Documentation ¶
Overview ¶
Package googleauth provides OAuth sign-in using Google+.
Minimum setup needed:
- Specify client G+ credentials with SetCredentials()
- Specify a gating function with SetGatingFunc()
- Register a HTTP GET route at /connect for ConnectHandler
- Wrap any HTTP routes that should be authenticated with RequireLogin()
This will send users accessing the resources under authentication to a simple page with a G+ button, and if SetGatingFunc accepts that G+ id, the user is redirected to the original URL.
The login page can be changed by setting a different LoginTmpl.
If more control is desired, IsLoggedIn, LogIn and Connect can be used directly, but with the steps above it's not necessary.
Index ¶
- Variables
- func Connect(w http.ResponseWriter, r *http.Request) error
- func ConnectHandler(w http.ResponseWriter, r *http.Request)
- func IsLoggedIn(r *http.Request) (bool, error)
- func RequireLogin(fn http.HandlerFunc) http.HandlerFunc
- func SetCredentials(clientId, clientSecret string)
- func SetGatingFunc(fn func(gplusId string) bool)
- type LoginInfo
Constants ¶
This section is empty.
Variables ¶
var ( // Name of the top-level login template. TemplateName = "login" // Template to use for the login redirect. LoginTmpl = template.Must(template.New(TemplateName).Parse(tmpl)) )
Functions ¶
func Connect ¶
func Connect(w http.ResponseWriter, r *http.Request) error
Connect finishes the connection process, exchanging the one-time authorization code for an access token and storing it in the session.
func ConnectHandler ¶
func ConnectHandler(w http.ResponseWriter, r *http.Request)
ConnectHandler finishes the connection process, exchanging the one-time authorization code for an access token and storing it in the session.
ConnectHandler redirects to the request "referer" on successful login.
ConnectHandler returns HTTP 401 (Unauthorized) if the user does not have access.
func IsLoggedIn ¶
IsLoggedIn returns true if the user is signed in.
func RequireLogin ¶
func RequireLogin(fn http.HandlerFunc) http.HandlerFunc
RequireLogin returns a wrapped HandlerFunc that enforces Google+ login.
If the user is logged in, the specified HandlerFunc is called, otherwise the login page defined by LoginTmpl is served.
RequireLogin returns HTTP 500 (Internal Server Error) if the template fails to render or the package has an internal error.
func SetCredentials ¶
func SetCredentials(clientId, clientSecret string)
SetCredential specifies the client G+ credentials.
func SetGatingFunc ¶
SetGatingFunc sets a function to check if user with given G+ id is allowed access.
Types ¶
type LoginInfo ¶
LoginInfo represents the user's login info.
func LogIn ¶
LogIn returns the user's login info, starting the auth process.
LogIn generates a state token, which along with the client id should be returned to the user where the front-end library can exchange them for a one-time authorization code. That one-time authorization code is then passed in to /connect, which finishes the auth process.