auth
2015-04-11
Parent:3223a8e679db
auth/doc.go
Clean up sessions and tokens after Profile is deleted. Add a terminateSessionsByProfile method to our sessionStore to mark Sessions associated with a Profile as inactive. Implement memstore and postgres implementations of the terminateSessionsByProfile method. Add a TerminateSessionsByProfile wrapper method to Context. Add a revokeTokensByProfileID method to our tokenStore to mark Tokens associated with a Profile as revoked. Implement memstore and postgres implementation of the revokeTokensByProfileID method. Add a RevokeTokensByProfileID wrapper method to Context. Call our RevokeTokensByProfileID and TerminateSessionsByProfile methods after a Profile is deleted, to clean up the Tokens and Sessions associated with it.
1 /*
2 Package auth provides an authentication service for managing user accounts and an OAuth2 provider.
4 The service is an opinionated implementation of authentication using passphrases and the
5 code.secondbit.org/pass package to implement user credentials and accounts. Additionally, users
6 are permitted to login using any email address they have on record. Care is also taken to be able
7 to mitigate attacks that have already happened and plan ahead for the worst case scenarios.
9 An OAuth2 provider is also built-in and provided, complete with client registration and management,
10 as well as a specification-based set of handlers for managing the issuing of grants and tokens. Token
11 validiity may be asserted through an API, or a proxy service is provided for stripping auth-specific
12 information from requests and replacing it with a trusted header containing information about the user
13 and client that authorized the request.
14 */
15 package auth