Documentation ¶
Overview ¶
Package authenticator allows to identify a user. That is, the package implements the logic behind login functionality as well as the session logic used to identify the user in all following requests.
The implementation may be exchanged; so this package aims to allow using HTTP basic auth and OpenID at the same time.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AlwaysAuthenticated ¶
type AlwaysAuthenticated struct{}
AlwaysAuthenticated is an Authenticator that returns every user as being authenticated.
func NewAlwaysAuthenticated ¶
func NewAlwaysAuthenticated() *AlwaysAuthenticated
func (AlwaysAuthenticated) IsAuthenticated ¶
func (AlwaysAuthenticated) IsAuthenticated(request *http.Request) bool
func (AlwaysAuthenticated) SetUserID ¶
func (AlwaysAuthenticated) SetUserID(responseWriter http.ResponseWriter, request *http.Request, userId string)
type Authenticator ¶
type Authenticator interface { // IsAuthenticated returns true iff the request indicates a properly // authenticated caller. IsAuthenticated(request *http.Request) bool // UserID returns a unique identifier of the user being currently logged // in. // If no user is logged in (therefore, if IsAuthenticated returns false), // UserID returns the empty string. UserID(request *http.Request) string // SetUserID sets the unique identifier of the user being currently logged // in. // Set this to the empty string to make no user being logged in. SetUserID(writer http.ResponseWriter, request *http.Request, userID string) }
Authenticator provides functions to deliver authentication information.
type ContextAuthenticator ¶
type ContextAuthenticator struct { }
ContextAuthenticator saves authentication information in the rqeuest context.
func NewContextAuthenticator ¶
func NewContextAuthenticator() *ContextAuthenticator
func (*ContextAuthenticator) IsAuthenticated ¶
func (a *ContextAuthenticator) IsAuthenticated(request *http.Request) bool
func (*ContextAuthenticator) SetUserID ¶
func (a *ContextAuthenticator) SetUserID(writer http.ResponseWriter, request *http.Request, userId string)
type CookieAuthenticator ¶
type CookieAuthenticator struct {
// contains filtered or unexported fields
}
CookieAuthenticator stores authentication information in a cookie in the user agent.
func NewCookieAuthenticator ¶
func NewCookieAuthenticator() *CookieAuthenticator
func (*CookieAuthenticator) IsAuthenticated ¶
func (s *CookieAuthenticator) IsAuthenticated(request *http.Request) bool
func (*CookieAuthenticator) SetUserID ¶
func (s *CookieAuthenticator) SetUserID(writer http.ResponseWriter, request *http.Request, userId string)
type HttpAuthenticator ¶
type HttpAuthenticator interface { // AuthHandler can be part of the handler chain to read authentication // information from the session associated with the request, prior to // calling the delegate handler. MiddlewareHandler(delegate http.Handler) http.Handler // LoginHandler provides a handler that serves the login UI. LoginHandler() http.Handler }
HttpAuthenticator allows the authentification of an user over an HTTP protocol.
Currently, it is tightly coupled to HTTP requests and even contains a UI implementation. Later, we should extract the UI part into the github.com/fxnn/gone/http package.
type HttpBasicAuthenticator ¶
type HttpBasicAuthenticator struct {
// contains filtered or unexported fields
}
HttpBasicAuthenticator is an HttpAuthenticator that uses HTTP Basic Auth for initial authentication and stores the result in a session cookie for further requests.
func NewHttpBasicAuthenticator ¶
func NewHttpBasicAuthenticator( requestAuth Authenticator, htpasswdFile gopath.GoPath, loginRequiresHeader string, bruteBlocker *bruteblocker.BruteBlocker, ) *HttpBasicAuthenticator
NewHttpBasicAuthenticator creates a new instance.
requestAuth will be provided with the auth information for each request. htpasswdFile is used as source of usernames and passwords. loginRequiresHeader is the name of an HTTP header required for each login attempt. This may be used to only allow login over secured connections. bruteBlocker is a configured BruteBlocker instance.
func (*HttpBasicAuthenticator) LoginHandler ¶
func (a *HttpBasicAuthenticator) LoginHandler() http.Handler
func (*HttpBasicAuthenticator) MiddlewareHandler ¶
func (a *HttpBasicAuthenticator) MiddlewareHandler(delegate http.Handler) http.Handler
type NeverAuthenticated ¶
type NeverAuthenticated struct{}
NeverAuthenticated is an Authenticator that returns no user as being authenticated.
func NewNeverAuthenticated ¶
func NewNeverAuthenticated() *NeverAuthenticated
func (NeverAuthenticated) IsAuthenticated ¶
func (NeverAuthenticated) IsAuthenticated(request *http.Request) bool
func (NeverAuthenticated) SetUserID ¶
func (NeverAuthenticated) SetUserID(responseWriter http.ResponseWriter, request *http.Request, userId string)
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package bruteblocker allows to slow down bruteforce attacks by delaying request responses or blocking further authentication attempts for some time.
|
Package bruteblocker allows to slow down bruteforce attacks by delaying request responses or blocking further authentication attempts for some time. |