README
¶
auth
Authentication package for golang including middleware with generic implementation of Basic HTTP and JWT authentication schemes.
Documentation
¶
Index ¶
- Variables
- func CheckTokenHandler(config *Config) http.Handler
- func CheckTokenHandlerFunc(config *Config) http.HandlerFunc
- func LoginHandler(config *Config) http.Handler
- func LoginHandlerFunc(config *Config) http.HandlerFunc
- func RegisterHandler(config *Config) http.Handler
- func RegisterHandlerFunc(config *Config) http.HandlerFunc
- func RequireAdmin(config *Config) func(http.Handler) http.Handler
- func RequireUser(config *Config) func(http.Handler) http.Handler
- func SendError(w http.ResponseWriter, err *Error)
- func SendJSON(w http.ResponseWriter, result interface{})
- func WithUser(parent context.Context, user User) context.Context
- func WriteLoginResponse(w http.ResponseWriter, r *http.Request, config *Config, user User)
- type Config
- type Credentials
- type Error
- type LoginResponse
- type Timestamp
- type Token
- type User
- type UserData
- type UserInfo
- type UserStore
- type UserStoreEx
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrBadAuthorizationHeader = &Error{ Code: "AUTH-BAD-AUTHORIZATION-HEADER", Status: http.StatusUnauthorized, Message: "Invalid authorization header", } ErrUnsupportedAuthScheme = &Error{ Code: "AUTH-UNSUPPORTED-SCHEME", Status: http.StatusUnauthorized, Message: "Unsupported authentication scheme", } ErrInvalidToken = &Error{ Code: "AUTH-INVALID-TOKEN", Status: http.StatusUnauthorized, Message: "User token is invalid, please re-authenticate", } ErrMissingUserID = &Error{ Code: "AUTH-INVALID-TOKEN", Status: http.StatusUnauthorized, Message: "User token is missing user_id field", } ErrMissingExp = &Error{ Code: "AUTH-INVALID-TOKEN", Status: http.StatusUnauthorized, Message: "User token is missing exp field", } ErrInvalidIssuer = &Error{ Code: "AUTH-INVALID-ISSUER", Status: http.StatusUnauthorized, Message: "User token was issued from another host", } ErrInvalidClientIP = &Error{ Code: "AUTH-INVALID-CLIENT-IP", Status: http.StatusUnauthorized, Message: "User token was issued for another IP address", } ErrNotAdmin = &Error{ Code: "AUTH-NOT-ADMIN", Status: http.StatusForbidden, Message: "You need admin privileges to make this API call", } ErrMalformedContent = &Error{ Code: "AUTH-BAD-CONTENT", Status: http.StatusBadRequest, Message: "Malformed content", } ErrBadCredentials = &Error{ Code: "AUTH-BAD-CREDENTIALS", Status: http.StatusUnauthorized, Message: "Invalid user credentials", } ErrUserNotFound = &Error{ Code: "AUTH-USER-NOT-FOUND", Status: http.StatusUnauthorized, Message: "User not found", } ErrUnsupportedContentType = &Error{ Code: "AUTH-UNSUPPORTED-CONTENT-TYPE", Status: http.StatusUnsupportedMediaType, Message: "Unrecognized data format", } ErrEncodeTokenFailed = &Error{ Code: "AUTH-ENCODE-TOKEN-FAILED", Status: http.StatusUnauthorized, Message: "Cannot encode user token", } ErrBadState = &Error{ Code: "AUTH-INTERNAL-SERVER-ERROR", Status: http.StatusInternalServerError, Message: "Internal server error", } )
Functions ¶
func CheckTokenHandler ¶
func CheckTokenHandlerFunc ¶
func CheckTokenHandlerFunc(config *Config) http.HandlerFunc
func LoginHandler ¶
func LoginHandlerFunc ¶
func LoginHandlerFunc(config *Config) http.HandlerFunc
func RegisterHandler ¶
func RegisterHandlerFunc ¶
func RegisterHandlerFunc(config *Config) http.HandlerFunc
func RequireAdmin ¶
RequireAdmin creates auth middleware that authenticates only admin users.
func RequireUser ¶
RequireUser creates auth middleware with given configuration.
func SendError ¶
func SendError(w http.ResponseWriter, err *Error)
func SendJSON ¶
func SendJSON(w http.ResponseWriter, result interface{})
func WriteLoginResponse ¶
Types ¶
type Config ¶
type Config struct {
// UserStore to validate credentials
UserStore UserStore
UserStoreEx UserStoreEx
// TokenKey specifies name of token field to extract from query string
TokenKey string
// TokenCookie specifies cookie name to extract from cookies
TokenCookie string
// SingingMethod specifies JWT signing method
SingingMethod jwt.SigningMethod
// SecretKey is key string or function to get secret key for given JWT token
SecretKey interface{}
TokenExpiration time.Duration
}
Config defines options for authentication middleware.
func (*Config) SetDefaults ¶
Initializes default handlers if they omitted.
type Credentials ¶
type Credentials struct {
UserName string `json:"username" schema:"username"`
Password string `json:"password" schema:"password"`
}
TODO support user defined expiration
type Error ¶
type LoginResponse ¶
type Token ¶
type Token struct {
UserID string `json:"user_id"`
UserName string `json:"user_name"`
Domain string `json:"domain"`
IssuedAt Timestamp `json:"issued_at"`
ExpiredAt Timestamp `json:"expired_at"`
Issuer string `json:"issuer"`
ClientIP string `json:"client_ip"`
Claims map[string]interface{} `json:"claims"` // custom claims
}
type User ¶
type User interface {
GetID() string
GetName() string
GetEmail() string
IsAdmin() bool
GetClaims() map[string]interface{}
}
func GetContextUser ¶
GetContextUser returns authenticated user if it presents in given context
func GetRequestUser ¶
GetRequestUser returns authenticated user for given request
type UserData ¶
type UserData struct {
RawData map[string]interface{}
Provider string
Email string
Name string
FirstName string
LastName string
NickName string
Description string
UserID string
AvatarURL string
Location string
AccessToken string
AccessTokenSecret string
RefreshToken string
ExpiresAt time.Time
Role string
Password string
}
type UserInfo ¶
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.