Documentation
¶
Index ¶
- Constants
- func AuthN() func(next http.Handler) http.Handler
- func AuthZ(model interface{}) func(next http.Handler) http.Handler
- func CORS() func(next http.Handler) http.Handler
- func DB(db *gorm.DB) func(next http.Handler) http.Handler
- func Logger(httpLoglevel int) func(next http.Handler) http.Handler
- type AuthNInfo
- type AuthZRequest
Constants ¶
View Source
const ( // ContextKeyAuthN is the key to access the authentication information in the context. ContextKeyAuthN = util.ContextKey("authn") // AuthNAnonymousUserID is the value of the user ID if no credentials were provided. AuthNAnonymousUserID = "anonymous" // AuthNAnonymousOrganisationID is the value of organisation ID if no credentials were provided. AuthNAnonymousOrganisationID = "global" )
View Source
const ( // ContextKeyAuthZ is the key to access the authorization information in the context, which indicates field-level access. ContextKeyAuthZ = util.ContextKey("authz") )
View Source
const ( // ContextKeyDB is the key to access the database in the context. ContextKeyDB = util.ContextKey("db") )
Variables ¶
This section is empty.
Functions ¶
func AuthZ ¶
AuthZ is a middleware that verifies a user and its roles against access control policies.
func CORS ¶
CORS configures the cross-origin resource sharing policies. Required for most REST APIs to be accessed from within the browser via for example the native Fetch API.
Types ¶
type AuthNInfo ¶
AuthNInfo stores information about the authenticated entity, which can be either a user or a service.
type AuthZRequest ¶
type AuthZRequest struct {
// The type of access as a CRUD verb.
Verb string
// The requested HTTP resource as a generic endpoint.
Resource string
}
AuthZRequest defines an authorization request.
func NewAuthZRequest ¶
func NewAuthZRequest(httpMethod string, httpPath string) AuthZRequest
NewAuthZRequest creates a new authorization request by parsing the URL path and URL method.
Source Files
Click to show internal directories.
Click to hide internal directories.