Documentation
¶
Overview ¶
Package httpauth provides authorization middleware for HTTP.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetSessionData ¶
func GetSessionData(c *fiber.Ctx) any
GetSessionData tries to extract session data set by middleware from the request's context.
func MustGetSessionData ¶
func MustGetSessionData(c *fiber.Ctx) any
MustGetSessionData extracts session data set by middleware from the request's context, or panics.
Types ¶
type Middleware ¶
type Middleware struct {
// contains filtered or unexported fields
}
Middleware is an interface that represents a generic authorization middleware. It provides user-friendly API that can be easily integrated with existing fiber request handlers. Underlying implementation might utilize Basic Auth, Bearer-Token or other mechanisms but this API is transparent.
func NewBearerTokenMiddleware ¶
func NewBearerTokenMiddleware(verifyToken VerifyTokenFunc, config ...*MiddlewareConfig) *Middleware
NewBearerTokenMiddleware creates new bearer-token based Middleware. This middleware reads Authorization header and expects it to begin with "Bearer" string.
func NewSessionCookieMiddleware ¶
func NewSessionCookieMiddleware(cookieName string, verifyCookie VerifyCookieFunc, config ...*MiddlewareConfig) *Middleware
NewSessionCookieMiddleware creates new cookie-based Middleware. This middleware reads a cookie specified by cookieName argument and calls verifyCookie with its value.
func (*Middleware) AllOfRoles ¶
func (m *Middleware) AllOfRoles(requiredRoles ...string) fiber.Handler
AllOfRoles enables access to only those clients who have all specified roles associated with them.
func (*Middleware) AnyOfRoles ¶
func (m *Middleware) AnyOfRoles(allowedRoles ...string) fiber.Handler
AnyOfRoles enables access to only those clients who have at least one of the given roles associated with them.
func (*Middleware) Authenticated ¶
func (m *Middleware) Authenticated() fiber.Handler
Authenticated enables access to all authenticated clients, no matter the roles.
type MiddlewareConfig ¶ added in v1.0.11
type MiddlewareConfig struct {
// OnError sets an error handler for the middleware.
OnError func(c *fiber.Ctx, err error) error
// OnUnverified sets an unverified handler for the middleware.
OnUnverified func(c *fiber.Ctx, result *VerificationResult) error
// OnAccessDenied sets an access denied handler for the middleware.
OnAccessDenied func(c *fiber.Ctx, result *VerificationResult) error
}
MiddlewareConfig holds a configuration for the Middleware.
type VerificationResult ¶
type VerificationResult struct {
// Verified tells the middleware whether given request has been authorized or not.
// Returning false value for this field will immediately finish request with 401.
Verified bool
// Roles is a set of permissions associated with the entity identified by the credentials.
// Roles are expected to be returned only if Verified is equal to true.
Roles []string
// SessionData is an optional field that associates some arbitrary value with the current session.
// Request handlers are able to extract this value later by calling GetSessionData() / MustGetSessionData().
SessionData any
}
VerificationResult is a structure returned by the user-provided token/cookie verification functions.
type VerifyCookieFunc ¶
type VerifyCookieFunc = func(c *fiber.Ctx, cookie string) (*VerificationResult, error)
VerifyCookieFunc is a user-provided function that is called in able to validate given cookie value.
type VerifyTokenFunc ¶
type VerifyTokenFunc = func(c *fiber.Ctx, token string) (*VerificationResult, error)
VerifyTokenFunc is a user-provided function that is called in able to validate given API token.
Source Files