middleware

package
v0.4.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 20, 2023 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Authorize

func Authorize(lookup auth.Lookup, authorize func(Authorizer, *http.Request)) func(http.Handler) http.Handler

Authorize returns a middleware that authorizes actors of a request. When a request is made and the middleware is called, the middleware calls the provided authorize function to authorize the actors of the request. The authorize function gets passed an Authorizer which allows authorization of multiple actors. Adding AuthorizeXXX() middleware to a handler does not automatically protect the routes from unauthorized access. PermissionXXX() middleware must be added to actually protect the routes. AuthorizeXXX() middleware must be called before PermissionXXX middleware is called. Otherwise the PermissionXXX middleware will always return 403 Forbidden.

func AuthorizeField

func AuthorizeField(field string) func(http.Handler) http.Handler

AuthorizeField returns a middleware that authorizes actors of a request. AuthorizeField differs from Authorize in that it extracts the aggregate id of the authorized actor from the request body. The request body is parsed as JSON and the JSON-field with the given name is then parsed as using uuid.Parse.

func AuthorizedActors

func AuthorizedActors(ctx context.Context) []uuid.UUID

AuthorizedActors returns the ids of the currently authorized actors.

func Permission

func Permission(perms auth.PermissionFetcher, action string, extractRef func(*http.Request) aggregate.Ref) func(http.Handler) http.Handler

Permission returns a middleware that protects routes from unauthorized access. When called, the middleware extracts the aggregate that the user wants to act on from the request body by calling the provided extractRef function. The middleware then checks if any of the authorized actors has the permission to perform the given action on the given aggregate. Only if an authorized actor is allowed to perform the action, the next handler is called. Otherwise the middleware returns 403 Forbidden.

func PermissionField

func PermissionField(perms auth.PermissionFetcher, action, aggregateName, field string) func(http.Handler) http.Handler

PermissionField returns a middleware that protects routes from unauthorized access. PermissionField differs from Permission in that it requires the aggregate name to be passed as an argument and that it extracts the aggregate id from the request body.

Types

type Authorizer

type Authorizer interface {
	// Lookup returns the aggregate id of the actor with the given actor id.
	Lookup(sid string) (uuid.UUID, bool)

	// Authorize adds the given actor to the authorized actors of the current request.
	Authorize(actorID uuid.UUID)
}

Authorizer is provided by the Authorize() middleware and is used to authorize actors for the current request.

type Factory

type Factory struct {
	// contains filtered or unexported fields
}

Factory is the middleware factory. It is not required to be used but it allows to create middleware without having to pass the PermissionRepository and Lookup.

func NewFactory

func NewFactory(perms auth.PermissionFetcher, lookup auth.Lookup) Factory

NewFactory returns a new middleware factory.

func (Factory) Authorize

func (f Factory) Authorize(authorize func(Authorizer, *http.Request)) func(http.Handler) http.Handler

Authorize returns the Authorize middleware.

func (Factory) AuthorizeField

func (f Factory) AuthorizeField(field string) func(http.Handler) http.Handler

AuthorizeField returns the AuthorizeField middleware.

func (Factory) Permission

func (f Factory) Permission(action string, extractRef func(*http.Request) aggregate.Ref) func(http.Handler) http.Handler

Permission returns the Permission middleware.

func (Factory) PermissionField

func (f Factory) PermissionField(action, aggregateName, field string) func(http.Handler) http.Handler

PermissionField returns the PermissionField middleware.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL