auth

package

v0.12.1 Latest Latest Go to latest Published: Mar 19, 2020 License: MIT Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/goradd/goradd

Links

Open Source Insights

Documentation ¶

Overview ¶

This auth package is an example of how to do authentication and authorization in goradd. It will get you started, but you will likely need to make some changes to fit your particular requirements.

The code below expects you to have a User table in your database. It expects it to have an ID field as a unique identifier for the user, and a PasswordHash field, which should be a character string of at least 256 characters and that will store the hashed password. This system never stores a cleartext password.

You will also need to call PutContext to put the authorization context into the http request context. Call that from app.PutContext().

Index ¶

Constants
func Authorize(ctx context.Context, permissionLevel model.UserType) bool
func CurrentUser(ctx context.Context) *model.User
func HashPassword(password string) string
func Logout(ctx context.Context)
func PutContext(ctx context.Context) context.Context
func SetCurrentUserID(ctx context.Context, id string)
func ValidatePassword(password string, userName string) (passwordErr, userNameErr string)
func VerifyPassword(user *model.User, password string) bool
type Context

Constants ¶

View Source

const AuthContextKey = goradd.ContextKey("app.auth")

Variables ¶

This section is empty.

Functions ¶

func Authorize ¶

func Authorize(ctx context.Context, permissionLevel model.UserType) bool

Authorize authorizes the current user based on a level of authorization. There are other ways to do this, but this is just an example. For instance, you could authorize based on specific permissions granted, and use a bitfield to OR those together for a more complex authorization system.

func CurrentUser ¶

func CurrentUser(ctx context.Context) *model.User

CurrentUser returns the currently logged in user object, or nil if no user is logged in. It will cache the user information and store it in the context for future reference in the current request, so that the database does not need to be queried each time. It gets the current user out of the sesssion. If there is no current user, it returns nil.

func HashPassword ¶

func HashPassword(password string) string

func Logout ¶

func Logout(ctx context.Context)

Logout does the steps required to log out the current user

func PutContext ¶

func PutContext(ctx context.Context) context.Context

PutContext allocates our application specific context object and returns it so we can get to it later as the context gets passed around the application. Call this from app.PutContext().

func SetCurrentUserID ¶

func SetCurrentUserID(ctx context.Context, id string)

SetCurrentUserID will set the current user to a specific id.

func ValidatePassword ¶

func ValidatePassword(password string, userName string) (passwordErr, userNameErr string)

ValidatePassword enforces the rules about what makes up a good enough password or userName for our system You can also use a 3rd party library to evaluate password strength.

func VerifyPassword ¶

func VerifyPassword(user *model.User, password string) bool

Types ¶

type Context ¶

type Context struct {
	// contains filtered or unexported fields
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL