auth
161:849f3820b164
Go to Latest
auth/doc.go
Stop soft-deleting Profiles and actually delete them.
The information we're storing in Profiles isn't unique enough that we should go
through the hassle we're going through to soft-delete it.
Add a deleteProfile method to our profileStore, and implement it for our
postgres and memstore implementations.
Add a DeleteProfile wrapper for our Context.
Remove the Deleted property from the Profile type and the ProfileChange type,
and update references to it.
Stop cleaning up after our Profile in the UpdateProfileHandler, because there's
no longer any way to delete the Profile from the UpdateProfileHandler.
Update our get/list* methods so they don't filter on the non-existent Deleted
property anymore.
Update our SQL schema definition to not include the deleted column.
Update our profile tests to use the DeleteProfile method and stop comparing the
no-longer-existing Deleted property.
2 Package auth provides an authentication service for managing user accounts and an OAuth2 provider.
4 The service is an opinionated implementation of authentication using passphrases and the
5 code.secondbit.org/pass package to implement user credentials and accounts. Additionally, users
6 are permitted to login using any email address they have on record. Care is also taken to be able
7 to mitigate attacks that have already happened and plan ahead for the worst case scenarios.
9 An OAuth2 provider is also built-in and provided, complete with client registration and management,
10 as well as a specification-based set of handlers for managing the issuing of grants and tokens. Token
11 validiity may be asserted through an API, or a proxy service is provided for stripping auth-specific
12 information from requests and replacing it with a trusted header containing information about the user
13 and client that authorized the request.