This reverts commit 3b11e039dc802bfc865cd2e515583e9b0911aaf0, reversing
changes made to 586415a7db9d2b1538cd2c05ca2dbbce0ee9cc62.
This merge actually caused the tests to fail. After digging in I decided
that the documentation is good enough as a test on creation of Authboss
is not possible with the current API. And this being only in the
register module was kind of a code smell.
- Fix#79
- Rename event EventGet to EventGetUser
- Remove double DB fetch
- Add new event callpoint: After(EventGetUser) for things that need to
check that the user is ABLE to be gotten after it's fetched from the
DB. That is before returning to the web app, ensure that the user is
valid from a confirmation/lock etc point of view.
- Add test to make sure all the events are firing in CurrentUser()
- When authboss routes are accessed it goes through a check to see if
they're logged in and if they need to actually visit this route. If
the user was not found (despite having a session cookie) it would 500,
and now it simply removes the bad cookie.
- Fix#75
- Re-add the age-old "Values" from the Context. This was originally
there for exactly the documented purpose. However the Context holding
the request form values negated it's use. It's back because of this
new separation.
- Make the auth success path set the authboss.CookieRemember value in
the context before calling it's callback.
- This allows for the user struct to contain just about anything. But it
will still produce errors when there is a type mismatch (which I believe
was the entire point of the type-specific code).
- Leave sql.Scanner/driver.Valuer as special cases to allow control over
serialization at some level.
- Fix#69
- Stop logged in users from accessing pages like auth/recover etc.
- Ensure that half-authed users are allowed access to auth-like pages.
- Make sure that if users have a remember token, it's processed before
we decide if a user is logged in or not, preventing or granting access
to these pages.
- Fix#58