Documentation ¶
Index ¶
- Constants
- Variables
- func CrsAuth() context.Handler
- func FromAuthHeader(ctx iris.Context) (string, error)
- func Logf(ctx iris.Context, format string, args ...interface{})
- func NewEnforcer() *casbin.Enforcer
- func OnError(ctx iris.Context, err error)
- type Adapter
- func NewAdapter(driverName string, dataSourceName string, params ...interface{}) (*Adapter, error)
- func NewAdapterByDB(db *gorm.DB) (*Adapter, error)
- func NewAdapterByDBUseTableName(db *gorm.DB, prefix string, tableName string) (*Adapter, error)
- func NewFilteredAdapter(driverName string, dataSourceName string, params ...interface{}) (*Adapter, error)
- func (a *Adapter) AddPolicies(sec string, ptype string, rules [][]string) error
- func (a *Adapter) AddPolicy(sec string, ptype string, rule []string) error
- func (a *Adapter) IsFiltered() bool
- func (a *Adapter) LoadFilteredPolicy(model model.Model, filter interface{}) error
- func (a *Adapter) LoadPolicy(model model.Model) error
- func (a *Adapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) error
- func (a *Adapter) RemovePolicies(sec string, ptype string, rules [][]string) error
- func (a *Adapter) RemovePolicy(sec string, ptype string, rule []string) error
- func (a *Adapter) SavePolicy(model model.Model) error
- type CasbinRule
- type Config
- type Filter
- type TokenExtractor
Constants ¶
const (
// DefaultContextKey jwt
DefaultContextKey = "jwt"
)
Variables ¶
var ( // ErrTokenMissing is the error value that it's returned when // a token is not found based on the token extractor. ErrTokenMissing = errors.New("required authorization token not found") // ErrTokenInvalid is the error value that it's returned when // a token is not valid. ErrTokenInvalid = errors.New("token is invalid") // ErrTokenExpired is the error value that it's returned when // a token value is found and it's valid but it's expired. ErrTokenExpired = errors.New("token is expired") )
Functions ¶
func FromAuthHeader ¶
FromAuthHeader is a "TokenExtractor" that takes a give context and extracts the JWT token from the Authorization header.
func NewEnforcer ¶
func NewEnforcer() *casbin.Enforcer
Types ¶
type Adapter ¶
type Adapter struct {
// contains filtered or unexported fields
}
Adapter represents the Gorm adapter for policy storage.
func NewAdapter ¶
NewAdapter is the constructor for Adapter. Params : databaseName,tableName,dbSpecified
databaseName,{tableName/dbSpecified} {database/dbSpecified}
databaseName and tableName are user defined. Their default value are "casbin" and "casbin_rule"
dbSpecified is an optional bool parameter. The default value is false. It's up to whether you have specified an existing DB in dataSourceName. If dbSpecified == true, you need to make sure the DB in dataSourceName exists. If dbSpecified == false, the adapter will automatically create a DB named databaseName.
func NewAdapterByDB ¶
NewAdapterByDB creates gorm-adapter by an existing Gorm instance
func NewAdapterByDBUseTableName ¶
NewAdapterByDBUseTableName creates gorm-adapter by an existing Gorm instance and the specified table prefix and table name Example: gormadapter.NewAdapterByDBUseTableName(&db, "cms", "casbin") Automatically generate table name like this "cms_casbin"
func NewFilteredAdapter ¶
func NewFilteredAdapter(driverName string, dataSourceName string, params ...interface{}) (*Adapter, error)
NewFilteredAdapter is the constructor for FilteredAdapter. Casbin will not automatically call LoadPolicy() for a filtered adapter.
func (*Adapter) AddPolicies ¶
AddPolicies adds multiple policy rules to the storage.
func (*Adapter) IsFiltered ¶
IsFiltered returns true if the loaded policy has been filtered.
func (*Adapter) LoadFilteredPolicy ¶
LoadFilteredPolicy loads only policy rules that match the filter.
func (*Adapter) LoadPolicy ¶
LoadPolicy loads policy from database.
func (*Adapter) RemoveFilteredPolicy ¶
func (a *Adapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) error
RemoveFilteredPolicy removes policy rules that match the filter from the storage.
func (*Adapter) RemovePolicies ¶
RemovePolicies removes multiple policy rules from the storage.
func (*Adapter) RemovePolicy ¶
RemovePolicy removes a policy rule from the storage.
type CasbinRule ¶
type CasbinRule struct { ID uint `gorm:"primaryKey;autoIncrement"` PType string `gorm:"size:100;uniqueIndex:unique_index"` V0 string `gorm:"size:100;uniqueIndex:unique_index"` V1 string `gorm:"size:100;uniqueIndex:unique_index"` V2 string `gorm:"size:100;uniqueIndex:unique_index"` V3 string `gorm:"size:100;uniqueIndex:unique_index"` V4 string `gorm:"size:100;uniqueIndex:unique_index"` V5 string `gorm:"size:100;uniqueIndex:unique_index"` }
type Config ¶
type Config struct { // The function that will return the Key to validate the JWT. // It can be either a shared secret or a public key. // Default value: nil ValidationKeyGetter jwt.Keyfunc // The name of the property in the request where the user (&token) information // from the JWT will be stored. // Default value: "jwt" ContextKey string // The function that will be called when there's an error validating the token // Default value: ErrorHandler errorHandler // A boolean indicating if the credentials are required or not // Default value: false CredentialsOptional bool // A function that extracts the token from the request // Default: FromAuthHeader (i.e., from Authorization header as bearer token) Extractor TokenExtractor // When set, all requests with the OPTIONS method will use authentication // if you enable this option you should register your route with iris.Options(...) also // Default: false EnableAuthOnOptions bool // When set, the middelware verifies that tokens are signed with the specific signing algorithm // If the signing method is not constant the ValidationKeyGetter callback can be used to implement additional checks // Important to avoid security issues described here: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/ // Default: nil SigningMethod jwt.SigningMethod // When set, the expiration time of token will be check every time // if the token was expired, expiration error will be returned // Default: false Expiration bool }
Config is a struct for specifying configuration options for the jwt middleware.
type TokenExtractor ¶
TokenExtractor is a function that takes a context as input and returns either a token or an error. An error should only be returned if an attempt to specify a token was found, but the information was somehow incorrectly formed. In the case where a token is simply not present, this should not be treated as an error. An empty string should be returned in that case.
func FromFirst ¶
func FromFirst(extractors ...TokenExtractor) TokenExtractor
FromFirst returns a function that runs multiple token extractors and takes the first token it finds
func FromParameter ¶
func FromParameter(param string) TokenExtractor
FromParameter returns a function that extracts the token from the specified query string parameter