auth

package

v0.0.0-...-56f6100 Latest Latest Go to latest Published: Nov 16, 2024 License: MIT Imports: 28 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/seankhliao/mono

Links

Open Source Insights

Documentation ¶

Overview ¶

auth implements a user authentication / authorization server.

The only available user authentication method is passkeys (resident keys). User registration is achieved by obtaining an admin token from the debug endpoint :8081/debug/admin-token and registering with new credentials.

The App.AuthN middleware will ensure all requests have an associated session, identified by a authv1.TokenInfo which can be obtained from the request context with FromContext.

The App.AuthZ middleware will ensure all requests conform to the given policy. By default, 2 policies are available, AllowAnonymous allows all requests through, AllowRegistered only allows requests from users with registered accounts.

Sessions are handled with cookies and cleared on a schedule, 6 hours for anonymous sessions and 1 week for registered users.

Index ¶

Variables
func Admin(a *App, r yrun.HTTPRegistrar)
func AuthZPolicy(policy string) (cel.Program, error)
func FromContext(ctx context.Context) *authv1.TokenInfo
func MustAuthZPolicy(policy string) cel.Program
func Register(a *App, r yrun.HTTPRegistrar)
type App
- func New(c Config, bkt *blob.Bucket, o yrun.O11y) (*App, error)
type Config

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	AllowAnonymous  = MustAuthZPolicy(`user_id >= 0`)
	AllowRegistered = MustAuthZPolicy(`user_id > 0`)
)

View Source

var TokenInfoContextKey = tokenInfoContextKey{}

Functions ¶

func Admin ¶

func Admin(a *App, r yrun.HTTPRegistrar)

func AuthZPolicy ¶

func AuthZPolicy(policy string) (cel.Program, error)

func FromContext ¶

func FromContext(ctx context.Context) *authv1.TokenInfo

func MustAuthZPolicy ¶

func MustAuthZPolicy(policy string) cel.Program

func Register ¶

func Register(a *App, r yrun.HTTPRegistrar)

Types ¶

type App ¶

type App struct {
	// contains filtered or unexported fields
}

func New ¶

func New(c Config, bkt *blob.Bucket, o yrun.O11y) (*App, error)

func (*App) AuthN ¶

func (a *App) AuthN(next http.Handler) http.Handler

AuthN ensures there's always a valid session. The user may be anonymous (UserId == 0).

func (*App) AuthZ ¶

func (a *App) AuthZ(policy cel.Program) func(http.Handler) http.Handler

func (*App) CleanSessions ¶

func (a *App) CleanSessions() error

type Config ¶

type Config struct {
	Host         string
	CookieDomain string
	CookieName   string
}

Config from a config file

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
v1

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL