auth

package
v0.0.0-...-5178349 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 1, 2017 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DummyAuth

func DummyAuth(c *web.C, h http.Handler) http.Handler

DummyAuth creates a fake user.

func DummyLoginHandler

func DummyLoginHandler(w http.ResponseWriter, r *http.Request)

DummyLoginHandler logs the unknown user in automatically.

func DummyLogoutHandler

func DummyLogoutHandler(w http.ResponseWriter, r *http.Request)

DummyLogoutHandler logs the unknown user out.

Types

type Auth

type Auth interface {
	AuthorizeOrForbid(c *web.C, h http.Handler) http.Handler
	AuthorizeOrForbidAdmin(c *web.C, h http.Handler) http.Handler
	ExpireDisplayName(h http.Handler) http.Handler
	LoginHandler(w http.ResponseWriter, r *http.Request)
	LogoutHandler(w http.ResponseWriter, r *http.Request)
	AuthCallbackHandler(w http.ResponseWriter, r *http.Request)
	User(r *http.Request) *User
}

Auth is the interface managing user auth flow

func New

func New(githubServer string,
	clientID string,
	clientSecret string,
	cookieSecret string,
	requiredOrg string,
	adminTeam string,
	loginURL string) Auth

New creates and returns a github auth object

type GithubAuth

type GithubAuth struct {
	RequiredOrg string // If empty, membership will not be tested
	AdminTeam   string
	LoginURL    string
	LoginTTL    time.Duration
	CookieStore *sessions.CookieStore
	// contains filtered or unexported fields
}

GithubAuth is an object managing the auth flow with github

func (*GithubAuth) AuthCallbackHandler

func (a *GithubAuth) AuthCallbackHandler(w http.ResponseWriter, r *http.Request)

AuthCallbackHandler receives the callback portion of the auth flow

func (*GithubAuth) AuthorizeOrForbid

func (a *GithubAuth) AuthorizeOrForbid(c *web.C, h http.Handler) http.Handler

AuthorizeOrForbid requires the user be logged in and a member of the proper org (therefore allowed write access to Ace schemas), else 403s.

func (*GithubAuth) AuthorizeOrForbidAdmin

func (a *GithubAuth) AuthorizeOrForbidAdmin(c *web.C, h http.Handler) http.Handler

AuthorizeOrForbidAdmin requires the user be logged in and a member of the admin team (therefore allowed write access to maintenance modes and Kinesis streams), else 403s.

func (*GithubAuth) ExpireDisplayName

func (a *GithubAuth) ExpireDisplayName(h http.Handler) http.Handler

ExpireDisplayName expires the display name if the github auth is no longer valid.

func (*GithubAuth) LoginHandler

func (a *GithubAuth) LoginHandler(w http.ResponseWriter, r *http.Request)

LoginHandler handles the login portion of the auth flow

func (*GithubAuth) LogoutHandler

func (a *GithubAuth) LogoutHandler(w http.ResponseWriter, r *http.Request)

LogoutHandler handles the logout step of the auth flow

func (*GithubAuth) User

func (a *GithubAuth) User(r *http.Request) *User

User fetches the login information, or nil if you're not above an auth middleware If you're not using the middlewares, you probably want RequireLogin instead

type User

type User struct {
	Name          string
	IsMemberOfOrg bool
	IsAdmin       bool
}

User represents a user for authorization purposes

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL