Documentation ¶
Index ¶
- Constants
- func CookieStore(HashKey, BlockKey []byte) (*sessions.CookieStore, error)
- func FormAuthHandler(session *SessionMgr, user UserLogin) http.Handler
- func FsStore(path string, HashKey, BlockKey []byte) (*sessions.FilesystemStore, error)
- func JsonAuthHandler(session *SessionMgr, user UserLogin) http.Handler
- type Basic
- type ErrorUnauthorized
- type SessionCfg
- type SessionData
- type SessionMgr
- func (auth *SessionMgr) Login(r *http.Request, w http.ResponseWriter, user string) error
- func (auth *SessionMgr) Logout(r *http.Request, w http.ResponseWriter) error
- func (auth *SessionMgr) Middleware(next http.Handler) http.Handler
- func (auth *SessionMgr) Read(r *http.Request) (SessionData, error)
- func (auth *SessionMgr) ReadUpdate(r *http.Request, w http.ResponseWriter) (SessionData, error)
- type UserData
- type UserLogin
Constants ¶
const ( ActionLoginCheck = iota ActionLoginOk ActionLoginFailed )
const (
SessionName = "_c_auth"
)
const UserIdKey = "loggedInUserID"
const UserIsLoggedInKey = "isUserLoggedIn"
Variables ¶
This section is empty.
Functions ¶
func CookieStore ¶
func CookieStore(HashKey, BlockKey []byte) (*sessions.CookieStore, error)
CookieStore is a convenience function to generate a new secure cookiestore based on the securecookie.New doc:
hashKey is required, used to authenticate values using HMAC. Create it using GenerateRandomKey(). It is recommended to use a key with 32 or 64 bytes.
blockKey is optional, used to encrypt values. Create it using GenerateRandomKey(). The key length must correspond to the key size of the encryption algorithm. For AES, used by default, valid lengths are 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256. The default encoder used for cookie serialization is encoding/gob.
func FormAuthHandler ¶
func FormAuthHandler(session *SessionMgr, user UserLogin) http.Handler
FormAuthHandler is a simple session auth handler that will respond to a form POST request and login a user this can be used as simple implementations or as inspiration to customize an authentication middleware
func FsStore ¶
func FsStore(path string, HashKey, BlockKey []byte) (*sessions.FilesystemStore, error)
FsStore is a convenience function to generate a new File system store is uses a secure cookie to keep the session id (?)
func JsonAuthHandler ¶
func JsonAuthHandler(session *SessionMgr, user UserLogin) http.Handler
JsonAuthHandler is a simple session auth handler that will respond to a Json POST request and login a user this can be used as simple implementations or as inspiration to customize an authentication middleware
Types ¶
type Basic ¶
type ErrorUnauthorized ¶
type ErrorUnauthorized struct {
// contains filtered or unexported fields
}
func (ErrorUnauthorized) Error ¶
func (r ErrorUnauthorized) Error() string
type SessionCfg ¶
type SessionCfg struct { Store sessions.Store SessionDur time.Duration // normal session duration, can be renewed on subsequent requests MinWriteSpace time.Duration // time between the last session update, used to not overload the session store MaxSessionDur time.Duration // force a logout after this time }
type SessionData ¶
type SessionData struct { UserData // expiration of the session, e.g. 2 days, after a login is required, this value can be updated by "keep me logged in" Expiration time.Time // force re-auth, max time a session is valid, even if keep logged in is in place. ForceReAuth time.Time LastUpdate time.Time }
func (*SessionData) Process ¶
func (d *SessionData) Process(extend time.Duration)
type SessionMgr ¶
type SessionMgr struct {
// contains filtered or unexported fields
}
func NewSessionMgr ¶
func NewSessionMgr(cfg SessionCfg) (*SessionMgr, error)
func (*SessionMgr) Login ¶
func (auth *SessionMgr) Login(r *http.Request, w http.ResponseWriter, user string) error
Login is a convenience function to write a new logged-in session for a specific user id and write it
func (*SessionMgr) Logout ¶
func (auth *SessionMgr) Logout(r *http.Request, w http.ResponseWriter) error
Logout is a convenience function to logout the current user
func (*SessionMgr) Middleware ¶
func (auth *SessionMgr) Middleware(next http.Handler) http.Handler
Middleware is a simple session auth middleware that will only allow access if the user is logged in this can be used as simple implementations or as inspiration to customize an authentication middleware
func (*SessionMgr) Read ¶
func (auth *SessionMgr) Read(r *http.Request) (SessionData, error)
func (*SessionMgr) ReadUpdate ¶
func (auth *SessionMgr) ReadUpdate(r *http.Request, w http.ResponseWriter) (SessionData, error)
ReadUpdate is used to read the session, and update the session expiry timestamp it only extends the session if enough time has passed since the last write to not overload the session store on many requests. it returns the session data if the user is logged in