login.go 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116
  1. package basics
  2. import (
  3. "github.com/qor5/docs/docsrc/generated"
  4. . "github.com/theplant/docgo"
  5. "github.com/theplant/docgo/ch"
  6. )
  7. var Login = Doc(
  8. Markdown(`
  9. Login package provides comprehensive login authentication logic and related UI interfaces. It is designed to simplify the process of adding user authentication to QOR5-based backend development project.
  10. In QOR5 admin development, we recommend using [github.com/qor5/admin/login](https://github.com/qor5/admin/tree/main/login), which wraps [github.com/qor5/x/login](https://github.com/qor5/x/tree/master/login) to keep the theme of login UI consistent with Presets and provide more powerful features.
  11. ## Basic Usage
  12. The example shows how to enable both username/password login and OAuth login.
  13. `),
  14. ch.Code(generated.LoginBasicUsage).Language("go"),
  15. Markdown(`
  16. ## Username/Password Login
  17. To enable Username/Password login, the ~UserModel~ needs to implement the [UserPasser](https://github.com/qor5/x/blob/8f986dddfeaf235fd42bb3361717551d06695517/login/user_pass.go#L13) interface. There is a default implementation - [UserPass](https://github.com/qor5/x/blob/8f986dddfeaf235fd42bb3361717551d06695517/login/user_pass.go#L44).
  18. `),
  19. ch.Code(generated.LoginEnableUserPass).Language("go"),
  20. Markdown(`
  21. ### Change Password
  22. There are three ways to change the password:
  23. 1\. Visit the default change password page.
  24. 2\. Call the ~OpenChangePasswordDialogEvent~ event to change it in dialog.
  25. `),
  26. ch.Code(generated.LoginOpenChangePasswordDialog).Language("go"),
  27. Markdown(`
  28. 3\. Change the password directly in Editing.
  29. `),
  30. ch.Code(generated.LoginChangePasswordInEditing).Language("go"),
  31. Markdown(`
  32. ### MaxRetryCount
  33. By default, it allows 5 login attempts with incorrect credentials, and if the limit is exceeded, the user will be locked for 1 hour. This helps to prevent brute-force attacks on the login system. You can call ~MaxRetryCount~ to set the maximum retry count. If you set MaxRetryCount to a value less than or equal to 0, it means there is no limit of login attempts, and the user will not be locked after a certain number of failed login attempts.
  34. `),
  35. ch.Code(generated.LoginSetMaxRetryCount).Language("go"),
  36. Markdown(`
  37. ### TOTP
  38. There is TOTP (Time-based One-time Password) functionality out of the box, which is enabled by default.
  39. `),
  40. ch.Code(generated.LoginSetTOTP).Language("go"),
  41. Markdown(`
  42. ### Google reCAPTCHA
  43. Google reCAPTCHA is disabled by default.
  44. `),
  45. ch.Code(generated.LoginSetRecaptcha).Language("go"),
  46. Markdown(`
  47. ## OAuth Login
  48. OAuth login is based on [goth](https://github.com/markbates/goth).
  49. OAuth login does not require a ~UserModel~. If there is a ~UserModel~, it needs to implement the [OAuthUser](https://github.com/qor5/x/blob/8f986dddfeaf235fd42bb3361717551d06695517/login/oauth_user.go#L5) interface. There is a default implementation - [OAuthInfo](https://github.com/qor5/x/blob/8f986dddfeaf235fd42bb3361717551d06695517/login/oauth_user.go#L13).
  50. `),
  51. ch.Code(generated.LoginEnableOAuth).Language("go"),
  52. Markdown(`
  53. ## Session Secure
  54. The [SessionSecurer](https://github.com/qor5/x/blob/8f986dddfeaf235fd42bb3361717551d06695517/login/session_secure.go#L11) provides a way to manage unique salt for a user record. There is a default implementation - [SessionSecure](https://github.com/qor5/x/blob/8f986dddfeaf235fd42bb3361717551d06695517/login/session_secure.go#L16).
  55. `),
  56. ch.Code(generated.LoginEnableSessionSecure).Language("go"),
  57. Markdown(`
  58. ~SessionSecurer~ helps to ensure user security even in the event of secret leakage. When a user logs in, ~SessionSecurer~ generates a random salt and associates it with the user's record. This salt is then used to sign the user's session token. When the user makes requests to the server, the server verifies that the session token has been signed with the correct salt. If the salt has been changed, the session token is considered invalid and the user is logged out.
  59. `),
  60. Markdown(`
  61. ## Hooks
  62. [Hooks](https://github.com/qor5/x/blob/8f986dddfeaf235fd42bb3361717551d06695517/login/builder.go#L39) are functions that are called before or after certain events.
  63. The following hooks are available:
  64. ### BeforeSetPassword
  65. #### Extra Values
  66. - password
  67. This hook is called before resetting or changing a password. The hook can be used to validate password formats.
  68. ### AfterLogin
  69. This hook is called after a successful login.
  70. ### AfterFailedToLogin
  71. #### Extra Values
  72. - login error
  73. This hook is called after a failed login. Note that the ~user~ parameter may be nil.
  74. ### AfterUserLocked
  75. This hook is called after a user is locked.
  76. ### AfterLogout
  77. This hook is called after a logout.
  78. ### AfterConfirmSendResetPasswordLink
  79. #### Extra Values
  80. - reset link
  81. This hook is called after confirming the sending of a password reset link. This is where the code to send the reset link to the user should be written.
  82. ### AfterResetPassword
  83. This hook is called after a password is reset.
  84. ### AfterChangePassword
  85. This hook is called after a password is changed.
  86. ### AfterExtendSession
  87. #### Extra Values
  88. - old session token
  89. This hook is called after a session is extended.
  90. ### AfterTOTPCodeReused
  91. This hook is called after a TOTP code has been reused.
  92. ### AfterOAuthComplete
  93. This hook is called after an OAuth authentication is completed.
  94. `),
  95. Markdown(`
  96. ## Customize Pages
  97. To customize pages, there are two ways:
  98. 1\. Each page has a corresponding ~xxxPageFunc~ to rewrite the page content. You can easily customize a page by copying the [default page func](https://github.com/qor5/admin/blob/main/login/views.go) and modifying it according to your needs.
  99. `),
  100. ch.Code(generated.LoginCustomizePage).Language("go"),
  101. Markdown(`
  102. 2\. Only mount the API and serve the login pages manually.
  103. When you want to embed the login form into an existing page, this way can be very useful.
  104. `),
  105. ch.Code(generated.LoginCustomizePage2).Language("go"),
  106. ).Slug("basics/login").Title("Login")