Documentation ¶
Index ¶
Constants ¶
const ( // NonceHeader should always be used to add or check the nonce in a request // instead of X-Authentication-Nonce, to ensure consistency. NonceHeader = "X-Authentication-Nonce" // TokenHeader should likewise always be used in place of // X-Authentication-Token to ensure consistency TokenHeader = "X-Authentication-Token" )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AuthHandler ¶
AuthHandler ensures that HTTP requests contain a valid nonce and token using the correct format for nonces and tokens and a map of public to private keys
func (*AuthHandler) ServeHTTP ¶
func (middleware *AuthHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
ServeHTTP confirms that an HTTP request contains a valid nonce and token
type Nonce ¶
type Nonce struct {
// contains filtered or unexported fields
}
Nonce is the non-hashed value passed in an authenticated request, and contains information to determine if the request is expired or not. The Nonce value expires to deter copycat attacks.
func MakeNonce ¶
MakeNonce constructs a new Nonce using a given request time, duration, and public key. The duration is added to the request time to get the expiration time.
func MakeNonceWithUnixTime ¶
MakeNonceWithUnixTime creates a new Nonce, but accepts times given in Unix Epoch format.
type Token ¶
type Token struct {
// contains filtered or unexported fields
}
Token is the hashed value in an authenticated request, and contains a nonce and a private key. Token needs a nonce so that the server can validate not just that the private key is valid, but also that the hashed value is from a non-expired request.