -08:00
Aaron L
7f97d632d0 Clean up defaults package a bit 2018-02-16 09:55:45 -08:00
Aaron L
9eb5731a3d Redo events again
- The purpose of this change is to make it so that a different module
  can hijack the response to the client.
2018-02-16 09:49:07 -08:00
Aaron L
2137c827d3 Fix tests back up again.
- Remove a test that was obsoleted by optimizations. Not 100% sure this
  is correct, but it seems like if nothing has changed since the
  previous session/cookie read then we shouldn't need to write any new
  headers for them. This is especially true in the typical "I use
  cookies for everything" use case, but may not be true of other use
  cases... Remains to be seen. Since they're optimizations they should
  be able to removed "safely" later.
2018-02-14 15:16:44 -08:00
Aaron L
f585b35cfb Move docs in defaults to defaults.go 2018-02-14 15:11:59 -08:00
Aaron L
23e1e849d3 Move expiry module
- Remove the errors from User interfaces
2018-02-14 14:18:03 -08:00
Aaron L
726204d809 Fix some inconsistencies in clientstate
- Add a ClientStateMiddleware that loads the client state into the
  request context and prepares a ClientStateResponseWriter for
  downstream handlers
- Clean up some of the handling around session and cookie state, for
  example don't write if there are no events to be processed
- Redo the Defaultts() method for config to be useful again.
- Prefix LogoutMethod with Auth to be consistent
2018-02-04 23:28:31 -08:00
Aaron L
d4f4f6c443 Rewrite auth module
Discovered many problems with the abstractions along the way
and did small fixes to get to the end of the auth module.

- Use more constants for random strings
- Create forcing functions to deal with the upgrades to different
  interfaces
2018-02-04 21:24:55 -08:00
Aaron L
386133a84b Add a way to read values and validate
In order to support multiple different types of requests, there needed
to be an interface to be able to read values from a request, and
subsequently validate them to return any errors.

So we've adjusted the Validator interface to no longer validate a
request but instead validate the object it lives on.

