apikeys

package

v3.1.0 Latest Latest Go to latest Published: Nov 9, 2024 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/c9845/licensekeys

Links

Open Source Insights

Documentation ¶

Overview ¶

Package apikeys handles generating, revoking, and listing data on api keys.

API keys are used for authenticating automated access to this app. In other words, other apps accessing this app's data.

The app can store and use multiple API keys. Idealy one API key is used for each integration to this app. Doing so allows for revoking one API key without affecting other integrations.

Only certain endpoints are accessible via an API key. Not all of this app's data is accessible via an outside integration. This is for security purposes. The list of accessible endpoints is noted below in the publicEndpoints slice.

API keys are stored in plain text on the server. This is done since is someone outside of and approved user of an API key has access to the API key, they can already perform actions of that API key. API keys are not like passwords where they are often reused or provided each time. Furthermore, if someone has access to a list of API keys then they most likely have access to the database anyway. The best use case for a hashed value being stored in the database is that someone browsing the database won't be able to use an API key just by looking at the stored value.

Index ¶

Constants
func Generate(w http.ResponseWriter, r *http.Request)
func GetAll(w http.ResponseWriter, r *http.Request)
func KeyLength() int
func Revoke(w http.ResponseWriter, r *http.Request)
func Update(w http.ResponseWriter, r *http.Request)

Constants ¶

View Source

const APIKeyContextKey apiKeyContextKeyType = "api-key-id"

APIKeyContextKey is the name of the key that stores an API key's ID in the request context. This is used to save the API Key ID in middleware-externalAPI.go and is used to get teh API Key ID via context.Value().

Variables ¶

This section is empty.

Functions ¶

func Generate ¶

func Generate(w http.ResponseWriter, r *http.Request)

Generate creates a new API key and saves it to the database.

func GetAll ¶

func GetAll(w http.ResponseWriter, r *http.Request)

GetAll looks up a list of all API keys.

func KeyLength ¶

func KeyLength() int

KeyLength returns the length of API keys generated inclusive of the key prefix. This is used during validation of API requests to simply check if the provided API key is the correct length before looking up the API key in the database.

func Revoke ¶

func Revoke(w http.ResponseWriter, r *http.Request)

Revoke marks an API key as inactive. An inactive API key cannot be reactivated.

func Update ¶

func Update(w http.ResponseWriter, r *http.Request)

Update saves changes to an API key. Only the API key's description and permissions can be changed. The actual key can never be changed.

Types ¶

This section is empty.

Source Files ¶

View all Source files

apikeys.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL