httpauth

package
v1.0.68 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 19, 2023 License: MIT Imports: 3 Imported by: 0

Documentation

Overview

Package httpauth provides authorization middleware for HTTP.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetSessionData

func GetSessionData(c *fiber.Ctx) any

GetSessionData tries to extract session data set by middleware from the request's context.

func MustGetSessionData

func MustGetSessionData(c *fiber.Ctx) any

MustGetSessionData extracts session data set by middleware from the request's context, or panics.

Types

type Middleware

type Middleware struct {
	// contains filtered or unexported fields
}

Middleware is an interface that represents a generic authorization middleware. It provides user-friendly API that can be easily integrated with existing fiber request handlers. Underlying implementation might utilize Basic Auth, Bearer-Token or other mechanisms but this API is transparent.

func NewBearerTokenMiddleware

func NewBearerTokenMiddleware(verifyToken VerifyTokenFunc, config ...*MiddlewareConfig) *Middleware

NewBearerTokenMiddleware creates new bearer-token based Middleware. This middleware reads Authorization header and expects it to begin with "Bearer" string.

func NewSessionCookieMiddleware

func NewSessionCookieMiddleware(cookieName string, verifyCookie VerifyCookieFunc, config ...*MiddlewareConfig) *Middleware

NewSessionCookieMiddleware creates new cookie-based Middleware. This middleware reads a cookie specified by cookieName argument and calls verifyCookie with its value.

func (*Middleware) AllOfRoles

func (m *Middleware) AllOfRoles(requiredRoles ...string) fiber.Handler

AllOfRoles enables access to only those clients who have all specified roles associated with them.

func (*Middleware) AnyOfRoles

func (m *Middleware) AnyOfRoles(allowedRoles ...string) fiber.Handler

AnyOfRoles enables access to only those clients who have at least one of the given roles associated with them.

func (*Middleware) Authenticated

func (m *Middleware) Authenticated() fiber.Handler

Authenticated enables access to all authenticated clients, no matter the roles.

type MiddlewareConfig added in v1.0.11

type MiddlewareConfig struct {
	// OnError sets an error handler for the middleware.
	OnError func(c *fiber.Ctx, err error) error

	// OnUnverified sets an unverified handler for the middleware.
	OnUnverified func(c *fiber.Ctx, result *VerificationResult) error

	// OnAccessDenied sets an access denied handler for the middleware.
	OnAccessDenied func(c *fiber.Ctx, result *VerificationResult) error
}

MiddlewareConfig holds a configuration for the Middleware.

type VerificationResult

type VerificationResult struct {
	// Verified tells the middleware whether given request has been authorized or not.
	// Returning false value for this field will immediately finish request with 401.
	Verified bool

	// Roles is a set of permissions associated with the entity identified by the credentials.
	// Roles are expected to be returned only if Verified is equal to true.
	Roles []string

	// SessionData is an optional field that associates some arbitrary value with the current session.
	// Request handlers are able to extract this value later by calling GetSessionData() / MustGetSessionData().
	SessionData any
}

VerificationResult is a structure returned by the user-provided token/cookie verification functions.

type VerifyCookieFunc

type VerifyCookieFunc = func(c *fiber.Ctx, cookie string) (*VerificationResult, error)

VerifyCookieFunc is a user-provided function that is called in able to validate given cookie value.

type VerifyTokenFunc

type VerifyTokenFunc = func(c *fiber.Ctx, token string) (*VerificationResult, error)

VerifyTokenFunc is a user-provided function that is called in able to validate given API token.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL