alogin

Documentation

Overview

Package alogin defines the Login interface for handling login in web applications.

The implementations of Login should be used with the //infra-sk/modules/alogin-sk control.

Index

• func FakeStatus(ctx context.Context, s *Status) context.Context
• func ForceRole(h http.Handler, login Login, role roles.Role) http.Handler
• func ForceRoleMiddleware(login Login, role roles.Role) func(http.Handler) http.Handler
• func LoginStatusHandler(login Login) http.HandlerFunc
• func StatusMiddleware(login Login) func(http.Handler) http.Handler
• type EMail
  • func (e EMail) String() string
• type Login
• type Status
  • func GetStatus(ctx context.Context) *Status

Functions

func FakeStatus

func FakeStatus(ctx context.Context, s *Status) context.Context

FakeStatus is to be used by unit tests which want to fake that a user is logged in.

func ForceRole

func ForceRole(h http.Handler, login Login, role roles.Role) http.Handler

ForceRole is middleware that enforces the logged in user has the specified role before the wrapped handler is called.

func ForceRoleMiddleware

func ForceRoleMiddleware(login Login, role roles.Role) func(http.Handler) http.Handler

ForceRoleMiddleware returns a middleware that restricts access to only those users that have the given role.

func LoginStatusHandler

func LoginStatusHandler(login Login) http.HandlerFunc

LoginStatusHandler returns an http.HandlerFunc that should be used to handle requests to "/_/login/status", which is the default location of the status handler in the alogin-sk element.

func StatusMiddleware

func StatusMiddleware(login Login) func(http.Handler) http.Handler

StatusMiddleware is middleware which attaches login info to the request context. This allows handler to use GetSession() to retrieve the Session information even if the don't have access to the original http.Request object, like in a twirp handler.

Types

type EMail

type EMail string

EMail is an email address.

const NotLoggedIn EMail = ""

NotLoggedIn is the EMail value used to indicate a user is not logged in.

func (EMail) String

func (e EMail) String() string

String returns the email address as a string.

type Login

type Login interface {
	// LoggedInAs returns the email of the logged in user, or the empty string
	// of they are not logged in.
	LoggedInAs(r *http.Request) EMail

	// Status returns the logged in status and other details about the current
	// user.
	Status(r *http.Request) Status

	// All the authorized Roles for a user.
	Roles(r *http.Request) roles.Roles

	// Returns true if the currently logged in user has the given Role.
	HasRole(r *http.Request, role roles.Role) bool

	// LoginURL returns the URL to visit if the user needs to log in.
	LoginURL(r *http.Request) string
}

Login provides information about the logged in status of http.Requests.

type Status

type Status struct {
	// EMail is the email address of the logged in user, or the empty string if
	// they are not logged in.
	EMail EMail `json:"email"`

	// All the Roles of the current user.
	Roles roles.Roles `json:"roles"`
}

Status describes the logged in status for a user. Email will be empty if the user is not logged in.

func GetStatus

func GetStatus(ctx context.Context) *Status

GetStatus returns the loggined in users email and roles from the context. If the user is not logged in then the empty session is returned, with an empty EMail address and empty Roles.