README
¶
martini-login
Purpose
This package provides a simple way to make routes require a login, and to handle user logins in the session. It should work with any user model that you have in your application, so long as your user model implements the login.User interface.
Please see the example program in the example/ directory.
Program Flow:
Every new request to Martini will generate an Anonymous login.User struct using the function passed to SessionUser. This should default to a zero value user model, and must implement the login.User interface. If a user exists in the request session, this user will be injected into every request handler. Otherwise the zero value object will be injected.
When a user visits any route with the LoginRequired handler, the login.User object will be examined with the IsAuthenticated() function. If the user is not authenticated, they will be redirected to a login page (/login).
To log your users in, you should create a POST route, and verify the user/password that was sent from the client. Due to the vast possibilities of doing this, you must be responsible for validating a user. Once that user is validated, call login.AuthenticateSession() to mark the session as authenticated.
Your user type should meet the login.User interface:
type User interface {
// Return whether this user is logged in or not
IsAuthenticated() bool
// Set any flags or extra data that should be available
Login()
// Clear any sensitive data out of the user
Logout()
// Return the unique identifier of this user object
UniqueId() interface{}
// Populate this user object with values
GetById(id interface{}) error
}
The SessionUser() Martini middleware will inject the login.User interface into your route handlers. These interfaces must be converted to your appropriate type to function correctly.
func handler(user login.User, db *MyDB) {
u := user.(*UserModel)
db.Save(u)
}
Documentation
¶
Overview ¶
Package login is a middleware for Martini that provides a simple way to track user sessions in on a website. Please see https://github.com/codegangsta/martini-contrib/blob/master/sessionauth/README.md for a more detailed description of the package.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuthenticateSession ¶
AuthenticateSession will mark the session and user object as authenticated. Then the Login() user function will be called. This function should be called after you have validated a user.
func LoginRequired ¶
LoginRequired verifies that the current user is authenticated. Any routes that require a login should have this handler placed in the flow. If the user is not authenticated, they will be redirected to /login with the "next" get parameter set to the attempted URL.
func SessionUser ¶
SessionUser will try to read a unique user ID out of the session. Then it tries to populate an anonymous user object from the database based on that ID. If this is successful, the valid user is mapped into the context. Otherwise the anonymous user is mapped into the contact. The newUser() function should provide a valid 0value structure for the caller's user type.
Types ¶
type User ¶
type User interface {
// Return whether this user is logged in or not
IsAuthenticated() bool
// Set any flags or extra data that should be available
Login()
// Clear any sensitive data out of the user
Logout()
// Return the unique identifier of this user object
UniqueId() interface{}
// Populate this user object with values
GetById(id interface{}) error
}
User defines all the functions necessary to work with the user's authentication. The caller should implement these functions for whatever system of authentication they choose to use
Source Files
Directories