auth

Documentation

Index

• func Add(load loadFunc, noCSRF ...string) func(http.Handler) http.Handler
• func ClearCookie(w http.ResponseWriter, domain string)
• func Filter(f filterFunc) func(http.Handler) http.Handler
• func SetCookie(w http.ResponseWriter, val, domain string)
• type User

Functions

func Add

func Add(load loadFunc, noCSRF ...string) func(http.Handler) http.Handler

Add user auth to an endpoint.

The load callback is called with the value of the authentication cookie. The User is added to the context.

POST, PATH, PUT, and DELETE requests will check the CSRF token from the "csrf" field with the value from User.CSRFToken(). The list of paths in noCSRF will be excluded for CSRF checks.

func ClearCookie

func ClearCookie(w http.ResponseWriter, domain string)

ClearCookie sends an empty auth cookie with an expiry in the past for the given domain, clearing it in the client.

Make sure the domain matches with what was sent before *exactly*, or the browser will set a second cookie.

func Filter

func Filter(f filterFunc) func(http.Handler) http.Handler

Filter access to a resource.

If the returning error is a zgo.at/guru.coder and has a redirect code, then the error value is used as a redirection.

func SetCookie

func SetCookie(w http.ResponseWriter, val, domain string)

SetCookie sets the authentication cookie to val for the given domain.

Types

type User

type User interface {
	CSRFToken() string
}