Documentation ¶
Index ¶
- Constants
- func Authenticate(store Authenticator, methods ...authMethod) gin.HandlerFunc
- func AuthenticateBySession(c *gin.Context, authr Authenticator) error
- func AuthenticateByToken(c *gin.Context, authr Authenticator) error
- func AuthenticateExternalInitiator(c *gin.Context, store Authenticator) error
- func AuthenticateGQL(authenticator Authenticator, lggr logger.Logger) gin.HandlerFunc
- func GetAuthenticatedExternalInitiator(c *gin.Context) (*bridges.ExternalInitiator, bool)
- func GetAuthenticatedUser(c *gin.Context) (*clsessions.User, bool)
- func RequiresAdminRole(handler func(*gin.Context)) func(*gin.Context)
- func RequiresEditRole(handler func(*gin.Context)) func(*gin.Context)
- func RequiresRunRole(handler func(*gin.Context)) func(*gin.Context)
- func SetGQLAuthenticatedSession(ctx context.Context, user clsessions.User, sessionID string) context.Context
- type Authenticator
- type GQLSession
Constants ¶
const ( // APIKey is the header name for the API token identifier for user authentication. APIKey = "X-API-KEY" // APISecret is the header name for the API token secret for user authentication. APISecret = "X-API-SECRET" // SessionName is the session name SessionName = "clsession" // SessionIDKey is the session ID key in the session map SessionIDKey = "clsession_id" // SessionUserKey is the User key in the session map SessionUserKey = "user" // SessionExternalInitiatorKey is the External Initiator key in the session map SessionExternalInitiatorKey = "external_initiator" )
Variables ¶
This section is empty.
Functions ¶
func Authenticate ¶
func Authenticate(store Authenticator, methods ...authMethod) gin.HandlerFunc
Authenticate is middleware which authenticates the request by attempting to authenticate using all the provided methods.
func AuthenticateBySession ¶
func AuthenticateBySession(c *gin.Context, authr Authenticator) error
AuthenticateBySession authenticates the request by the session cookie.
Implements authMethod
func AuthenticateByToken ¶
func AuthenticateByToken(c *gin.Context, authr Authenticator) error
AuthenticateByToken authenticates a User by their API token.
Implements authMethod
func AuthenticateExternalInitiator ¶
func AuthenticateExternalInitiator(c *gin.Context, store Authenticator) error
AuthenticateExternalInitiator authenticates an external initiator request.
Implements authMethod
func AuthenticateGQL ¶
func AuthenticateGQL(authenticator Authenticator, lggr logger.Logger) gin.HandlerFunc
AuthenticateGQL middleware checks the session cookie for a user and sets it on the request context if it exists. It is the responsibility of each resolver to validate whether it requires an authenticated user.
We currently only support GQL authentication by session cookie.
func GetAuthenticatedExternalInitiator ¶
func GetAuthenticatedExternalInitiator(c *gin.Context) (*bridges.ExternalInitiator, bool)
GetAuthenticatedExternalInitiator extracts the external initiator from the context.
func GetAuthenticatedUser ¶
func GetAuthenticatedUser(c *gin.Context) (*clsessions.User, bool)
GetAuthenticatedUser extracts the authentication user from the context.
func RequiresAdminRole ¶
RequiresAdminRole extracts the user object from the context, and asserts the user's role is 'admin'
func RequiresEditRole ¶
RequiresEditRole extracts the user object from the context, and asserts the user's role is at least 'edit'
func RequiresRunRole ¶
RequiresRunRole extracts the user object from the context, and asserts the user's role is at least 'run'
func SetGQLAuthenticatedSession ¶
func SetGQLAuthenticatedSession(ctx context.Context, user clsessions.User, sessionID string) context.Context
SetGQLAuthenticatedSession sets the authenticated session in the context
There shouldn't be a need to do this outside of testing
Types ¶
type Authenticator ¶
type Authenticator interface { AuthorizedUserWithSession(sessionID string) (clsessions.User, error) FindExternalInitiator(eia *auth.Token) (*bridges.ExternalInitiator, error) FindUser(email string) (clsessions.User, error) FindUserByAPIToken(apiToken string) (clsessions.User, error) }
Authenticator defines the interface to authenticate requests against a datastore.
type GQLSession ¶
type GQLSession struct { SessionID string User *clsessions.User }
func GetGQLAuthenticatedSession ¶
func GetGQLAuthenticatedSession(ctx context.Context) (*GQLSession, bool)
GetGQLAuthenticatedSession extracts the authentication session from a context.