Documentation
¶
Overview ¶
Package basic provides authentication strategy, to authenticate HTTP requests using the standard basic scheme.
Index ¶
- Constants
- Variables
- func New(fn AuthenticateFunc, opts ...auth.Option) auth.Strategy
- func NewCached(f AuthenticateFunc, cache auth.Cache, opts ...auth.Option) auth.Strategy
- func SetComparator(c Comparator) auth.Option
- func SetHash(h crypto.Hash) auth.Option
- func SetParser(p Parser) auth.Option
- func SetUserNameHash(h crypto.Hash, key []byte) auth.Option
- type AuthenticateFunc
- type Comparator
- type Parser
Constants ¶
const ExtensionKey = "x-go-guardian-basic-password"
ExtensionKey represents a key for the password in info extensions. Typically used when basic strategy cache the authentication decisions.
Deprecated: No longer used.
Variables ¶
var ( // ErrMissingPrams is returned by Authenticate Strategy method, // when failed to retrieve user credentials from request. ErrMissingPrams = errors.New("strategies/basic: Request missing BasicAuth") // ErrInvalidCredentials is returned by Authenticate Strategy method, // when user password is invalid. ErrInvalidCredentials = errors.New("strategies/basic: Invalid user credentials") )
Functions ¶
func New ¶
func New(fn AuthenticateFunc, opts ...auth.Option) auth.Strategy
New return new auth.Strategy.
func NewCached ¶
NewCached return new auth.Strategy. The returned strategy, caches the invocation result of authenticate function.
func SetComparator ¶
func SetComparator(c Comparator) auth.Option
SetComparator set password comparator, to be used when caching the auth decision.
func SetHash ¶
SetHash apply password hashing using h, SetHash only used when caching the auth decision, to mitigates brute force attacks.
func SetUserNameHash ¶
SetUserNameHash apply username hashing based on HMAC with h and key, SetUserNameHash only used when caching the auth decision, to prevent precomputation and length extension attacks, and to mitigates hash map DOS attacks via collisions.
Types ¶
type AuthenticateFunc ¶
type AuthenticateFunc func(ctx context.Context, r *fasthttp.Request, userName, password []byte) (auth.Info, error)
AuthenticateFunc declare custom function to authenticate request using user credentials. the authenticate function invoked by Authenticate Strategy method after extracting user credentials to compare against DB or other service, if extracting user credentials from request failed a nil info with ErrMissingPrams returned, Otherwise, return Authenticate invocation result.
type Comparator ¶
type Comparator interface {
Hash(password string) (string, error)
Compare(hashedPassword, password string) error
}
Comparator is the interface implemented by types, that can generate password hash and compares the hashed password with its possible plaintext equivalent
type Parser ¶
Parser parse and extract user credentials from incoming HTTP request.
func AuthorizationParser ¶
func AuthorizationParser() Parser
AuthorizationParser return a credentials parser, where credentials extracted form Authorization header.
Source Files