auth

Paddy 2014-12-14 Parent:1fb166575e69 Child:c03b5eb3179e

99:5bccbed6631b Go to Latest

auth/memstore.go

Add an endpoint to validate and register profiles. Add a newProfileRequest object that defines the user-specified properties of a new Profile. Add a helper that validates a newProfileRequest and modifies it for sanitization, mostly just removing leading and trailing whitespace. Add MaxNameLength, MaxUsernameLength, and MaxEmailLength constants to hold the maximum length for those properties. Add errors to be returned when a users attempts to log in with a profile that is compromised or locked. Add the bare bones of a CreateProfileHandler that validates a profile registration request adn uses it to create a Profile and at least one Login. Create a requestError struct that is used for returning API errors, along with constants for the slugs we'll use to signal those errors.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "sync"
5
6 "code.secondbit.org/uuid"
7 )
8
9 type memstore struct {
10 tokens map[string]Token
11 refreshTokenLookup map[string]string
12 profileTokenLookup map[string][]string
13 tokenLock sync.RWMutex
14
15 authCodes map[string]AuthorizationCode
16 authCodeLock sync.RWMutex
17
18 clients map[string]Client
19 profileClientLookup map[string][]uuid.ID
20 clientLock sync.RWMutex
21
22 endpoints map[string][]Endpoint
23 endpointLock sync.RWMutex
24
25 profiles map[string]Profile
26 profileLock sync.RWMutex
27
28 logins map[string]Login
29 profileLoginLookup map[string][]string
30 loginLock sync.RWMutex
31
32 sessions map[string]Session
33 sessionLock sync.RWMutex
34 }
35
36 // NewMemstore returns an in-memory version of our datastores,
37 // which is handy for tests. Though the implementation is concurrency-safe,
38 // if makes no attempt to persist the data, and therefore it is inadvisable
39 // to use it in a production setting.
40 func NewMemstore() *memstore {
41 return &memstore{
42 tokens: map[string]Token{},
43 refreshTokenLookup: map[string]string{},
44 profileTokenLookup: map[string][]string{},
45 authCodes: map[string]AuthorizationCode{},
46 clients: map[string]Client{},
47 profileClientLookup: map[string][]uuid.ID{},
48 endpoints: map[string][]Endpoint{},
49 profiles: map[string]Profile{},
50 logins: map[string]Login{},
51 profileLoginLookup: map[string][]string{},
52 sessions: map[string]Session{},
53 }
54 }
55
56 func (m *memstore) lookupTokenByRefresh(token string) (string, error) {
57 m.tokenLock.RLock()
58 defer m.tokenLock.RUnlock()
59 t, ok := m.refreshTokenLookup[token]
60 if !ok {
61 return "", ErrTokenNotFound
62 }
63 return t, nil
64 }
65
66 func (m *memstore) lookupTokensByProfileID(id string) ([]string, error) {
67 m.tokenLock.RLock()
68 defer m.tokenLock.RUnlock()
69 return m.profileTokenLookup[id], nil
70 }
71
72 func (m *memstore) lookupClientsByProfileID(id string) []uuid.ID {
73 m.clientLock.RLock()
74 defer m.clientLock.RUnlock()
75 c, ok := m.profileClientLookup[id]
76 if !ok {
77 return []uuid.ID{}
78 }
79 return c
80 }