Documentation
¶
Index ¶
- func Authorization(next http.HandlerFunc) http.HandlerFunc
- func Dumpster(next http.HandlerFunc) http.HandlerFunc
- func SCIMTokenValidator(next http.HandlerFunc) http.HandlerFunc
- func SessionValidator(next http.HandlerFunc) http.HandlerFunc
- func SessionValidatorWS(...) http.HandlerFunc
- type AuthMiddleware
- type Dumper
- type InAppTrail
- type SCIMAuth
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Authorization ¶
func Authorization(next http.HandlerFunc) http.HandlerFunc
Authorization has one of the most important security function for TRASA. It handles roles and permission for user specific to organization and sandbox crud operations between inter Ogranization. 1 - we extract request method 2 - we extract api endpoint from url path 3 - we extract user role and permissions 4 - we verify user role (based on group) to incoming request endpoint and method. 5 - we verify if the requested crud operation belongs to same organization. orgID derived from session ID is relevant source of truth here.
func Dumpster ¶
func Dumpster(next http.HandlerFunc) http.HandlerFunc
func SCIMTokenValidator ¶ added in v1.1.4
func SCIMTokenValidator(next http.HandlerFunc) http.HandlerFunc
SCIMTokenValidator validates incoming authorization token for scim requests refer to handler GenerateSCIMAuthToken to check how the token is generated.
func SessionValidator ¶
func SessionValidator(next http.HandlerFunc) http.HandlerFunc
SessionValidator is a middleware that checks for csrf tokens and session cookies
func SessionValidatorWS ¶
func SessionValidatorWS(next func(params models.ConnectionParams, uc models.UserContext, ws *websocket.Conn)) http.HandlerFunc
SessionValidator is a middleware that checks for csrf tokens and session cookies
Types ¶
type AuthMiddleware ¶
type AuthMiddleware struct {
}
type InAppTrail ¶
type InAppTrail struct {
}
This middleware should be placed on outermost/topmost place
Source Files