Documentation ¶
Index ¶
Constants ¶
View Source
const (
// Endpoint is the base of the auth URL
Endpoint = "auth"
)
Variables ¶
View Source
var ( // TokenLifespan is how long a token lives before it expires TokenLifespan = time.Hour * 12 // ErrNoToken is returned by GetToken if no token is provided ErrNoToken = errors.New("auth token not provided") ErrAuthHeaderNotParsable = fmt.Errorf( "couldn't parse auth token. Header \"%s\" should be \"%sTOKEN.GOES.HERE\"", headerKey, headerValStart, ) ErrTokenExpired = errors.New("the provided auth token was expired") ErrTokenRevoked = errors.New("the provided auth token was revoked") ErrTokenInsufficientPermission = errors.New("the provided auth token does not allow access to this endpoint") )
Functions ¶
func NewService ¶
func NewService(log logging.Logger, auth *Auth) *common.HTTPHandler
NewService returns a new auth API service
Types ¶
type Auth ¶
type Auth struct { Enabled bool // True iff API calls need auth token Password password.Hash // Hash of the password. Can be changed via API call. // contains filtered or unexported fields }
Auth handles HTTP API authorization for this node
type ChangePasswordArgs ¶
type ChangePasswordArgs struct { OldPassword string `json:"oldPassword"` // Current authorization password NewPassword string `json:"newPassword"` // New authorization password }
ChangePasswordArgs ...
type NewTokenArgs ¶
type NewTokenArgs struct { Password // Endpoints that may be accessed with this token // e.g. if endpoints is ["/ext/bc/X", "/ext/admin"] then the token holder // can hit the X-Chain API and the admin API // If [Endpoints] contains an element "*" then the token // allows access to all API endpoints // [Endpoints] must have between 1 and [maxEndpoints] elements Endpoints []string `json:"endpoints"` }
NewTokenArgs ...
type Password ¶
type Password struct {
Password string `json:"password"` // The authorization password
}
Password ...
type Service ¶
type Service struct { *Auth // has to be a reference to the same Auth inside the API server // contains filtered or unexported fields }
Service ...
func (*Service) ChangePassword ¶
ChangePassword changes the password required to create and revoke tokens Changing the password makes tokens issued under a previous password invalid
func (*Service) RevokeToken ¶
RevokeToken revokes a token
Click to show internal directories.
Click to hide internal directories.