Documentation
¶
Overview ¶
Package authenticator provides a way to authenticate users using different methods.
Index ¶
- Constants
- Variables
- func AbortWithError(c *gin.Context, err error) error
- func HandleSessionError(c *gin.Context, session sessions.Session, err error)
- func LoginIDFromSession(session *sessions.Session) (login string, inSession bool)
- func LoginIDPasswordFromSession(session *sessions.Session) (login, password string, inSession bool)
- type Authenticator
- type BasicAuthenticator
- type LoginInfo
Constants ¶
const ( // CookieName is the name of the cookie used for session authentication. CookieName = "BP_OP_AUTH" // LoginKey is a key that is used to identify the login id. LoginKey = "loginid" // PasswordKey is a key that is used to identify the password. PasswordKey = "p" // UsernameKey is a key that is used to identify the username. UsernameKey = "u" // AuthenticatedKey is a key that is used to identify if the user has been authenticated in the middleware. AuthenticatedKey = "authenticated" )
Variables ¶
var ErrBadBindCreds = errors.New("incorrect username or password for BindUser")
ErrBadBindCreds for invalid authentication credentials
var ErrBadCreds = errors.New("incorrect username or password")
ErrBadCreds for invalid authentication credentials
var ErrInvalidSession = errors.New("failed to retrieve session")
ErrInvalidSession for when username or password are expected and not present
var ErrMissingCreds = errors.New("missing field 'credential'")
ErrMissingCreds is an error for when a google authentication payload doesn't have credentials
Functions ¶
func AbortWithError ¶
AbortWithError aborts the gin context with the given error.
func HandleSessionError ¶
HandleSessionError handles the gin context and session after a non nil error is returned while getting session. It will clear the session and abort with error. Must call return during the gin handler function directly after.
func LoginIDFromSession ¶
LoginIDFromSession returns the login id from the session.
Types ¶
type Authenticator ¶
type Authenticator interface {
// Login takes in a ctx that has the username and password attached to it in some way. currently in either the Postform or the request Header.
// This function should store some form of the user on the session to be used in the verify function.
// The string returned is the unique identifier of the user that was just logged in
// Ex: "email" in google, "DN (distinguished name)" in LDAP, or just the authenticator.LoginSession for system auth.
// Login is expected to atleast return a username on the LoginInfo for logging purposes.
Login(ctx *gin.Context, session *sessions.Session) (*LoginInfo, error)
// Verify pulls the information Login put on the session and checks that those credentials are still valid
// this should mainly be used in verifying established UI connections
Verify(ctx *gin.Context, session *sessions.Session) error
// Middleware authenticates a user that is directly using the REST endpoints. Nothing needs to be saved on the session for this function.
// once there is verification that the user is authenticated, authenticatedKey should be set to "true" on the context
// It is expected that loginID is set on the context to be used by the check user middleware. if the display name is different than the loginID, set usernameKey.
Middleware() gin.HandlerFunc
}
Authenticator represents a way to authenticate a given username and password
func NewBasicAuthenticator ¶
func NewBasicAuthenticator(username, password string) Authenticator
NewBasicAuthenticator creates an authenticator for internal server profile
type BasicAuthenticator ¶
type BasicAuthenticator struct {
// contains filtered or unexported fields
}
BasicAuthenticator is an authenticator that uses the server profile username and password
func (*BasicAuthenticator) Login ¶
Login attempts to login in a user from the postform and returns the proper loginID
func (*BasicAuthenticator) Middleware ¶
func (a *BasicAuthenticator) Middleware() gin.HandlerFunc
Middleware returns Authentication middleware for Basic server profile verification
Source Files
Directories