Documentation ¶
Index ¶
- func GetRequestUser(r *http.Request) *users.User
- func Init(providers ...Provider) func(next http.Handler) http.Handler
- func Required(next http.Handler) http.Handler
- func SetRequestAuthInfo(r *http.Request, info *Info) *http.Request
- type BasicAuthProvider
- type FeatureCsrfProvider
- type Info
- type NullProvider
- type Provider
- type ProviderInfo
- type SessionAuthProvider
- type TokenAuthProvider
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetRequestUser ¶
GetRequestUser returns the current request's user.
func Init ¶
Init returns an http.Handler that will try to find a suitable authentication provider on each request. The first to return true with its IsActive() method becomes the request authentication provider.
If no provider could be found, the NullProvider will then be used.
The provider is then stored in the request's context and can be retrieved using GetRequestProvider().
func Required ¶
Required returns an http.Handler that will enforce authentication on the request. It uses the request authentication provider to perform the authentication.
A provider performing a successful authentication must store its authentication information using SetRequestAuthInfo.
When the request has this attribute it will carry on. Otherwise it stops the response with a 403 error.
The logged in user can be retrieved with GetRequestUser().
Types ¶
type BasicAuthProvider ¶
type BasicAuthProvider struct{}
BasicAuthProvider handles basic HTTP authentication method with "Authorization: Basic {payload}" header.
func (*BasicAuthProvider) Authenticate ¶
func (p *BasicAuthProvider) Authenticate(w http.ResponseWriter, r *http.Request) (*http.Request, error)
Authenticate performs the authentication using the HTTP basic authentication information provided.
func (*BasicAuthProvider) CsrfExempt ¶
func (p *BasicAuthProvider) CsrfExempt(_ *http.Request) bool
CsrfExempt is always true for this provider.
type FeatureCsrfProvider ¶
type FeatureCsrfProvider interface { // Must return true to disable CSRF protection for the request. CsrfExempt(r *http.Request) bool }
FeatureCsrfProvider allows a provider to implement a method to bypass all CSRF protection.
type Info ¶
type Info struct { Provider *ProviderInfo User *users.User }
Info is the payload with the currently authenticated user and some information about the provider
func GetRequestAuthInfo ¶
GetRequestAuthInfo returns the current request's auth info
type NullProvider ¶
type NullProvider struct{}
NullProvider is the provider returned when no other provider could be activated.
func (*NullProvider) Authenticate ¶
func (p *NullProvider) Authenticate(_ http.ResponseWriter, r *http.Request) (*http.Request, error)
Authenticate doesn't do anything
func (*NullProvider) Info ¶
func (p *NullProvider) Info(_ *http.Request) *ProviderInfo
Info return information about the provider.
type Provider ¶
type Provider interface { // Must return true to enable the provider for the current request. IsActive(r *http.Request) bool // Must return a request with the Info provided when successful. Authenticate(http.ResponseWriter, *http.Request) (*http.Request, error) }
Provider is the interface that must implement any authentication provider.
func GetRequestProvider ¶
GetRequestProvider returns the current request's authentication provider.
type ProviderInfo ¶
ProviderInfo contains information about the provider.
type SessionAuthProvider ¶
type SessionAuthProvider struct { // A function that returns the request's session GetSession func(*http.Request) *sessions.Session // A function that sets a Location header when // authentication fails. Redirect func(http.ResponseWriter, *http.Request) }
SessionAuthProvider is the last authentication provider. It's alway enabled in case of every previous provider failing.
func (*SessionAuthProvider) Authenticate ¶
func (p *SessionAuthProvider) Authenticate(w http.ResponseWriter, r *http.Request) (*http.Request, error)
Authenticate checks if the request's session cookie is valid and the user exists.
type TokenAuthProvider ¶
type TokenAuthProvider struct{}
TokenAuthProvider handles authentication using a bearer token passed in the request "Authorization" header with the scheme "Bearer".
func (*TokenAuthProvider) Authenticate ¶
func (p *TokenAuthProvider) Authenticate(w http.ResponseWriter, r *http.Request) (*http.Request, error)
Authenticate performs the authentication using the "Authorization: Bearer" header provided.
func (*TokenAuthProvider) CsrfExempt ¶
func (p *TokenAuthProvider) CsrfExempt(_ *http.Request) bool
CsrfExempt is always true for this provider.