auth

package module

v0.0.0-...-ccd0661 Latest Latest Go to latest Published: Aug 19, 2016 License: MIT Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mix/auth

Links

Open Source Insights

README ¶

auth

Negroni middleware/handler for http basic authentication. Fork of martini-contrib/auth. Code borrowed from nabeken/negroni-auth.

API Reference

Simple Usage

Use auth.Basic to authenticate against a pre-defined username and password:

import (
  "github.com/go-martini/martini"
  "github.com/martini-contrib/auth"
)

func main() {
  m := martini.Classic()
  // authenticate every request
  m.Use(auth.Basic("username", "secretpassword"))
  m.Run()
}

Advanced Usage

Using auth.BasicFunc lets you authenticate on a per-user level, by checking the username and password in the callback function:

import (
  "github.com/go-martini/martini"
  "github.com/martini-contrib/auth"
)

func main() {
  m := martini.Classic()
  // authenticate every request
  m.Use(auth.BasicFunc(func(username, password string) bool {
    return username == "admin" && password == "guessme"
  })
  m.Run()
}

Note that checking usernames and passwords with string comparison might be susceptible to timing attacks. To avoid that, use auth.SecureCompare instead:

  m.Use(auth.BasicFunc(func(username, password string) bool {
    return auth.SecureCompare(username, "admin") && auth.SecureCompare(password, "guessme")
  }))
}

Upon successful authentication, the username is available to all subsequent handlers via the auth.User type:

  m.Get("/", func(user auth.User) string {
    return "Welcome, " + string(user)
  })
}

Authors

Documentation ¶

Index ¶

Variables
func Basic(username string, password string) negroni.HandlerFunc
func BasicFunc(authfn func(string, string) bool) negroni.HandlerFunc
func SecureCompare(given string, actual string) bool

Constants ¶

This section is empty.

Variables ¶

View Source

var BasicRealm = "Authorization Required"

BasicRealm is used when setting the WWW-Authenticate response header.

Functions ¶

func Basic ¶

func Basic(username string, password string) negroni.HandlerFunc

Basic returns a Handler that authenticates via Basic Auth. Writes a http.StatusUnauthorized if authentication fails.

func BasicFunc ¶

func BasicFunc(authfn func(string, string) bool) negroni.HandlerFunc

BasicFunc returns a Handler that authenticates via Basic Auth using the provided function. The function should return true for a valid username/password combination.

func SecureCompare ¶

func SecureCompare(given string, actual string) bool

SecureCompare performs a constant time compare of two strings to limit timing attacks.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL