auth

package
v0.0.0-...-d1a9080 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 5, 2021 License: AGPL-3.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetRequestUser 

func GetRequestUser(r *http.Request) *users.User

GetRequestUser returns the current request's user.

func Init 

func Init(providers ...Provider) func(next http.Handler) http.Handler

Init returns an http.Handler that will try to find a suitable authentication provider on each request. The first to return true with its IsActive() method becomes the request authentication provider.

If no provider could be found, the NullProvider will then be used.

The provider is then stored in the request's context and can be retrieved using GetRequestProvider().

func Required 

func Required(next http.Handler) http.Handler

Required returns an http.Handler that will enforce authentication on the request. It uses the request authentication provider to perform the authentication.

A provider performing a successful authentication must store its authentication information using SetRequestAuthInfo.

When the request has this attribute it will carry on. Otherwise it stops the response with a 403 error.

The logged in user can be retrieved with GetRequestUser().

func SetRequestAuthInfo 

func SetRequestAuthInfo(r *http.Request, info *Info) *http.Request

SetRequestAuthInfo stores the request's user.

Types

type BasicAuthProvider 

type BasicAuthProvider struct{}

BasicAuthProvider handles basic HTTP authentication method with "Authorization: Basic {payload}" header.

func (*BasicAuthProvider) Authenticate 

func (p *BasicAuthProvider) Authenticate(w http.ResponseWriter, r *http.Request) (*http.Request, error)

Authenticate performs the authentication using the HTTP basic authentication information provided.

func (*BasicAuthProvider) CsrfExempt 

func (p *BasicAuthProvider) CsrfExempt(_ *http.Request) bool

CsrfExempt is always true for this provider.

func (*BasicAuthProvider) IsActive 

func (p *BasicAuthProvider) IsActive(r *http.Request) bool

IsActive returns true when the client submits basic HTTP authorization header.

type FeatureCsrfProvider 

type FeatureCsrfProvider interface {
	// Must return true to disable CSRF protection for the request.
	CsrfExempt(r *http.Request) bool
}

FeatureCsrfProvider allows a provider to implement a method to bypass all CSRF protection.

type Info 

type Info struct {
	Provider *ProviderInfo
	User     *users.User
}

Info is the payload with the currently authenticated user and some information about the provider

func GetRequestAuthInfo 

func GetRequestAuthInfo(r *http.Request) *Info

GetRequestAuthInfo returns the current request's auth info

type NullProvider 

type NullProvider struct{}

NullProvider is the provider returned when no other provider could be activated.

func (*NullProvider) Authenticate 

func (p *NullProvider) Authenticate(_ http.ResponseWriter, r *http.Request) (*http.Request, error)

Authenticate doesn't do anything

func (*NullProvider) Info 

func (p *NullProvider) Info(_ *http.Request) *ProviderInfo

Info return information about the provider.

func (*NullProvider) IsActive 

func (p *NullProvider) IsActive(_ *http.Request) bool

IsActive is always false

type Provider 

type Provider interface {
	// Must return true to enable the provider for the current request.
	IsActive(r *http.Request) bool

	// Must return a request with the Info provided when successful.
	Authenticate(http.ResponseWriter, *http.Request) (*http.Request, error)
}

Provider is the interface that must implement any authentication provider.

func GetRequestProvider 

func GetRequestProvider(r *http.Request) Provider

GetRequestProvider returns the current request's authentication provider.

type ProviderInfo 

type ProviderInfo struct {
	Name        string
	Application string
}

ProviderInfo contains information about the provider.

type SessionAuthProvider 

type SessionAuthProvider struct {
	// A function that returns the request's session
	GetSession func(*http.Request) *sessions.Session

	// A function that sets a Location header when
	// authentication fails.
	Redirect func(http.ResponseWriter, *http.Request)
}

SessionAuthProvider is the last authentication provider. It's alway enabled in case of every previous provider failing.

func (*SessionAuthProvider) Authenticate 

func (p *SessionAuthProvider) Authenticate(w http.ResponseWriter, r *http.Request) (*http.Request, error)

Authenticate checks if the request's session cookie is valid and the user exists.

func (*SessionAuthProvider) IsActive 

func (p *SessionAuthProvider) IsActive(_ *http.Request) bool

IsActive always returns true. As it's the last provider, when authentication fail it will with a redirect to the login page.

type TokenAuthProvider 

type TokenAuthProvider struct{}

TokenAuthProvider handles authentication using a bearer token passed in the request "Authorization" header with the scheme "Bearer".

func (*TokenAuthProvider) Authenticate 

func (p *TokenAuthProvider) Authenticate(w http.ResponseWriter, r *http.Request) (*http.Request, error)

Authenticate performs the authentication using the "Authorization: Bearer" header provided.

func (*TokenAuthProvider) CsrfExempt 

func (p *TokenAuthProvider) CsrfExempt(_ *http.Request) bool

CsrfExempt is always true for this provider.

func (*TokenAuthProvider) IsActive 

func (p *TokenAuthProvider) IsActive(r *http.Request) bool

IsActive returns true when the client submits a bearer token.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.