Documentation ¶
Index ¶
- func MatchTopic(filter string, topic string) (elements []string, matched bool)
- type ACLRule
- type ACLRules
- type Access
- type AllowHook
- type AuthRule
- type AuthRules
- type Filters
- type Hook
- type Ledger
- func (l *Ledger) ACLOk(cl *mqtt.Client, topic string, write bool) (n int, ok bool)
- func (l *Ledger) AuthOk(cl *mqtt.Client, pk packets.Packet) (n int, ok bool)
- func (l *Ledger) ToJSON() (data []byte, err error)
- func (l *Ledger) ToYAML() (data []byte, err error)
- func (l *Ledger) Unmarshal(data []byte) error
- func (l *Ledger) Update(ln *Ledger)
- type Options
- type RString
- type UserRule
- type Users
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type ACLRule ¶
type ACLRule struct { Client RString `json:"client,omitempty" yaml:"client,omitempty"` // the id of a connecting client Username RString `json:"username,omitempty" yaml:"username,omitempty"` // the username of a user Remote RString `json:"remote,omitempty" yaml:"remote,omitempty"` // remote address or Filters Filters `json:"filters,omitempty" yaml:"filters,omitempty"` // filters to match }
ACLRule defines access rules for a specific topic or filter.
type ACLRules ¶
type ACLRules []ACLRule
ACLRules defines generic topic or filter access rules applicable to all users.
type AllowHook ¶
type AllowHook struct {
mqtt.HookBase
}
AllowHook is an authentication hook which allows connection access for all users and read and write access to all topics.
func (*AllowHook) OnACLCheck ¶
OnACLCheck returns true/allowed for all checks.
func (*AllowHook) OnConnectAuthenticate ¶
OnConnectAuthenticate returns true/allowed for all requests.
type AuthRule ¶
type AuthRule struct { Client RString `json:"client,omitempty" yaml:"client,omitempty"` // the id of a connecting client Username RString `json:"username,omitempty" yaml:"username,omitempty"` // the username of a user Remote RString `json:"remote,omitempty" yaml:"remote,omitempty"` // remote address or Password RString `json:"password,omitempty" yaml:"password,omitempty"` // the password of a user Allow bool `json:"allow,omitempty" yaml:"allow,omitempty"` // allow or disallow the users }
type AuthRules ¶
type AuthRules []AuthRule
AuthRules defines generic access rules applicable to all users.
type Hook ¶
type Hook struct { mqtt.HookBase // contains filtered or unexported fields }
Hook is an authentication hook which implements an auth ledger.
func (*Hook) OnACLCheck ¶
OnACLCheck returns true if the connecting client has matching read or write access to subscribe or publish to a given topic.
func (*Hook) OnConnectAuthenticate ¶
OnConnectAuthenticate returns true if the connecting client has rules which provide access in the auth ledger.
type Ledger ¶
type Ledger struct { sync.Mutex `json:"-" yaml:"-"` Users Users `json:"users" yaml:"users"` Auth AuthRules `json:"auth" yaml:"auth"` ACL ACLRules `json:"acl" yaml:"acl"` }
Ledger is an auth ledger containing access rules for users and topics.
func (*Ledger) ACLOk ¶
ACLOk returns true if the rules indicate the user is allowed to read or write to a specific filter or topic respectively, based on the write bool.
func (*Ledger) AuthOk ¶
AuthOk returns true if the rules indicate the user is allowed to authenticate.
type RString ¶
type RString string
RString is a rule value string.
func (RString) FilterMatches ¶
FilterMatches returns true if a filter matches a topic rule.
type UserRule ¶
type UserRule struct { Username RString `json:"username,omitempty" yaml:"username,omitempty"` // the username of a user Password RString `json:"password,omitempty" yaml:"password,omitempty"` // the password of a user ACL Filters `json:"acl,omitempty" yaml:"acl,omitempty"` // filters to match, if desired Disallow bool `json:"disallow,omitempty" yaml:"disallow,omitempty"` // allow or disallow the user }
UserRule defines a set of access rules for a specific user.