auth
2015-05-17
Parent:3223a8e679db
auth/doc.go
Create interfaces for login verification flow. We needed an interface that we could use to say "send the email to verify the user's login" so that we could verify the emails we have are actually valid. This implements an NSQ version that sends an email_verification event. We'll get listener implementations that pull these messages off NSQ and actually send the emails. This also implements, for testing purposes, a version that just echoes the Login Value and the Verification code to stdout.
1 /*
2 Package auth provides an authentication service for managing user accounts and an OAuth2 provider.
4 The service is an opinionated implementation of authentication using passphrases and the
5 code.secondbit.org/pass package to implement user credentials and accounts. Additionally, users
6 are permitted to login using any email address they have on record. Care is also taken to be able
7 to mitigate attacks that have already happened and plan ahead for the worst case scenarios.
9 An OAuth2 provider is also built-in and provided, complete with client registration and management,
10 as well as a specification-based set of handlers for managing the issuing of grants and tokens. Token
11 validiity may be asserted through an API, or a proxy service is provided for stripping auth-specific
12 information from requests and replacing it with a trusted header containing information about the user
13 and client that authorized the request.
14 */
15 package auth