// WithPasswordFromConfig retrieves the password from the configuration with path
// as defined in constant PathJWTPassword
func WithPasswordFromConfig(cr config.Getter) Option {
pw, err := cr.String(config.Path(PathJWTPassword))
if config.NotKeyNotFoundError(err) {
pw = string(uuid.NewRandom())
}
return WithPassword([]byte(pw))
}
func (u *User) Authenticate(cr config.Getter, h crypto.Hasher, username, password string) error {
isCaseSensitive := cr.Bool(config.Path("admin/security/use_case_sensitive_login"))
if !isCaseSensitive {
// ... hmm
}
return nil
}
// IsSecure checks if a request has been sent over a TLS connection. Also checks
// if the app runs behind a proxy server and therefore checks the off loader header.
func IsSecure(cr config.Getter, r *http.Request) bool {
// due to import cycle this function must be in this package
if r.TLS != nil {
return true
}
oh, err := cr.String(config.Path(PathOffloaderHeader), config.ScopeDefault())
if err != nil {
if PkgLog.IsDebug() {
PkgLog.Debug("net.httputil.IsSecure.FromContextReader.String", "err", err, "path", PathOffloaderHeader)
}
return false
}
h := r.Header.Get(oh)
hh := r.Header.Get("HTTP_" + oh)
var isHTTPS bool
switch "https" {
case h, hh:
isHTTPS = true
}
return isHTTPS
}
// SetWebsiteConfig sets the config.Reader to the Website. Default reader is
// config.DefaultManager. You should call this function before calling other
// option functions otherwise your preferred config.Reader won't be inherited
// to a Group or Store.
func SetWebsiteConfig(cr config.Getter) WebsiteOption {
return func(w *Website) {
w.cr = cr
w.crDefault = cr.NewScoped(0, 0, 0)
}
}