Documentation
¶
Index ¶
Constants ¶
const ( // AuthenticationMethodPropertyName allows to query the HTTP context for the authentication method used. // See AuthenticationMethodBearerToken and AuthenticationMethodBasicAuth, // as well as Context() on http.Request. AuthenticationMethodPropertyName contextKey = "authentication-method" // AuthenticationMethodBearerToken should be used to compare with the value returned by AuthenticationMethodPropertyName. // // func(w http.ResponseWriter, r *http.Request) { // method := r.Context().Value(auth.UserPropertyName); // if method == auth.AuthenticationMethodBearerToken { // // Bearer Token auth // } // } AuthenticationMethodBearerToken = "Bearer" // AuthenticationMethodBasicAuth should be used to compare with the value returned by AuthenticationMethodPropertyName: // // func(w http.ResponseWriter, r *http.Request) { // method := r.Context().Value(auth.UserPropertyName); // if method == auth.AuthenticationMethodBasicAuth { // // Basic auth // } // } AuthenticationMethodBasicAuth = "Basic" )
const TokenPropertyName = "bearer-token"
TokenPropertyName allows to query the HTTP context for the current user's JWT token. See Context() on http.Request.
func(w http.ResponseWriter, r *http.Request) {
claims := req.Context().Value(auth.TokenPropertyName).(*jwt.Claims)
if n, ok := claims.Number("deadline"); !ok {
fmt.Fprintln(w, "no deadline")
} else {
fmt.Fprintln(w, "deadline at", (*jwt.NumericTime)(&n))
}
}
const UserPropertyName contextKey = "user"
UserPropertyName allows to query the HTTP context for the current user's name. See Context() on http.Request.
func(w http.ResponseWriter, r *http.Request) {
user := r.Context().Value(auth.UserPropertyName);
fmt.Fprintf(w, "This is an authenticated request")
fmt.Fprintf(w, "User name: '%s'\n", user)
}
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticationMiddleware ¶
type AuthenticationMiddleware struct {
// contains filtered or unexported fields
}
AuthenticationMiddleware represents a mux middleware which, given an http.Request, can check whether it's Authorization header contains a valid BearerToken or – if not – valid Basic Auth information.
func New ¶
func New(credentials []Credential, keys *jwt.KeyRegister) AuthenticationMiddleware
New returns a new and completely initialized AuthenticationMiddleware.
type Basic ¶
type Basic struct {
Credentials []Credential
}
Basic represents a mux middleware that, given a http.Request, checks whether the Authorization header contains any of the given Credentials.
type BearerToken ¶
type BearerToken struct {
Keys *jwt.KeyRegister
}
BearerToken represents a mux middleware that, given a http.Request, checks whether the Authorization header contains any JWT tokens and validates them with the configured Keys.
type Credential ¶
type Credential struct {
// contains filtered or unexported fields
}
Credential represents one user's “username and password” combination.
func NewCredential ¶
func NewCredential(username, password string) Credential
NewCredential turns a username and a password into a Credential. The username and the password are hashed using sha256.Sum256, so that they can not be extracted from memory or a core dump or likewise.
func SingleCredential ¶
func SingleCredential(username, password string) []Credential
SingleCredential is a short-hand function to create a list of Credentials with just one Credential in it.
type Principal ¶
type Principal string
Principal represents the entity (person or system) in who's name the current request is made. It does not represent the _origin_ of the request. For example, a system might send a request in the name of a person.
func PrincipalFromContext ¶
PrincipalFromContext extracts the Principal on whose name the given http.Request was made based on the information that was retrieved with the http.Request in the Authorization HTTP header.
Source Files