authz

package

v0.0.0-...-10dc113 Latest Latest Go to latest Published: Oct 29, 2017 License: MIT Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/insionng/makross

Links

Open Source Insights

README ¶

Authz

Authz is an authorization middleware for Makross, it's based on https://github.com/casbin/casbin.

Installation

go get github.com/insionng/makross/authz

Simple Example

package main

import (
	"github.com/insionng/makross/authz"
	"github.com/insionng/makross"
)

func main() {
	// load the casbin model and policy from files, database is also supported.
	enf := authz.NewEnforcer("auth_model.conf", "auth_policy.csv")

	// define your makross, and use the Casbin authz middleware.
	// the access that is denied by authz will return HTTP 403 error.
    m := makross.New()
    m.Use(authz.Auth(enf))
}

Documentation

The authorization determines a request based on {subject, object, action}, which means what subject can perform what action on what object. In this plumakross, the meanings are:

subject: the logged-on user name
object: the URL path for the web resource like "dataset1/item1"
action: HTTP method like GET, POST, PUT, DELETE, or the high-level actions you defined like "read-file", "write-blog"

For how to write authorization policy and other details, please refer to the Casbin's documentation.

Getting Help

Casbin

License

This project is under MIT License. See the LICENSE file for the full license text.

Documentation ¶

Index ¶

Variables
func Auth(ce *casbin.Enforcer) makross.Handler
func AuthWithConfig(config AuthConfig) makross.Handler
func NewEnforcer(params ...interface{}) *casbin.Enforcer
func NewEnforcerSafe(params ...interface{}) (*casbin.Enforcer, error)
type AuthConfig
- func (a *AuthConfig) CheckPermission(c *makross.Context) bool
- func (a *AuthConfig) GetUserName(c *makross.Context) string

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// DefaultAuthConfig is the default CasbinAuth middleware config.
	DefaultAuthConfig = AuthConfig{
		Skipper: skipper.DefaultSkipper,
	}
)

Functions ¶

func Auth ¶

func Auth(ce *casbin.Enforcer) makross.Handler

Auth returns an Auth middleware.

For valid credentials it calls the next handler. For missing or invalid credentials, it sends "401 - Unauthorized" response.

func AuthWithConfig ¶

func AuthWithConfig(config AuthConfig) makross.Handler

AuthWithConfig returns a CasbinAuth middleware with config. See `Auth()`.

func NewEnforcer ¶

func NewEnforcer(params ...interface{}) *casbin.Enforcer

NewEnforcer gets an enforcer via CONF, file or DB.

func NewEnforcerSafe ¶

func NewEnforcerSafe(params ...interface{}) (*casbin.Enforcer, error)

NewEnforcerSafe calls NewEnforcer in a safe way, returns error instead of causing panic.

Types ¶

type AuthConfig ¶

type AuthConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper skipper.Skipper
	// Enforcer CasbinAuth main rule.
	// Required.
	Enforcer *casbin.Enforcer
}

AuthConfig defines the config for CasbinAuth middleware.

func (*AuthConfig) CheckPermission ¶

func (a *AuthConfig) CheckPermission(c *makross.Context) bool

CheckPermission checks the user/method/path combination from the request. Returns true (permission granted) or false (permission forbidden)

func (*AuthConfig) GetUserName ¶

func (a *AuthConfig) GetUserName(c *makross.Context) string

GetUserName gets the user name from the request. Currently, only HTTP basic authentication is supported

Source Files ¶

View all Source files

authz.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL