auth

package module
v0.0.0-...-5c7aa9f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2016 License: MIT Imports: 18 Imported by: 0

README

Auth

Simple auth using JWT tokens

Coverage Status Build Status GoDoc Go Report Card

Example - the login handler

secret := make([]byte, 20)
rand.Read(secret)
// Signing method is used to sign tokens
signingMethod := auth.SigningMethodHMAC(secret, auth.Size256)

// TokenGenerator is used to create/verify tokens
tokenGenerator := auth.NewTokenGenerator(signingMethod)

// Authenticator authenticates logins and creates a token
authenticator := auth.NewAuthenticator(tokenGenerator, storage, time.Hour)

// Handler implements http.Handler and handles logins
handler := auth.NewHandler(authenticator)

http.Handle("/auth", handler)
http.ListenAndServe(:8080, nil)
OR
secret := make([]byte, 20)
rand.Read(secret)
// Signing method is used to sign tokens
signingMethod := auth.SigningMethodHMAC(secret, auth.Size256)

// Handler implements http.Handler and handles logins
handler, authenticator := auth.NewHandlerAndAuthenticator(signingMethod, storage, time.Hour))

http.Handle("/auth", handler)
http.ListenAndServe(:8080, nil)

Example - getting the users information


func SomeHandlerOrMiddleware(w http.ResponseWriter, r *http.Request) {
    user, _ := handler.UserFromRequest(r);

    // You can also store and retrieve from a context
    ctx := context.Background()
    ctx = auth.NewUserContext(ctx, user)

    userFromContext := auth.UserFromContext(ctx)
}

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrTokenInvalid = errors.New("Token is invalid")
)

Errors returned from TokenGenerator

Functions

func NewHandlerAndAuthenticator 

func NewHandlerAndAuthenticator(method SigningMethod, storage Storage, lifetime time.Duration, refreshLifetime time.Duration) (*Handler, *Authenticator)

NewHandlerAndAuthenticator creates a new login handler and Authenticator

func NewUserContext 

func NewUserContext(ctx context.Context, user *User) context.Context

NewUserContext stores a user information in the context

Types

type Authenticator 

type Authenticator struct {
	// contains filtered or unexported fields
}

Authenticator is user authenticator and token generator

func NewAuthenticator 

func NewAuthenticator(generator *TokenGenerator, storage Storage, lifetime time.Duration, refreshLifetime time.Duration) *Authenticator

NewAuthenticator creates a Authenticator

func (*Authenticator) Authenticate 

func (a *Authenticator) Authenticate(user string, pass string) (string, string, error)

Authenticate user and generate token

func (*Authenticator) Generate 

func (a *Authenticator) Generate(user *User) (string, error)

Generate token for UID

func (*Authenticator) GenerateRefresh 

func (a *Authenticator) GenerateRefresh(user *User) (string, error)

GenerateRefresh generates a refresh token for UID

func (*Authenticator) ValidateRefresh 

func (a *Authenticator) ValidateRefresh(token string) (*User, error)

ValidateRefresh refresh token and return UID

func (*Authenticator) ValidateToken 

func (a *Authenticator) ValidateToken(token string) (*User, error)

ValidateToken token and return UID

type ECDSAKeyGen 

type ECDSAKeyGen interface {
	KID() interface{}
	Key(kid interface{}) *ecdsa.PrivateKey
}

ECDSAKeyGen gets ecdsa keys based on an id

func SimpleECDSAKeyGen 

func SimpleECDSAKeyGen(key *ecdsa.PrivateKey) ECDSAKeyGen

SimpleECDSAKeyGen ignores the kid and returnes a consitent private key

type Handler 

type Handler struct {
	// contains filtered or unexported fields
}

Handler is a login handler

func NewHandler 

func NewHandler(auth *Authenticator) *Handler

NewHandler creates a new login handler

func (*Handler) CtxServeHTTP 

func (h *Handler) CtxServeHTTP(ctx context.Context, w http.ResponseWriter, r *http.Request)

