auth

package

v1.0.2 Latest Latest Go to latest Published: Jan 24, 2023 License: MIT Imports: 1 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/dkinzler/linkboards

Links

Open Source Insights

Documentation ¶

Overview ¶

Package auth implements authentication and authorization functionality.

Index ¶

Constants
Variables
func ContextWithUser(ctx context.Context, user User) context.Context
func IsBoardRoleValid(role string) bool
type Authorization
- func (a Authorization) HasScope(scope Scope) bool
type AuthorizationStore
type BoardAuthorizationChecker
- func NewAuthorizationChecker(roleToScopes map[string][]Scope, store AuthorizationStore) *BoardAuthorizationChecker
- func (ac *BoardAuthorizationChecker) GetAuthorization(ctx context.Context, boardId string, userId string) (Authorization, error)
type Scope
type User
- func UserFromContext(ctx context.Context) (User, bool)

Constants ¶

View Source

const (
	// Roles a user can have for a board.
	// These roles are shared across features/components/bounded contexts of this app, since most of them require authorization relative to boards.
	// E.g. whether or not a user is authorized to invite other users, add/delete links or
	// post/delete comments to a board depends on the roles the user has for a particular board.
	BoardRoleOwner  = "owner"
	BoardRoleEditor = "editor"
	BoardRoleViewer = "viewer"
)

A role comprises a set of scopes.

Variables ¶

View Source

var BoardRoles = []string{BoardRoleOwner, BoardRoleEditor, BoardRoleViewer}

Functions ¶

func ContextWithUser ¶

func ContextWithUser(ctx context.Context, user User) context.Context

Used to add a user to context, from which it can be retrieved by an application service. E.g. a transport or endpoint middleware could decode a JWT token contained in an http request header and use it to create a User instance.

func IsBoardRoleValid ¶

func IsBoardRoleValid(role string) bool

Returns true if the given string denotes a valid board role.

Types ¶

type Authorization ¶

type Authorization map[Scope]bool

Authorization represents the set of scopes a user has access to.

func (Authorization) HasScope ¶

func (a Authorization) HasScope(scope Scope) bool

type AuthorizationStore ¶

type AuthorizationStore interface {
	Roles(ctx context.Context, boardId string, userId string) ([]string, error)
}

AuthorizationStore can be used to get the roles a user has for a board.

type BoardAuthorizationChecker ¶

type BoardAuthorizationChecker struct {
	// contains filtered or unexported fields
}

BoardAuthorizationChecker can be used to obtain the set of scopes a user has access to for a given board.

func NewAuthorizationChecker ¶

func NewAuthorizationChecker(roleToScopes map[string][]Scope, store AuthorizationStore) *BoardAuthorizationChecker

func (*BoardAuthorizationChecker) GetAuthorization ¶

func (ac *BoardAuthorizationChecker) GetAuthorization(ctx context.Context, boardId string, userId string) (Authorization, error)

type Scope ¶

type Scope string

Scopes are the most fine-grained units of permission and are defined directly in the components/bounded contexts that use them. They are usually named by combining the component and action/permission name, e.g. "comments:create" or "comments:delete".

type User ¶

type User struct {
	UserId string
	Name   string
}

Authenticated user making a request to a component/application service.

func UserFromContext ¶

func UserFromContext(ctx context.Context) (User, bool)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
middleware
store

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL