1
0
mirror of https://github.com/volatiletech/authboss.git synced 2024-11-28 08:58:38 +02:00
authboss/config.go

205 lines
8.4 KiB
Go

package authboss
import (
"html/template"
"io"
"io/ioutil"
"net/http"
"time"
"golang.org/x/crypto/bcrypt"
"golang.org/x/net/context"
)
// Config holds all the configuration for both authboss and it's modules.
type Config struct {
// MountPath is the path to mount authboss's routes at (eg /auth).
MountPath string
// ViewsPath is the path to search for overridden templates.
ViewsPath string
// RootURL is the scheme+host+port of the web application (eg https://www.happiness.com:8080) for url generation. No trailing slash.
RootURL string
// BCryptCost is the cost of the bcrypt password hashing function.
BCryptCost int
// PrimaryID is the primary identifier of the user. Set to one of:
// authboss.StoreEmail, authboss.StoreUsername (StoreEmail is default)
PrimaryID string
// Layout that all authboss views will be inserted into.
Layout *template.Template
// LayoutHTMLEmail is for emails going out in HTML form, authbosses e-mail templates
// will be inserted into this layout.
LayoutHTMLEmail *template.Template
// LayoutTextEmail is for emails going out in text form, authbosses e-mail templates
// will be inserted into this layout.
LayoutTextEmail *template.Template
// LayoutDataMaker is a function that can provide authboss with the layout's
// template data. It will be merged with the data being provided for the current
// view in order to render the templates.
LayoutDataMaker ViewDataMaker
// OAuth2Providers lists all providers that can be used. See
// OAuthProvider documentation for more details.
OAuth2Providers map[string]OAuth2Provider
// ErrorHandler handles would be 500 errors.
ErrorHandler http.Handler
// BadRequestHandler handles would be 400 errors.
BadRequestHandler http.Handler
// NotFoundHandler handles would be 404 errors.
NotFoundHandler http.Handler
// AuthLoginOKPath is the redirect path after a successful authentication.
AuthLoginOKPath string
// AuthLoginFailPath is the redirect path after a failed authentication.
AuthLoginFailPath string
// AuthLogoutOKPath is the redirect path after a log out.
AuthLogoutOKPath string
// RecoverOKPath is the redirect path after a successful recovery of a password.
RecoverOKPath string
// RecoverTokenDuration controls how long a token sent via email for password
// recovery is valid for.
RecoverTokenDuration time.Duration
// RegisterOKPath is the redirect path after a successful registration.
RegisterOKPath string
// Policies control validation of form fields and are automatically run
// against form posts that include the fields.
Policies []Validator
// ConfirmFields are fields that are supposed to be submitted with confirmation
// fields alongside them, passwords, emails etc.
ConfirmFields []string
// PreserveFields are fields used with registration that are to be rendered when
// post fails.
PreserveFields []string
// ExpireAfter controls the time an account is idle before being logged out
// by the ExpireMiddleware.
ExpireAfter time.Duration
// LockAfter this many tries.
LockAfter int
// LockWindow is the waiting time before the number of attemps are reset.
LockWindow time.Duration
// LockDuration is how long an account is locked for.
LockDuration time.Duration
// EmailFrom is the email address authboss e-mails come from.
EmailFrom string
// EmailSubjectPrefix is used to add something to the front of the authboss
// email subjects.
EmailSubjectPrefix string
// XSRFName is the name of the xsrf token to put in the hidden form fields.
XSRFName string
// XSRFMaker is a function that returns an xsrf token for the current non-POST request.
XSRFMaker XSRF
// Storer is the interface through which Authboss accesses the web apps database.
Storer Storer
// StoreMaker is an alternative to defining Storer directly, which facilitates creating
// a Storer on demand from the current http request. Unless you have an exceedingly unusual
// special requirement, defining Storer directly is the preferred pattern; literally the only
// known use case at the time of this property being added is Google App Engine, which requires
// the current context as an argument to its datastore API methods. To avoid passing StoreMaker
// an expired request object, where relevant, calls to this function will never be spun off as
// goroutines.
StoreMaker StoreMaker
// OAuth2Storer is a different kind of storer only meant for OAuth2.
OAuth2Storer OAuth2Storer
// OAuth2StoreMaker is an alternative to defining OAuth2Storer directly, which facilitates creating
// a OAuth2Storer on demand from the current http request. Unless you have an exceedingly unusual
// special requirement, defining OAuth2Storer directly is the preferred pattern; literally the only
// known use case at the time of this property being added is Google App Engine, which requires
// the current context as an argument to its datastore API methods. To avoid passing OAuth2StoreMaker
// an expired request object, where relevant, calls to this function will never be spun off as
// goroutines.
OAuth2StoreMaker OAuth2StoreMaker
// CookieStoreMaker must be defined to provide an interface capapable of storing cookies
// for the given response, and reading them from the request.
CookieStoreMaker CookieStoreMaker
// SessionStoreMaker must be defined to provide an interface capable of storing session-only
// values for the given response, and reading them from the request.
SessionStoreMaker SessionStoreMaker
// LogWriter is written to when errors occur, as well as on startup to show which modules are loaded
// and which routes they registered. By default writes to io.Discard.
LogWriter io.Writer
// LogWriteMaker is an alternative to defining LogWriter directly, which facilitates creating
// a LogWriter on demand from the current http request. Unless you have an exceedingly unusual
// special requirement, defining LogWriter directly is the preferred pattern; literally the only
// known use case at the time of this property being added is Google App Engine, which requires
// the current context as an argument to its logging API methods. To avoid passing LogWriteMaker
// an expired request object, where relevant, calls to this function will never be spun off as
// goroutines.
LogWriteMaker LogWriteMaker
// Mailer is the mailer being used to send e-mails out. Authboss defines two loggers for use
// LogMailer and SMTPMailer, the default is a LogMailer to io.Discard.
Mailer Mailer
// MailMaker is an alternative to defining Mailer directly, which facilitates creating
// a Mailer on demand from the current http request. Unless you have an exceedingly unusual
// special requirement, defining Mailer directly is the preferred pattern; literally the only
// known use case at the time of this property being added is Google App Engine, which requires
// the current context as an argument to its mail API methods. To avoid passing MailMaker
// an expired request object, where relevant, calls to this function will never be spun off as
// goroutines.
MailMaker MailMaker
// ContextProvider provides a context for a given request
ContextProvider func(*http.Request) context.Context
}
// Defaults sets the configuration's default values.
func (c *Config) Defaults() {
c.MountPath = "/"
c.ViewsPath = "./"
c.RootURL = "http://localhost:8080"
c.BCryptCost = bcrypt.DefaultCost
c.PrimaryID = StoreEmail
c.Layout = template.Must(template.New("").Parse(`<!DOCTYPE html><html><body>{{template "authboss" .}}</body></html>`))
c.LayoutHTMLEmail = template.Must(template.New("").Parse(`<!DOCTYPE html><html><body>{{template "authboss" .}}</body></html>`))
c.LayoutTextEmail = template.Must(template.New("").Parse(`{{template "authboss" .}}`))
c.AuthLoginOKPath = "/"
c.AuthLoginFailPath = "/"
c.AuthLogoutOKPath = "/"
c.RecoverOKPath = "/"
c.RecoverTokenDuration = time.Duration(24) * time.Hour
c.RegisterOKPath = "/"
c.Policies = []Validator{
Rules{
FieldName: "email",
Required: true,
AllowWhitespace: false,
},
Rules{
FieldName: "password",
Required: true,
MinLength: 4,
MaxLength: 8,
AllowWhitespace: false,
},
}
c.ConfirmFields = []string{
StorePassword, ConfirmPrefix + StorePassword,
}
c.ExpireAfter = 60 * time.Minute
c.LockAfter = 3
c.LockWindow = 5 * time.Minute
c.LockDuration = 5 * time.Hour
c.LogWriter = NewDefaultLogger()
c.Mailer = LogMailer(ioutil.Discard)
c.ContextProvider = func(req *http.Request) context.Context {
return context.TODO()
}
}