CtxServeHTTP implements scaffold.Handler

func (*Handler) ServeHTTP 

func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP implements http.Handler

func (*Handler) UserFromRequest 

func (h *Handler) UserFromRequest(r *http.Request) (*User, error)

UserFromRequest parses the UID from the request

type RSAKeyGen 

type RSAKeyGen interface {
	KID() interface{}
	Key(kid interface{}) *rsa.PrivateKey
}

RSAKeyGen gets rsa keys based on an id

func SimpleRSAKeyGen 

func SimpleRSAKeyGen(key *rsa.PrivateKey) RSAKeyGen

SimpleRSAKeyGen ignores the kid and returnes a consitent private key

type Request 

type Request struct {
	Token    string `json:"token"`
	Refresh  string `json:"refresh_token"`
	Username string `json:"username"`
	Password string `json:"password"`
}

Request is a request

func ParseRequest 

func ParseRequest(r *http.Request) (*Request, error)

ParseRequest parses a request from a http.Request

func (*Request) UnmarshalJSON 

func (uj *Request) UnmarshalJSON(input []byte) error

func (*Request) UnmarshalJSONFFLexer 

func (uj *Request) UnmarshalJSONFFLexer(fs *fflib.FFLexer, state fflib.FFParseState) error

type Response 

type Response struct {
	Error        string `json:"error,omitempty"`
	Token        string `json:"token,omitempty"`
	RefreshToken string `json:"refresh_token,omitempty"`
}

Response is a login response

func (*Response) MarshalJSON 

func (mj *Response) MarshalJSON() ([]byte, error)

func (*Response) MarshalJSONBuf 

func (mj *Response) MarshalJSONBuf(buf fflib.EncodingBuffer) error

type SigningMethod 

type SigningMethod interface {
	KID() interface{}
	PublicKey(interface{}) interface{}
	PrivateKey(interface{}) interface{}
	Method() jwt.SigningMethod
}

SigningMethod generates public and private keys

func SigningMethodECDSA 

func SigningMethodECDSA(keygen ECDSAKeyGen, size Size) SigningMethod

SigningMethodECDSA implements SigningMethod based off a private key

func SigningMethodHMAC 

func SigningMethodHMAC(secret []byte, size Size) SigningMethod

SigningMethodHMAC implements SigningMethod based off a secret

func SigningMethodRSA 

func SigningMethodRSA(keygen RSAKeyGen, size Size) SigningMethod

SigningMethodRSA implements SigningMethod based off a private key

func SigningMethodRSAPSS 

func SigningMethodRSAPSS(keygen RSAKeyGen, size Size) SigningMethod

SigningMethodRSAPSS implements SigningMethod based off a private key

type Size 

type Size int

Size is the signature size 

const (
	Size256 Size = 256
	Size384 Size = 384
	Size512 Size = 512
)

Size vars

type Storage 

type Storage interface {
	Authenticate(user string, pass string) (*User, error)
}

Storage implements account storage

type TokenGenerator 

type TokenGenerator struct {
	// contains filtered or unexported fields
}

TokenGenerator generates and verifies tokens

func NewTokenGenerator 

func NewTokenGenerator(method SigningMethod) *TokenGenerator

NewTokenGenerator creates a new token generator

func (*TokenGenerator) Create 

func (t *TokenGenerator) Create() *jwt.Token

Create creates a new token using the correct method

func (*TokenGenerator) Sign 

func (t *TokenGenerator) Sign(token *jwt.Token) (string, error)

Sign signs the token and returns its string

func (*TokenGenerator) Verify 

func (t *TokenGenerator) Verify(str string) (*jwt.Token, error)

Verify verifies and parses a token string

type User 

type User struct {
	UID         string
	Permissions []string
}

User contains uid and permissions

func UserFromContext 

func UserFromContext(ctx context.Context) *User

UserFromContext get the uid of the context

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.