Documentation
¶
Index ¶
- Constants
- func Middleware(filter Filter) echo.MiddlewareFunc
- func RegisterRoutes(r *echo.Group)
- func RequireAdminRole() echo.MiddlewareFunc
- func RequireAuthorization() echo.MiddlewareFunc
- func RequireRoles(requiredRoles ...string) echo.MiddlewareFunc
- func SignAccessToken(token Token) (string, error)
- func SignRefreshToken(token Token) (string, error)
- type AccessTokenClaims
- type AccessTokenResponse
- type AccessTokenSerializer
- type AuthenticationRequestValidator
- type Filter
- type PasswordAuthenticationRequestValidator
- type RefreshTokenAuthenticationRequestValidator
- type RefreshTokenClaims
- type Token
Constants ¶
const (
// RoleAdmin defines the constant name of the admin role.
RoleAdmin = "ADMIN"
)
Variables ¶
This section is empty.
Functions ¶
func Middleware ¶
func Middleware(filter Filter) echo.MiddlewareFunc
Middleware defines a middleware which checks for a valid authentication token and uses to custom function to authorize the token.
func RegisterRoutes ¶
RegisterRoutes registers all related routes for managing users.
func RequireAdminRole ¶
func RequireAdminRole() echo.MiddlewareFunc
RequireAdminRole returns a middleware handler function for protecting end-points needing user authentication. Only users having with 'ADMIN' role are allowed to access the end-point.
func RequireAuthorization ¶
func RequireAuthorization() echo.MiddlewareFunc
RequireAuthorization returns a middleware handler function for protecting end-points needing user authentication. Any valid user ID claim will pass the middleware.
func RequireRoles ¶
func RequireRoles(requiredRoles ...string) echo.MiddlewareFunc
RequireRoles returns a middleware handler function for protecting end-points needing user authentication. The authenticated user needs also the given set of roles to get access granted.
func SignAccessToken ¶
SignAccessToken signs the given token and returns the access token encoded as a JWT.
func SignRefreshToken ¶
SignRefreshToken signs the given token and returns the refresh token encoded as a JWT.
Types ¶
type AccessTokenClaims ¶
type AccessTokenClaims struct {
jwt.StandardClaims
UserID uint `json:"user_id"`
Roles []string `json:"roles"`
}
AccessTokenClaims defines all JWT (standard and custom) claims contained in an accesss tokens.
type AccessTokenResponse ¶
type AccessTokenResponse struct {
TokenType string `json:"token_type"`
AccessToken string `json:"access_token"`
ExpiresIn int64 `json:"expires_in"`
RefreshToken string `json:"refresh_token"`
}
AccessTokenResponse defines the access token projection returned by API methods.
type AccessTokenSerializer ¶
AccessTokenSerializer defines functionality for serializing access tokens.
func (*AccessTokenSerializer) Response ¶
func (s *AccessTokenSerializer) Response() AccessTokenResponse
Response returns the API response for a given access token.
type AuthenticationRequestValidator ¶
type AuthenticationRequestValidator struct {
GrantType string `form:"grant_type" query:"grant_type" validate:"required"`
}
AuthenticationRequestValidator defines the validation rules for a general authentication request.
func NewAuthenticationRequestValidator ¶
func NewAuthenticationRequestValidator() AuthenticationRequestValidator
NewAuthenticationRequestValidator returns a new instance of the respective validator.
type PasswordAuthenticationRequestValidator ¶
type PasswordAuthenticationRequestValidator struct {
Username string `form:"username" validate:"required"`
Password string `form:"password" validate:"required"`
}
PasswordAuthenticationRequestValidator defines the validation rules for an authentication request with grant type 'password'.
func NewPasswordAuthenticationRequestValidator ¶
func NewPasswordAuthenticationRequestValidator() PasswordAuthenticationRequestValidator
NewPasswordAuthenticationRequestValidator returns a new instance of the respective validator.
type RefreshTokenAuthenticationRequestValidator ¶
type RefreshTokenAuthenticationRequestValidator struct {
Request struct {
RefreshToken string `form:"refresh_token" validate:"required"`
}
}
RefreshTokenAuthenticationRequestValidator defines the validation rules for an authentication request with grant type 'refresh_token'.
func NewRefreshTokenAuthenticationRequestValidator ¶
func NewRefreshTokenAuthenticationRequestValidator() RefreshTokenAuthenticationRequestValidator
NewRefreshTokenAuthenticationRequestValidator returns a new instance of the respective validator.
type RefreshTokenClaims ¶
type RefreshTokenClaims struct {
jwt.StandardClaims
UserID uint `json:"user_id"`
}
RefreshTokenClaims defines all JWT claims contained in a refresh token.
type Token ¶
type Token struct {
Username string
UserID uint
Roles []string
Expires time.Time
RefreshExpires time.Time
}
Token defines a struct for holding authorization information.
func AuthenticateUserByID ¶
AuthenticateUserByID returns a new access token for the given user ID if it exists. Note: This method does not verify anything and grants authorization for the given user ID
so be careful when using the result this method.
func AuthenticateUserWithCredentials ¶
AuthenticateUserWithCredentials tries to authenticate the user with the given username and password and returns a new access token in case the credentials are valid.
func (Token) GetAccessTokenClaims ¶
func (t Token) GetAccessTokenClaims(issuer, audience string) AccessTokenClaims
GetAccessTokenClaims returns the JWT accesss token claims for the given Token instance.
func (Token) GetRefreshTokenClaims ¶
func (t Token) GetRefreshTokenClaims(userID uint, issuer, audience string) RefreshTokenClaims
GetRefreshTokenClaims returns the JWT refresh token claims for the given Token instance.
func (Token) GrantsRole ¶
GrantsRole returns a boolean value indicating whether the token instance grants the given role.
Source Files