security

package
v4.5.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 1, 2024 License: MIT Imports: 9 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AdminAuthentificator

func AdminAuthentificator(next http.Handler) http.Handler

AdminAuthentificator is a middle which check if the user is administrator (role=1)

func RandString

func RandString(length int) string

RandString generate a random string with the default charset ([A-Za-z])

func RandStringWithCharset

func RandStringWithCharset(length int, charset string) string

RandStringWithCharset generate a random string with a specific charset

Types

type Auth

type Auth interface {
	Authenticate(string, string) (bool, User, error)
}

Auth refers to a generic interface which must be implemented by every authentication backend

type DatabaseAuth

type DatabaseAuth struct {
	DBClient *sqlx.DB
}

DatabaseAuth is a basic Auth implementation requiring the tuple admin/admin to authenticate successfully

func NewDatabaseAuth

func NewDatabaseAuth(DBClient *sqlx.DB) *DatabaseAuth

NewDatabaseAuth returns a pointer of DatabaseAuth

func (*DatabaseAuth) Authenticate

func (auth *DatabaseAuth) Authenticate(login string, password string) (bool, User, error)

Authenticate check the input credentials and returns a User the passwords matches

type DevAuth

type DevAuth struct{}

DevAuth is a basic Auth implementation requiring the tuple admin/admin to authenticate successfully

func NewDevAuth

func NewDevAuth() *DevAuth

NewDevAuth returns a pointer of DevAuth

func (*DevAuth) Authenticate

func (auth *DevAuth) Authenticate(login string, password string) (bool, User, error)

Authenticate check the input credentials (which must be admin/admin in this case)

type JwtToken

type JwtToken struct {
	Token string `json:"token"`
}

JwtToken wrap the json web token string

type Middleware

type Middleware interface {
	Handler(h http.Handler) http.Handler
}

Middleware is an interface for standard http middleware

type MiddlewareJWT

type MiddlewareJWT struct {
	Auth    Auth
	Handler func(h http.Handler) http.Handler
	// contains filtered or unexported fields
}

MiddlewareJWT is an implementation of Middleware interface, which provides a specific security handler based on JWT (JSON Web Token)

func NewMiddlewareJWT

func NewMiddlewareJWT(jwtSigningKey []byte, auth Auth) *MiddlewareJWT

NewMiddlewareJWT initialize a new instance of MiddlewareJWT and returns a pointer of it

func (*MiddlewareJWT) GetToken

func (middleware *MiddlewareJWT) GetToken() http.HandlerFunc

GetToken returns a http.Handler to authenticate and get a JWT

type NoAuth

type NoAuth struct{}

NoAuth is a basic Auth implementation requiring the tuple admin/admin to authenticate successfully

func NewNoAuth

func NewNoAuth() *NoAuth

NewNoAuth returns a pointer of NoAuth

func (*NoAuth) Authenticate

func (auth *NoAuth) Authenticate(login string, password string) (bool, User, error)

Authenticate always returns an admin user without checking the login nor the password

type User

type User struct {
	ID        int64     `json:"id" db:"id"`
	Login     string    `json:"login" db:"login"`
	Role      int64     `json:"role" db:"role"`
	LastName  string    `json:"lastName" db:"lastName"`
	FirstName string    `json:"firstName" db:"firstName"`
	Email     string    `json:"email" db:"email"`
	Phone     string    `json:"phone" db:"phone"`
	Created   time.Time `json:"created" db:"created"`
}

User is used as the main user struct

func (*User) IsValid

func (user *User) IsValid() (bool, error)

IsValid checks if an user is valid and has no missing mandatory fields * Login must not be empty * Login must not be shorter than 3 characters * Role must not be empty (or 0 value) * LastName must not be empty

type UserWithPassword

type UserWithPassword struct {
	User
	Password string `json:"password" db:"password"`
}

UserWithPassword is used to log in the user (and only this use case) The standard User struct must be used if the password is not required

func (*UserWithPassword) IsValid

func (user *UserWithPassword) IsValid() (bool, error)

IsValid checks if a user with password is valid and has no missing mandatory fields * User must be valid (see User struct) * Password must not be empty * Password must not be shorter than 6 characters

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL