auth

package

v0.0.0-...-4b97b8a Latest Latest Go to latest Published: Jul 7, 2024 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/rakin92/go-rest-service

Links

Open Source Insights

Documentation ¶

Overview ¶

Package auth holds some standard auth functionalities. It provides us middleware easily into our routers, and manage access control of our apis.

Index ¶

Variables
func Middleware(path string, cfg *cfg.Server, orm *orm.ORM) gin.HandlerFunc
func ParseAPIKey(c *gin.Context, sc *cfg.Server) (apiKey string, err error)
func ParseToken(c *gin.Context, sc *cfg.Server) (t *jwt.Token, err error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// APIKeyHeader The API key header name
	APIKeyHeader = "x-api-key"

	// TokenHeadName is a string in the header. Default value is "Bearer"
	TokenHeadName = "Bearer"

	// APIKeyLookup is a string in the form of "<source>:<name>" that is used
	// to extract token from the request.
	// Optional. Default value "header:Authorization".
	// Possible values:
	// - "header:<name>"
	// - "query:<name>"
	// - "cookie:<name>"
	APIKeyLookup = "param:api_key,query:api_key,cookie:api_key,header:" + APIKeyHeader

	// TokenLookup is a string in the form of "<source>:<name>" that is used
	// to extract token from the request.
	// Optional. Default value "header:Authorization".
	// Possible values:
	// - "header:<name>"
	// - "query:<name>"
	// - "cookie:<name>"
	TokenLookup = "param:api_key,query:token,cookie:jwt,header:Authorization"

	// ErrNoClaims when HTTP status 403 is given
	ErrNoClaims = errors.New("invalid token")

	// ErrForbidden when HTTP status 403 is given
	ErrForbidden = errors.New("you don't have permission to access this resource")

	// ErrExpiredToken indicates JWT token has expired. Can't refresh.
	ErrExpiredToken = errors.New("token is expired")

	// ErrEmptyAuthHeader can be thrown if authing with a HTTP header, the Auth header needs to be set
	ErrEmptyAuthHeader = errors.New("auth header is empty")

	// ErrEmptyAPIKeyHeader can be thrown if authing with a HTTP header, the Auth header needs to be set
	ErrEmptyAPIKeyHeader = errors.New("api key header is empty")

	// ErrMissingExpField missing exp field in token
	ErrMissingExpField = errors.New("missing exp field")

	// ErrInvalidAuthHeader indicates auth header is invalid, could for example have the wrong Realm name
	ErrInvalidAuthHeader = errors.New("auth header is invalid")

	// ErrEmptyQueryToken can be thrown if authing with URL Query, the query token variable is empty
	ErrEmptyQueryToken = errors.New("query token is empty")

	// ErrEmptyCookieToken can be thrown if authing with a cookie, the token cokie is empty
	ErrEmptyCookieToken = errors.New("cookie token is empty")

	// ErrEmptyParamToken can be thrown if authing with parameter in path, the parameter in path is empty
	ErrEmptyParamToken = errors.New("parameter token is empty")

	// ErrInvalidSigningAlgorithm indicates signing algorithm is invalid, needs to be HS256, HS384, HS512, RS256, RS384 or RS512
	ErrInvalidSigningAlgorithm = errors.New("invalid signing algorithm")
)

Functions ¶

func Middleware ¶

func Middleware(path string, cfg *cfg.Server, orm *orm.ORM) gin.HandlerFunc

Middleware wraps the request with auth middleware

func ParseAPIKey ¶

func ParseAPIKey(c *gin.Context, sc *cfg.Server) (apiKey string, err error)

ParseAPIKey parse api key from gin context looks for x-api-key in header, query params, cookie

func ParseToken ¶

func ParseToken(c *gin.Context, sc *cfg.Server) (t *jwt.Token, err error)

ParseToken parse jwt token from gin context looks for token in header, query params, cookie

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL