github.com/gocaveman/caveman@v0.0.0-20191211162744-0ddf99dbdf6e/users/users.go

github.com/gocaveman/caveman@v0.0.0-20191211162744-0ddf99dbdf6e/users/users.go (about)

     1  // Users and login functionality.
     2  package users
     3  
     4  // default user type - best if this type is not exported but that might be taking it too far
     5  // some intefaces that can be used to abstract the user struct from common data needed from it
     6  // like username, roles, email, check password? etc.
     7  // session just stores userid and expiration - use encryption token stuff from webutil
     8  // (come up with a good name "token" may not be the best and it's duplicate of uifiles)
     9  // handler pulls currently logged in user and attaches to context
    10  // login/logout/create endpoints
    11  // user impersonation is done with a separate cookie and a separate handler
    12  // will need subpackage for pages - both admin pages and public login stuff, password reset, etc.
    13  // figure out oauth
    14  
    15  // TODO: if we're really smart, we'll incorporate facebook and google login (auth2)
    16  // TODO: look at the features in authboss and make sure we handle the most important ones
    17  // TODO: can we also act as oauth2 provider?? might be pretty simple to get the bearer token code working and bam - definitely don't preclude it
    18  // TODO: progressive backoff to avoid dictionary attacks is very important