Exemple #1
0
// WithPasswordFromConfig retrieves the password from the configuration with path
// as defined in constant PathJWTPassword
func WithPasswordFromConfig(cr config.Getter) Option {
	pw, err := cr.String(config.Path(PathJWTPassword))
	if config.NotKeyNotFoundError(err) {
		pw = string(uuid.NewRandom())
	}
	return WithPassword([]byte(pw))
}
Exemple #2
0
func (u *User) Authenticate(cr config.Getter, h crypto.Hasher, username, password string) error {
	isCaseSensitive := cr.Bool(config.Path("admin/security/use_case_sensitive_login"))

	if !isCaseSensitive {
		// ... hmm
	}

	return nil
}
Exemple #3
0
// IsSecure checks if a request has been sent over a TLS connection. Also checks
// if the app runs behind a proxy server and therefore checks the off loader header.
func IsSecure(cr config.Getter, r *http.Request) bool {
	// due to import cycle this function must be in this package
	if r.TLS != nil {
		return true
	}

	oh, err := cr.String(config.Path(PathOffloaderHeader), config.ScopeDefault())
	if err != nil {
		if PkgLog.IsDebug() {
			PkgLog.Debug("net.httputil.IsSecure.FromContextReader.String", "err", err, "path", PathOffloaderHeader)
		}
		return false
	}

	h := r.Header.Get(oh)
	hh := r.Header.Get("HTTP_" + oh)

	var isHTTPS bool
	switch "https" {
	case h, hh:
		isHTTPS = true
	}
	return isHTTPS
}
Exemple #4
0
// SetWebsiteConfig sets the config.Reader to the Website. Default reader is
// config.DefaultManager. You should call this function before calling other
// option functions otherwise your preferred config.Reader won't be inherited
// to a Group or Store.
func SetWebsiteConfig(cr config.Getter) WebsiteOption {
	return func(w *Website) {
		w.cr = cr
		w.crDefault = cr.NewScoped(0, 0, 0)
	}
}