And we've created a new BodyReader interface.
2018-02-04 18:39:25 -08:00
Aaron L
7119b3a90e Delete now-unused code
- This may come back in a separated default Renderer of some kind.
2018-02-02 15:41:43 -08:00
Aaron L
cf05c8d36b Work on logging and error handling some more 2018-02-02 15:41:24 -08:00
Aaron L
27010d9fe4 Abstract logger and error handling
- Replace the old logging mechanisms with a leveled one. This is
  important as authboss needs to start saying a lot more about what's
  happening in the Info log, which will end up like Debug but that's
  okay.
- Replace the error handling mechanisms with something different. This
  allows people to define their own error handlers.
2018-02-02 12:11:47 -08:00
Aaron L
22e99a9921 Work on the auth module
- Move more *User interfaces into storage.go, no need for them to be in
  each individual module.
2018-02-01 17:23:31 -08:00
Aaron L
8f546fdd7c Revert a change to removing some code
- This code is useful and this commit adds a comment to say why
2018-02-01 17:10:26 -08:00
Aaron L
ad5230a303 Bring back events
- Rename callbacks -> events
- Regenerate stringers.go with later version of stringer
2018-02-01 16:31:08 -08:00
Aaron L
de1c2ed081 Get tests working after latest refactors
- Change changelog format to use keepachangelog standard
- Refactor the config to be made of substructs to help organize all the
  pieces
- Add the new interfaces to the configuration
- Clean up module loading (no unnecessary reflection to create new value)
- Change User interface to have a Get/SetPID not E-mail/Username, this
  way we don't ever have to refer to one or the other, we just always
  assume pid. In the case of Confirm/Recover we'll have to make a GetEmail
  or there won't be a way for us to get the e-mail to send to.
- Delete the xsrf nonsense in the core
2018-02-01 15:42:48 -08:00
Aaron L
cbfc1d8388 Fix authboss core tests
- Delete callbacks tests
- Remove some useless code (SendMail), as well as some extra arguments
  in certain functions that didn't require them.
- Remove tests for more code that has been moved to default
  implementations
2018-02-01 11:51:43 -08:00
Aaron L
2db3a3f782 Fix the tests in defaults package
- Make the default responder aggregate data, this allows aggregation of
  data from various middlewares like csrf or extra data for the layout
  without having to have an extra callback function like LayoutDataMaker
  or CRSFMaker
2018-02-01 10:25:54 -08:00
Aaron L
b33e47a97c Re(move) swaths of code
- Document more things
- Remove module code
- Remove callbacks code
- Remove data makers, flash messages, and context providers in exchange
  for middlewares that use context (unwritten)
- Move more implementations (responses, redirector, router) to defaults
  package
- Rename key interfaces (again), Storer -> User, StoreLoader ->
  ServerStorer (opposite of ClientStateStorer) if this is the last time
  I rename these I'll be shocked
2018-01-31 17:07:11 -08:00
Aaron L
59b2874bcd Move validation implementations to defaults
- Add more interfaces for validation
2018-01-29 16:24:42 -08:00
Aaron L
0e9761ddf5 Start moving default implementations 2018-01-29 13:14:55 -08:00
Aaron L
c8457d818d Add ability to wrap responsewriters indefinitely 2018-01-29 11:35:47 -08:00
Aaron L
2b5c85ee16 Import path fixes 2017-07-30 19:42:05 -07:00
Aaron L
a92fb4d069 Re-enable tests, add more tests 2017-03-05 10:03:22 -08:00
Aaron L
24fc6196c7 Introduce new type of client storage
- This addresses the problem of having to update multiple times during
  one request. It's hard to have a nice interface especially with JWT
  because you always end up having to decode the request, encode new
  response, write header, then a second write to it comes, and where do
  you grab the value from? Often you don't have access to the response
  as a "read" structure. So we store it as events instead, and play
  those events against the original data right before the response is
  written to set the headers.
2017-02-24 16:45:47 -08:00
Aaron L
3170cb8068 Ensure we don't re-lookup, cache in context 2017-02-23 16:29:58 -08:00
Aaron L
fa6ba517db More gigantic edits.
- Change response to be more central to Authboss. Make sure it has
  useful methods and works with the new rendering idioms.
- Change the load user methods to all work with context keys, and even
  be able to set context keys on the current request to avoid setting
  contexts everywhere in the code base.
2017-02-23 16:13:25 -08:00
Aaron L
f65d9f6bb6 Fix errors package
- Fix many compilation errors
2017-02-21 15:04:30 -08:00
Aaron L
b9e2a62802 More changes 2017-02-20 16:08:19 -08:00
Aaron L
02e91bc0ad More changes 2017-02-20 15:56:26 -08:00
Aaron L
f7db80e4e2 Prototyping 2017-02-20 14:28:38 -08:00
Aaron L
bc55489bc6 Remove unnecessary circle due to gopkg.in 2016-12-19 22:52:57 -08:00
Aaron L
0c3d6d26ca Remove gopkg.in 2016-12-19 22:47:12 -08:00
Aaron L
7ccb973d79 Update readme with project information 2016-12-19 22:25:33 -08:00
Aaron L
2009133d45 Merge branch 'cortesi/modattrs' 2016-12-19 21:59:22 -08:00
Aldo Cortesi
efa77f5445 Authboss.moduleAttributes -> Authboss.ModuleAttributes 2016-12-20 08:34:19 +13:00
Aaron L
35e85950af Merge pull request #106 from amygit/master
Fix test for ctx.User.AttemptNumber fix
2016-12-02 07:10:17 -08:00
amygit
5b3ceceb8c Merge remote-tracking branch 'upstream/master' 2016-11-30 11:10:55 -08:00
amygit
10351c2f11 Fix test for ctx.User.AttemptNumber fix 2016-11-30 10:32:57 -08:00
Aaron L
a6e1ad1070 Merge pull request #104 from golliher/master
Added required handler for ListenAndServe
2016-11-29 22:17:57 -08:00
Aaron L
ad75d0a25a Merge pull request #103 from amygit/master
AttemptNumber should be set to 1 when login fails again after the loc…
2016-11-29 22:11:33 -08:00
Aaron L
34666f0c63 Fix bash syntax error 2016-11-29 22:06:34 -08:00
Aaron L
2ad0b44760 Circle no longer does code coverage without token 2016-11-29 21:43:04 -08:00