examples

package

v1.2.2 Latest Latest Go to latest Published: Feb 10, 2021 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Microkubes/microservice-security

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func CheckAuthInContextMiddleware(ctx context.Context, rw http.ResponseWriter, req *http.Request) (context.Context, http.ResponseWriter, error)
func DummyUserPassAuthBuilder(userRepo UserRepository) chain.MiddlewareBuilder
func RetrieveAuthFromContext() error
func SecurityChainExample()
func SecurityChainExampleFailAuth()
func SetAuthInContext() error
type DBUser
type UserRepository
- func (repo UserRepository) FindByUsernameAndPassword(username string, pass string) *DBUser

Constants ¶

This section is empty.

Variables ¶

View Source

var NoAuthenticationPresent = goa.NewErrorClass("authentication_required", 401)

NoAuthenticationPresent is a custom error for the auth middleware generated when there is no authentication created

Functions ¶

func CheckAuthInContextMiddleware ¶

func CheckAuthInContextMiddleware(ctx context.Context, rw http.ResponseWriter, req *http.Request) (context.Context, http.ResponseWriter, error)

CheckAuthInContextMiddleware is a chain.SecurityChainMiddleware that performs a check for the Auth object in the context. This middleware ilustrates the usage of the auth package (auth.HasAuth function). Note that the middleware returns an Goa error (custom defined for the purposes of the auth chain). Later on, when the chain will return control over to Goa, this error will be serialized and retuned back to the client. Returnning an error would cause the chain to break after this middleware and would return to Goa immediately. Since the chain itself would return an error, this would also break the Goa chain and the actual microservice action will not be called.

func DummyUserPassAuthBuilder ¶

func DummyUserPassAuthBuilder(userRepo UserRepository) chain.MiddlewareBuilder

DummyUserPassAuthBuilder returns a chain.MiddlewareBuilder factory function. This illustrates passing a custom data to a chain.MiddlewareBuilder. In this case we're sending a UserRepository that is used by the middleware to check the username+password, but in real-world scenario we can pass a secret key or a security store path to the middleware.

func RetrieveAuthFromContext ¶

func RetrieveAuthFromContext() error

RetrieveAuthFromContext first stores an Auth object in context, then retrieves it via auth.GetAuth

func SecurityChainExample ¶

func SecurityChainExample()

SecurityChainExample illustrates setting up a security chain with 2 middlewares: 1. the "dummy" middleware that should create the Auth 2. Middleware that checks for Auth object in the context.

func SecurityChainExampleFailAuth ¶

func SecurityChainExampleFailAuth()

SecurityChainExampleFailAuth illustrates setting up a security chain same as SecurityChainExample, but the request contains wrong authentication and the chain returns an error.

func SetAuthInContext ¶

func SetAuthInContext() error

SetAuthInContext sets an auth.Auth object in context and checks for it

Types ¶

type DBUser ¶

type DBUser struct {
	ID            string
	Username      string
	Roles         []string
	Organizations []string
}

DBUser represents a user stored in some persistence.

type UserRepository ¶

type UserRepository map[string]*DBUser

UserRepository is an in-memory user data store. It is a map holding the users. The key is composed of the username and password: <username>:<password>.

func (UserRepository) FindByUsernameAndPassword ¶

func (repo UserRepository) FindByUsernameAndPassword(username string, pass string) *DBUser

FindByUsernameAndPassword looks up a user by its username and password in the UserRepository.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL