manager

package

v0.0.6 Latest Latest Go to latest Published: Mar 16, 2021 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/easeq/go-redis-access-control

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func GenerateRandomBytes(n int) ([]byte, error)
func NewRedisClient(address string) *redis.Client
func NewRedisStore(ctx context.Context, client *redis.Client) (*redisstore.RedisStore, error)
type Action
type Claims
type Config
- func NewConfig() (*Config, error)
type Endpoint
type Endpoints
type JWT
- func NewJWTManager(secretKey string, tokenDuration time.Duration) *JWT
type Redis
type Token
- func NewToken(n int) (*Token, error)

Constants ¶

View Source

const RoleAll = "all"

RoleAll that any authenticated user can access

Variables ¶

View Source

var (
	// ErrInvalidEndpoint returned when accessing an invalid endpoint
	ErrInvalidEndpoint = errors.New("accessing invalid endpoint")
)

Functions ¶

func GenerateRandomBytes ¶

func GenerateRandomBytes(n int) ([]byte, error)

GenerateRandomBytes returns securely generated random bytes. It will return an error if the system's secure random number generator fails to function correctly, in which case the caller should not continue.

func NewRedisClient ¶

func NewRedisClient(address string) *redis.Client

NewRedisClient creates a new redis client

func NewRedisStore ¶

func NewRedisStore(ctx context.Context, client *redis.Client) (*redisstore.RedisStore, error)

NewRedisStore creates new default RedisStore

Types ¶

type Action ¶ added in v0.0.3

type Action struct {
	// Can access without authentication
	Unauthenticated bool
	// Roles that can access the resource
	Roles map[string]bool
}

Action defines the endpoints action config

type Claims ¶

type Claims struct {
	jwt.StandardClaims
	ID          int    `json:"ID"`
	Role        string `json:"roles"`
	RandomToken *Token `json:"token"`
}

Claims defines the custom JWT claims

type Config ¶

type Config struct {
	JWT   JWT
	Redis Redis
}

Config returns the module config

func NewConfig ¶

func NewConfig() (*Config, error)

NewConfig returns a loaded module config

type Endpoint ¶ added in v0.0.3

type Endpoint string

Endpoint path

func (Endpoint) CanAccessWithRole ¶ added in v0.0.3

func (e Endpoint) CanAccessWithRole(role string) bool

CanAccessWithRole returrns whether the given endpoint is accessible with the users permissions

The method returns false when the action is un-registered or the user doesn't have enough permissions

Returns true otherwise

func (Endpoint) CanAccessWithoutAuth ¶ added in v0.0.3

func (e Endpoint) CanAccessWithoutAuth() bool

CanAccessWithoutAuth checks if the endpoint can be accessed without authentication

func (Endpoint) Register ¶ added in v0.0.3

func (e Endpoint) Register(action Action)

Register - adds a new endpoint and it's action

type Endpoints ¶ added in v0.0.3

type Endpoints map[Endpoint]Action

Endpoints map of Endpoint and it's config

type JWT ¶

type JWT struct {
	SecretKey string        `env:"GRAC_JWT_SECRET_KEY"`
	Duration  time.Duration `env:"GRAC_JWT_DURATION"`
}

JWT is a JSON web token manager

func NewJWTManager ¶

func NewJWTManager(secretKey string, tokenDuration time.Duration) *JWT

NewJWTManager returns a new JWT manager

func (*JWT) Generate ¶

func (jwt *JWT) Generate(ID int, role string, randToken *Token) (string, error)

Generate generates and signs a new token with specified claims for a user

func (*JWT) GetSecretKey ¶

func (jwt *JWT) GetSecretKey() []byte

GetSecretKey returns secret key to sign jwt

func (*JWT) Verify ¶

func (jwt *JWT) Verify(tokenStr string) (*Claims, error)

Verify verifies the access token string and return a user claim if the token is valid

type Redis ¶

type Redis struct {
	Address          string `env:"GRAC_REDIS_ADDRESS"`
	DefaultSessionID string `env:"GRAC_DEFAULT_SESSION_ID"`
	SessionDomain    string `env:"GRAC_SESSION_DOMAIN"`
	SessionTimeout   int    `env:"GRAC_SESSION_TIMEOUT"`
	SecureCookie     bool   `env:"GRAC_SECURE_COOKIE"`
	CSRFTokenLength  int    `env:"GRAC_CSRF_TOKEN_LENGTH"`
}

Redis config

type Token ¶ added in v0.0.3

type Token struct {
	Value []byte
}

Token struct hold the token

func NewToken ¶ added in v0.0.3

func NewToken(n int) (*Token, error)

NewToken creates a new token

func (*Token) Compare ¶ added in v0.0.3

func (t *Token) Compare(anotherToken string) bool

Compare compares this token with another token

func (*Token) ToString ¶ added in v0.0.3

func (t *Token) ToString() string

ToString converts and returns the string representation of the generated token

func (*Token) ToURLSafeString ¶ added in v0.0.3

func (t *Token) ToURLSafeString() string

ToURLSafeString returns a base64 encoded URL safe random string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL