Documentation
¶
Index ¶
- func HasHeaderToken(r *http.Request) bool
- func HasSessionToken(manager *scs.Manager, r *http.Request) bool
- func NewSessionAuth(config *configuration.AuthenticationConfiguration) *scs.Manager
- func RateLimitMiddleware(ll *LoginLimiter) func(h http.Handler) http.Handler
- func RequiredValidAccessClaims(manager *scs.Manager, config *configuration.ServerConfigurationSchema) func(http.Handler) http.Handler
- type AccessClaims
- func (ret *AccessClaims) DestroyInSession(manager *scs.Manager, w http.ResponseWriter, r *http.Request) error
- func (ret *AccessClaims) ParseAccessClaimsFromToken(secret string, tokenStr string) error
- func (ret *AccessClaims) ParseRefreshClaimsFromSession(manager *scs.Manager, r *http.Request) error
- func (a *AccessClaims) ToMap() map[string]interface{}
- func (ret *AccessClaims) UpdateSession(manager *scs.Manager, w http.ResponseWriter, r *http.Request) http.ResponseWriter
- func (ret *AccessClaims) WriteToSession(manager *scs.Manager, w http.ResponseWriter, r *http.Request) http.ResponseWriter
- type LoginLimiter
- type LoginLimiterKey
- type LoginLimiterKeyFromIP
- type RefreshClaims
- type TokenAuth
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func HasHeaderToken ¶
HasHeaderToken tests if the request header has a token without verifying the correctness.
func HasSessionToken ¶
HasSessionToken tests if the request header has the http-only cookies containing session informations.
func NewSessionAuth ¶
func NewSessionAuth(config *configuration.AuthenticationConfiguration) *scs.Manager
createSessionManager starts a web session and stores the information into a http-only cookie. This is the preferred way when using a SPA.
func RateLimitMiddleware ¶
func RateLimitMiddleware(ll *LoginLimiter) func(h http.Handler) http.Handler
func RateLimitMiddleware(prefix string, limit string, redisURL string) func(h http.Handler) http.Handler {
func RequiredValidAccessClaims ¶
func RequiredValidAccessClaims(manager *scs.Manager, config *configuration.ServerConfigurationSchema) func(http.Handler) http.Handler
RequiredValidAccessClaimsMiddleware tries to get information about the identity which issues a request by looking into the authorization header and then into the cookie.
Types ¶
type AccessClaims ¶
type AccessClaims struct {
jwt.StandardClaims
AccessNotRefresh bool `json:"anr"` // to distinguish between access and refresh code
LoginID int64 `json:"login_id"` // the id to get user information
Root bool `json:"root"` // a global flag to bypass all permission checks
}
AccessClaims represent the claims parsed from JWT access token.
func NewAccessClaims ¶
func NewAccessClaims(loginId int64, root bool) AccessClaims
func (*AccessClaims) DestroyInSession ¶
func (ret *AccessClaims) DestroyInSession(manager *scs.Manager, w http.ResponseWriter, r *http.Request) error
func (*AccessClaims) ParseAccessClaimsFromToken ¶
func (ret *AccessClaims) ParseAccessClaimsFromToken(secret string, tokenStr string) error
Parse access claims from a JWT token string
func (*AccessClaims) ParseRefreshClaimsFromSession ¶
Parse access claims from a cookie
func (*AccessClaims) ToMap ¶
func (a *AccessClaims) ToMap() map[string]interface{}
func (*AccessClaims) UpdateSession ¶
func (ret *AccessClaims) UpdateSession(manager *scs.Manager, w http.ResponseWriter, r *http.Request) http.ResponseWriter
func (*AccessClaims) WriteToSession ¶
func (ret *AccessClaims) WriteToSession(manager *scs.Manager, w http.ResponseWriter, r *http.Request) http.ResponseWriter
type LoginLimiter ¶
type LoginLimiter struct {
Store *limiter.Store
Rate *limiter.Rate
Prefix string
Redis *libredis.Client
}
func NewLoginLimiter ¶
func NewLoginLimiter(prefix string, limit string, redisURL string) (*LoginLimiter, error)
func (*LoginLimiter) Get ¶
func (ll *LoginLimiter) Get(r *http.Request, KeyFunc LoginLimiterKey) (limiter.Context, error)
func (*LoginLimiter) WriteHeaders ¶
func (ll *LoginLimiter) WriteHeaders(w http.ResponseWriter, context limiter.Context)
type LoginLimiterKey ¶
type LoginLimiterKey interface {
Key() string
}
type LoginLimiterKeyFromIP ¶
func NewLoginLimiterKeyFromIP ¶
func NewLoginLimiterKeyFromIP(r *http.Request) *LoginLimiterKeyFromIP
func (*LoginLimiterKeyFromIP) Key ¶
func (obj *LoginLimiterKeyFromIP) Key() string
type RefreshClaims ¶
type RefreshClaims struct {
jwt.StandardClaims
AccessNotRefresh bool `json:"anr"`
LoginID int64 `json:"login_id"`
}
RefreshClaims represent the claims parsed from JWT refresh token.
func NewRefreshClaims ¶
func NewRefreshClaims(loginId int64) RefreshClaims
func (*RefreshClaims) ParseRefreshClaimsFromToken ¶
func (ret *RefreshClaims) ParseRefreshClaimsFromToken(secret string, tokenStr string) error
Parse refresh claims from a token string
func (*RefreshClaims) ToMap ¶
func (a *RefreshClaims) ToMap() map[string]interface{}
type TokenAuth ¶
type TokenAuth struct {
JwtAuth *jwtauth.JWTAuth
JwtAccessExpiry time.Duration
JwtRefreshExpiry time.Duration
}
TokenAuth implements JWT authentication flow.
func NewTokenAuth ¶
func NewTokenAuth(config *configuration.AuthenticationConfiguration) *TokenAuth
NewTokenAuth configures and returns a JWT authentication instance.
func (*TokenAuth) CreateAccessJWT ¶
func (a *TokenAuth) CreateAccessJWT(claims AccessClaims) (string, error)
CreateAccessJWT returns an access token for provided account claims.
func (*TokenAuth) CreateRefreshJWT ¶
func (a *TokenAuth) CreateRefreshJWT(claims RefreshClaims) (string, error)
CreateRefreshJWT returns a refresh token for provided token Claims.
Source Files