Documentation
¶
Index ¶
- Variables
- func Admin(h http.HandlerFunc) http.HandlerFunc
- func AdminCsrfActive(h http.HandlerFunc) http.HandlerFunc
- func Auth(h http.HandlerFunc) http.HandlerFunc
- func Cookies(cfg CookieConfig)
- func Errors(h ErrorHandler)
- func FromContext(ctx context.Context) *tokens.JWTPayload
- func JWTSecret(secret []byte)
- func Login(w http.ResponseWriter, role string, userID int)
- func Logout(w http.ResponseWriter, r *http.Request)
- func Protected(h http.HandlerFunc) http.HandlerFunc
- func ProtectedCsrfActive(h http.HandlerFunc) http.HandlerFunc
- func Require(roles ...string) func(http.HandlerFunc) http.HandlerFunc
- func RoleAdmin() string
- func RoleAnonymous() string
- func RoleUser() string
- func Roles(cfg RolesConfig)
- func Tokens(cfg TokenConfig)
- func UseStore(store tokens.TokenStore)
- func Verbose()
- type CookieConfig
- type ErrorHandler
- type RolesConfig
- type TokenConfig
Constants ¶
This section is empty.
Variables ¶
var ( ErrForbidden = authError.ErrForbidden ErrInternal = authError.ErrInternal )
Re-export error values
Functions ¶
func AdminCsrfActive ¶
func AdminCsrfActive(h http.HandlerFunc) http.HandlerFunc
func Auth ¶
func Auth(h http.HandlerFunc) http.HandlerFunc
Auth attaches authentication context (anonymous allowed)
func Cookies ¶
func Cookies(cfg CookieConfig)
Cookies configures auth cookies (secure, samesite, etc.)
func Errors ¶ added in v1.2.0
func Errors(h ErrorHandler)
Errors allows customizing how authentication / authorization errors are presented (JSON, HTML, redirects, etc). Optional — defaults to plain HTTP errors.
func FromContext ¶
func FromContext(ctx context.Context) *tokens.JWTPayload
FromContext returns the JWT payload or nil
func JWTSecret ¶
func JWTSecret(secret []byte)
JWTSecret sets the HMAC secret used to sign JWTs. MUST be called once at startup.
func Login ¶
func Login(w http.ResponseWriter, role string, userID int)
Login issues access + refresh + csrf tokens
func Logout ¶
func Logout(w http.ResponseWriter, r *http.Request)
Logout expires cookies and revokes tokens
func Protected ¶
func Protected(h http.HandlerFunc) http.HandlerFunc
Protected = authenticated user (user OR admin)
func ProtectedCsrfActive ¶
func ProtectedCsrfActive(h http.HandlerFunc) http.HandlerFunc
Protected = authenticated browser user (CSRF enforced)
func Require ¶
func Require(roles ...string) func(http.HandlerFunc) http.HandlerFunc
Require enforces one or more roles
func RoleAnonymous ¶
func RoleAnonymous() string
func Roles ¶ added in v1.1.0
func Roles(cfg RolesConfig)
Roles configures application role names (optional).
func Tokens ¶ added in v1.1.0
func Tokens(cfg TokenConfig)
Tokens configures token lifetimes (optional). Safe defaults are used if not called.
func UseStore ¶
func UseStore(store tokens.TokenStore)
UseStore injects the token persistence backend (sqlite, redis, etc.)
Types ¶
type CookieConfig ¶ added in v1.1.0
type CookieConfig = tokens.CookieConfig
type ErrorHandler ¶ added in v1.2.0
type ErrorHandler = authError.ErrorHandler
type RolesConfig ¶ added in v1.1.0
type TokenConfig ¶ added in v1.1.0
type TokenConfig = tokens.TokenConfig
Source Files