Documentation ¶
Overview ¶
Package proxylogin implements alogin.Login when letting a reverse proxy handle authentication.
Index ¶
- Constants
- type ProxyLogin
- func (p *ProxyLogin) HasRole(r *http.Request, wantedRole roles.Role) bool
- func (p *ProxyLogin) LoggedInAs(r *http.Request) alogin.EMail
- func (p *ProxyLogin) LoginURL(r *http.Request) string
- func (p *ProxyLogin) NeedsAuthentication(w http.ResponseWriter, r *http.Request)
- func (p *ProxyLogin) Roles(r *http.Request) roles.Roles
- func (p *ProxyLogin) Status(r *http.Request) alogin.Status
Constants ¶
const ( // DefaultLoginURL is the default URL to use for logging in. DefaultLoginURL = "https://skia.org/login/" // DefaultLogoutURL is the default URL to use for logging out. DefaultLogoutURL = "https://skia.org/logout/" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ProxyLogin ¶
type ProxyLogin struct {
// contains filtered or unexported fields
}
ProxyLogin implements alogin.Login by relying on a reverse proxy doing the authentication and then passing the user's logged in status via header value.
See https://grafana.com/docs/grafana/latest/auth/auth-proxy/ and https://cloud.google.com/iap/docs/identity-howto#getting_the_users_identity_with_signed_headers
func New ¶
func New(headerName, emailRegex string) (*ProxyLogin, error)
New returns a new instance of proxyLogin.
headerName is the name of the header that contains the proxy authentication information.
emailRegex is a regex to extract the email address from the header value. This value can be nil. This is useful for reverse proxies that include other information in the header in addition to the email address, such as https://cloud.google.com/iap/docs/identity-howto#getting_the_users_identity_with_signed_headers
If supplied, the Regex must have a single subexpression that matches the email address.
func NewWithDefaults ¶
func NewWithDefaults() *ProxyLogin
NewWithDefaults calls New() with reasonable default values.
func NewWithDomain ¶
func NewWithDomain() *ProxyLogin
func (*ProxyLogin) LoggedInAs ¶
func (p *ProxyLogin) LoggedInAs(r *http.Request) alogin.EMail
LoggedInAs implements alogin.Login.
func (*ProxyLogin) LoginURL ¶
func (p *ProxyLogin) LoginURL(r *http.Request) string
LoginURL implements alogin.Login.
func (*ProxyLogin) NeedsAuthentication ¶
func (p *ProxyLogin) NeedsAuthentication(w http.ResponseWriter, r *http.Request)
NeedsAuthentication implements alogin.Login.