Documentation ¶
Index ¶
- Variables
- func HasHeaderToken(r *http.Request) bool
- func HasSessionToken(r *http.Request) bool
- func PrepareSessionManager()
- func RateLimitMiddleware(prefix string, limit string, redisURL string) func(h http.Handler) http.Handler
- func RequiredValidAccessClaims(next http.Handler) http.Handler
- type AccessClaims
- func (ret *AccessClaims) DestroyInSession(w http.ResponseWriter, r *http.Request) error
- func (ret *AccessClaims) ParseAccessClaimsFromToken(tokenStr string) error
- func (ret *AccessClaims) ParseRefreshClaimsFromSession(r *http.Request) error
- func (ret *AccessClaims) UpdateSession(w http.ResponseWriter, r *http.Request) http.ResponseWriter
- func (ret *AccessClaims) WriteToSession(w http.ResponseWriter, r *http.Request) http.ResponseWriter
- type LoginLimiter
- type LoginLimiterKey
- type LoginLimiterKeyFromIP
- type RefreshClaims
- type TokenAuth
Constants ¶
This section is empty.
Variables ¶
var SessionManager *scs.Manager
Functions ¶
func HasHeaderToken ¶
HasHeaderToken tests if the request header has a token without verifying the correctness.
func HasSessionToken ¶
HasSessionToken tests if the request header has the http-only cookies containing session informations.
func PrepareSessionManager ¶
func PrepareSessionManager()
func RateLimitMiddleware ¶
Types ¶
type AccessClaims ¶
type AccessClaims struct { jwt.StandardClaims AccessNotRefresh bool `json:"anr"` // to distinguish between access and refresh code LoginID int64 `json:"login_id"` // the id to get user information Root bool `json:"root"` // a global flag to bypass all permission checks }
AccessClaims represent the claims parsed from JWT access token.
func NewAccessClaims ¶
func NewAccessClaims(loginId int64, root bool) AccessClaims
func (*AccessClaims) DestroyInSession ¶
func (ret *AccessClaims) DestroyInSession(w http.ResponseWriter, r *http.Request) error
func (*AccessClaims) ParseAccessClaimsFromToken ¶
func (ret *AccessClaims) ParseAccessClaimsFromToken(tokenStr string) error
Parse access claims from a JWT token string
func (*AccessClaims) ParseRefreshClaimsFromSession ¶
func (ret *AccessClaims) ParseRefreshClaimsFromSession(r *http.Request) error
Parse access claims from a cookie
func (*AccessClaims) UpdateSession ¶
func (ret *AccessClaims) UpdateSession(w http.ResponseWriter, r *http.Request) http.ResponseWriter
func (*AccessClaims) WriteToSession ¶
func (ret *AccessClaims) WriteToSession(w http.ResponseWriter, r *http.Request) http.ResponseWriter
type LoginLimiter ¶
type LoginLimiter struct { Store *limiter.Store Rate *limiter.Rate Prefix string }
func NewLoginLimiter ¶
func NewLoginLimiter(prefix string, limit string, redisURL string) (*LoginLimiter, error)
func (*LoginLimiter) Get ¶
func (ll *LoginLimiter) Get(r *http.Request, KeyFunc LoginLimiterKey) (limiter.Context, error)
func (*LoginLimiter) WriteHeaders ¶
func (ll *LoginLimiter) WriteHeaders(w http.ResponseWriter, context limiter.Context)
type LoginLimiterKey ¶
type LoginLimiterKey interface {
Key() string
}
type LoginLimiterKeyFromIP ¶
func NewLoginLimiterKeyFromIP ¶
func NewLoginLimiterKeyFromIP(r *http.Request) *LoginLimiterKeyFromIP
func (*LoginLimiterKeyFromIP) Key ¶
func (obj *LoginLimiterKeyFromIP) Key() string
type RefreshClaims ¶
type RefreshClaims struct { jwt.StandardClaims AccessNotRefresh bool `json:"anr"` LoginID int64 `json:"login_id"` }
RefreshClaims represent the claims parsed from JWT refresh token.
func NewRefreshClaims ¶
func NewRefreshClaims(loginId int64) RefreshClaims
func (*RefreshClaims) ParseRefreshClaimsFromToken ¶
func (ret *RefreshClaims) ParseRefreshClaimsFromToken(tokenStr string) error
Parse refresh claims from a token string
type TokenAuth ¶
type TokenAuth struct { JwtAuth *jwtauth.JWTAuth JwtAccessExpiry time.Duration JwtRefreshExpiry time.Duration }
TokenAuth implements JWT authentication flow.
func NewTokenAuth ¶
NewTokenAuth configures and returns a JWT authentication instance.
func (*TokenAuth) CreateAccessJWT ¶
func (a *TokenAuth) CreateAccessJWT(claims AccessClaims) (string, error)
CreateAccessJWT returns an access token for provided account claims.
func (*TokenAuth) CreateRefreshJWT ¶
func (a *TokenAuth) CreateRefreshJWT(claims RefreshClaims) (string, error)
CreateRefreshJWT returns a refresh token for provided token Claims.