auth
auth/config.go
Move login concerns to session, add login handler. Move all our helpers for authenticating, building a login redirect, and reading a cookie to session.go. Rewrite our passphrase scheme code so that a scheme is just a struct with three functions for checking a passphrase against a profile object, generating a passphrase, and calculating the number of iterations to use when generating a passphrase. Define an implementation of our passphrase scheme (scheme #1) using PBKDF2 and SHA256. Add a CreateSessionHandler function that logs the user in using their login and passphrase. Add a RegisterSessionHandlers function that adds the session-related handlers (right now, just our CreateSessionHandler) to the specified router.
1 package auth
3 import (
4 "errors"
5 "html/template"
6 )
8 var (
9 // ErrInvalidLoginURI is returned when a Context is instantiated with a Config object that specifies a LoginURI that can't be parsed as a URL.
10 ErrInvalidLoginURI = errors.New("invalid login URI")
11 )
13 // Config holds the configuration values necessary to run a server. A Config
14 // instance is the only way to instantiate a Context variable.
15 type Config struct {
16 ClientStore clientStore
17 AuthCodeStore authorizationCodeStore
18 ProfileStore profileStore
19 TokenStore tokenStore
20 SessionStore sessionStore
21 Template *template.Template
22 LoginURI string
23 iterations int
24 }