README
¶
Go-Passport
GopherSauce authentication package. This package supports simple service security.
Requirements
- Running Go lang workspace.
- GopherSauce
Index
Import
Add this tag within the root of your <gos> tag in your .gxml file.
<import src="github.com/cheikhshift/gop/gos.gxml" />
Setup
Add the following golang statements within your <main> tag in your .gxml file.
Authenticating with MongoDB
Connect to database
gop.Connect("host_mongo_uri", "database_name")
defer gop.DB.Close()
Perform a login within <end> tag
The following <end> tag will attempt to login a user : If Authentication fails a text string as to why is returned.
<end path="/login" type="POST" >
succ, err := gop.Login(r.FormValue("username") ,
r.FormValue("password") ,
session )
if err != nil {
response = err.Error()
} else {
//redirect or return user
user,err := gop.GetUser(session)
//save in case you're redirecting
session.Save(r,w)
}
</end>
Create a new user within <end> tag
The following <end> tag will attempt to login a user : If registration fails a text string as to why is returned.
<end path="/join" type="POST" >
succ, err := gop.Join(r.FormValue("username") ,
r.FormValue("password") ,
r.FormValue("email") ,
session )
if err != nil {
response = err.Error()
} else {
//redirect or return user
user,err := gop.GetUser(session)
//save in case you're redirecting
session.Save(r,w)
}
</end>
Interface of Passport user :
type User struct {
Id bson.ObjectId `bson:"_id,omitempty"`
Username string `valid:"unique,required"`
Pw [32]byte
Email string `valid:"email,unique,required"`
Created time.Time //timestamp local format
Scopes []string
Attr map[string] string
}
Authenticating with LDAP
Get LDAP go pkg
go get github.com/jtblin/go-ldap-client
Connect to server
Create a connection to your LDAP server. Update the fields as needed.
gop.UseLDAP(&ldap.LDAPClient{
Base: "dc=example,dc=com",
Host: "ldap.example.com",
Port: 389,
UseSSL: false,
BindDN: "uid=readonlysuer,ou=People,dc=example,dc=com",
BindPassword: "readonlypassword",
UserFilter: "(uid=%s)",
GroupFilter: "(memberUid=%s)",
Attributes: []string{"givenName", "sn", "mail", "uid"},
})
defer gop.LDAPClient.Close()
Authentication with LDAP
The following <end> tag will attempt to login a user : If Authentication fails a text string as to why is returned. Once logged in, use the pkg function gop.GetUser(session *sessions.Session) (User, error) to get the current session's user interface.
<end path="/login" type="POST" >
succ, err := gop.LoginLDAP(r.FormValue("username") ,
r.FormValue("password") ,
session )
if err != nil {
response = err.Error()
} else {
//redirect or return user
user,err := gop.GetUser(session)
//save in case you're redirecting
session.Save(r,w)
}
</end>
Interface of LDAP passport user :
type User struct {
Id bson.ObjectId `bson:"_id,omitempty"`
Username string `valid:"unique,required"`
Pw [32]byte
Email string `valid:"email,unique,required"`
Created time.Time //timestamp local format
Scopes []string
Groups []string
Props db.O
Attr map[string] string
}
Securing a service
Use the package function gop.AddAuthZone(path string) to protect a request path and its subset paths. The following example will intercept any path with string protect-resource in it.
gop.AddAuthZone("protect-resource")
Give user path permission :
Use the function (u *User)AddZone(path string) to give user new access to a specified path.
Use the function (u *User)RemoveZone(path string) to revoke user access from a specified path.
Update user
Use the Push function to update your user's session and database value.
(u *User) Push (ses *sessions.Session) error
Log user out.
Use the gop pkg func : func Logout(ses *sessions.Session) (bool, error) to log a user out. Example of the call within <end> tag :
<end path="/sample/path" type="GET">
gop.Logout(session)
</end>
Set Unauthorized page redirect
Use the gop.SetUnAuthPage(path string) to set the redirect path on permission error.
gos.SetUnAuthPage(path string)
Issues :
Please use the Github issue tracker.
Documentation
¶
Index ¶
- Variables
- func AddAuthZone(path string)
- func BytesToString(b []byte) string
- func Connect(host string, dbname string)
- func Contains(arr []string, lookup string) bool
- func DebugTemplate(w http.ResponseWriter, r *http.Request, tmpl string)
- func DebugTemplatePath(tmpl string, intrf interface{})
- func FileServer() http.Handler
- func GetLine(fname string, match string) int
- func Handler(w http.ResponseWriter, r *http.Request)
- func Join(args ...interface{}) (bool, error)
- func Login(u string, pw string, ses *sessions.Session) (bool, error)
- func LoginLDAP(u string, pw string, ses *sessions.Session) (bool, error)
- func Logout(ses *sessions.Session) (bool, error)
- func MakeHandler(fn func(http.ResponseWriter, *http.Request)) http.HandlerFunc
- func Netadd(x, v float64) float64
- func Netdivided(x, v float64) float64
- func Netimportcss(s string) string
- func Netimportjs(s string) string
- func Netmultiply(x, v float64) float64
- func NetsessionDelete(s *sessions.Session) string
- func NetsessionGet(key string, s *sessions.Session) string
- func NetsessionGetInt(key string, s *sessions.Session) interface{}
- func NetsessionKey(key string, s *sessions.Session) bool
- func NetsessionRemove(key string, s *sessions.Session) string
- func NetsessionSet(key string, value string, s *sessions.Session) string
- func NetsessionSetInt(key string, value interface{}, s *sessions.Session) string
- func Netsubs(x, v float64) float64
- func ReadyTemplate(body []byte) string
- func RemoveAuthZone(path string)
- func SetDb(db db.DB)
- func SetField(obj interface{}, name string, value interface{}) error
- func SetUnAuthPage(path string)
- func UrlAtZ(url, base string) (isURL bool)
- func UseLDAP(Ldap *ldap.LDAPClient)
- type NoStruct
- type Page
- type User
Constants ¶
This section is empty.
Variables ¶
var ( DB db.DB DbName, UPage string LDAPClient *ldap.LDAPClient Zones []string )
var LocalLDAP *ldap.LDAPClient
Functions ¶
func AddAuthZone ¶
func AddAuthZone(path string)
func BytesToString ¶
func DebugTemplate ¶
func DebugTemplate(w http.ResponseWriter, r *http.Request, tmpl string)
func DebugTemplatePath ¶
func DebugTemplatePath(tmpl string, intrf interface{})
func FileServer ¶
func MakeHandler ¶
func MakeHandler(fn func(http.ResponseWriter, *http.Request)) http.HandlerFunc
Access you .gxml's end tags with this http.HandlerFunc. Use MakeHandler(http.HandlerFunc) to serve your web directory from memory.
func Netdivided ¶
func Netimportcss ¶
func Netimportjs ¶
func Netmultiply ¶
func NetsessionDelete ¶
func NetsessionGetInt ¶
func NetsessionSetInt ¶
func ReadyTemplate ¶
func RemoveAuthZone ¶
func RemoveAuthZone(path string)
func SetUnAuthPage ¶
func SetUnAuthPage(path string)
Types ¶
type User ¶
type User struct {
Id bson.ObjectId `bson:"_id,omitempty"`
Username string `valid:"unique,required"`
Pw [32]byte
Email string `valid:"email,unique,required"`
Created time.Time //timestamp local format
Scopes []string
Groups []string
Props db.O
LDAP bool
Attr map[string]string
}
Source Files