README
¶
Authentication Middleware for Go Standard HTTP library and Negroni
This is a library to provides secure authentication based in JWT tokens and a implementation to store the users and the hashed passwords
Features
- Authentication of the users via configurable store
net/httpcompatible- Negroni middleware
- Uses of JSON Web Tokens (JWT)
- JSON interface
Store support
- BoltDB
Example with standard library
package main
import (
"fmt"
"log"
"net/http"
"time"
"github.com/boltdb/bolt"
"github.com/dahernan/auth"
"github.com/dahernan/auth/jwt"
"github.com/dahernan/auth/store"
)
func main() {
// Using BoltDB to store the users
db, err := bolt.Open("usersdb", 0600, &bolt.Options{})
if err != nil {
log.Fatalln("Can not open the database", err)
}
defer db.Close()
boltStore, err := store.NewBoltStore(db, "users")
if err != nil {
log.Fatalln("Can not create bolt store", err)
}
// check github.com/dgrijalva/jwt-go for the JWT options
options := jwt.Options{
SigningMethod: "RS256",
PrivateKey: Private, // $ openssl genrsa -out app.rsa keysize
PublicKey: Public, // $ openssl rsa -in app.rsa -pubout > app.rsa.pub
Expiration: 60 * time.Minute,
}
// creates the route with Bolt and JWT options
authRoute := auth.NewAuthRoute(boltStore, options)
http.HandleFunc("/login", authRoute.Login)
http.HandleFunc("/signin", authRoute.Signin)
// protects this handle
http.Handle("/secure", authRoute.AuthHandlerFunc(SecurePlace))
http.ListenAndServe(":1212", nil)
}
func SecurePlace(w http.ResponseWriter, req *http.Request) {
userId := auth.GetUserId(req)
token := auth.GetToken(req)
fmt.Fprintf(w, "Hey %v you have a token %v", userId, token)
}
Example with Negroni
package main
import (
"fmt"
"log"
"net/http"
"time"
"github.com/codegangsta/negroni"
"github.com/julienschmidt/httprouter"
"github.com/boltdb/bolt"
"github.com/dahernan/auth"
"github.com/dahernan/auth/jwt"
"github.com/dahernan/auth/store"
)
func SecurePlace(w http.ResponseWriter, req *http.Request) {
userId := auth.GetUserId(req)
token := auth.GetToken(req)
fmt.Fprintf(w, "Hey %v you have a token %v", userId, token)
}
func main() {
// Using BoltDB to store the users
db, err := bolt.Open("usersdb", 0600, &bolt.Options{})
if err != nil {
log.Fatalln("Can not open the database", err)
}
defer db.Close()
boltStore, err := store.NewBoltStore(db, "users")
if err != nil {
log.Fatalln("Can not create bolt store", err)
}
// check github.com/dgrijalva/jwt-go for the JWT options
options := jwt.Options{
SigningMethod: "RS256",
PrivateKey: Private, // $ openssl genrsa -out app.rsa keysize
PublicKey: Public, // $ openssl rsa -in app.rsa -pubout > app.rsa.pub
Expiration: 60 * time.Minute,
}
authRoute := auth.NewAuthRoute(boltStore, options)
// authMicroservice
authMicro := httprouter.New()
authMicro.HandlerFunc("POST", "/login", authRoute.Login)
authMicro.HandlerFunc("POST", "/signin", authRoute.Signin)
n := negroni.Classic()
n.UseHandler(authMicro)
go n.Run(":1211")
// the App
router := httprouter.New()
router.HandlerFunc("GET", "/secure", SecurePlace)
app := negroni.Classic()
// Use the middleware to protect this app
app.Use(negroni.HandlerFunc(authRoute.AuthMiddleware))
app.UseHandler(router)
app.Run(":1212")
}
API
Signin
$ curl -XPOST "http://localhost:1212/signin" -d'
> {
> "email": "dahernan@dahernan.com",
> "password": "justTest123"
> }'
{"id":"dahernan@dahernan.com"}
Login
$ curl -XPOST "http://localhost:1212/login" -d'
> {
> "email": "dahernan@dahernan.com",
> "password": "justTest123"
> }'
{"token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0MjU0MDcyMTksImlhdCI6MTQyNTQwMzYxOSwic3ViIjoiZGFoZXJuYW5AZGFoZXJuYW4uY29tIn0.inRfTdlPZ4dKbHY2dHzTqmyBzLIW9_52oc8NFh_yfnrVEdCzfIAIHIVo_7cksUdUdQ4yMciy-JbuQc8hECx31a3RDNkH2iUSDaueZqM0nJaHsWdLAtO_8nz_zX6AqxPPP-cTb5Qjw3R8cmsrFTwpqTn7agDxgypn7NxFW67WIq_XcjH9Ev9VKFqC7AoV9wo2noX6l42JL_338UoNib3K--cUKTeJdCjygj-LH2TBobG9t3Wn55rFmr1oVfKMOTVx1eJpRl376tUemD-IXxCN0ZG788TLihLhXolbumnHzJ13AzriQEHTOc2GKtwT5M-DqEpj9lhV6uu6clPRFRs9O2PB82t4LkuhWra62-h9_R7fBaCN1-ni03RI-tXKUpWz1XFfcbHzCXzFOhl0fb_h_xpx-xEDKFbEE6JDQowxIIFNTIElv7kz0wke_QUddK1Lz--StMr2BS9Q3h3Xk1XC0dgHsSfZDvF-qbud-asUbaoaokNlsAm0kwUSMTJ_oBi1"}
GET Secure url without Token
$ curl -XGET "http://localhost:1212/secure"
Error no token is provided
GET Secure url with Token
$ curl -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0MjU0MDcyMTksImlhdCI6MTQyNTQwMzYxOSwic3ViIjoiZGFoZXJuYW5AZGFoZXJuYW4uY29tIn0.inRfTdlPZ4dKbHY2dHzTqmyBzLIW9_52oc8NFh_yfnrVEdCzfIAIHIVo_7cksUdUdQ4yMciy-JbuQc8hECx31a3RDNkH2iUSDaueZqM0nJaHsWdLAtO_8nz_zX6AqxPPP-cTb5Qjw3R8cmsrFTwpqTn7agDxgypn7NxFW67WIq_XcjH9Ev9VKFqC7AoV9wo2noX6l42JL_338UoNib3K--cUKTeJdCjygj-LH2TBobG9t3Wn55rFmr1oVfKMOTVx1eJpRl376tUemD-IXxCN0ZG788TLihLhXolbumnHzJ13AzriQEHTOc2GKtwT5M-DqEpj9lhV6uu6clPRFRs9O2PB82t4LkuhWra62-h9_R7fBaCN1-ni03RI-tXKUpWz1XFfcbHzCXzFOhl0fb_h_xpx-xEDKFbEE6JDQowxIIFNTIElv7kz0wke_QUddK1Lz--StMr2BS9Q3h3Xk1XC0dgHsSfZDvF-qbud-asUbaoaokNlsAm0kwUSMTJ_oBi1" -XGET "http://localhost:1212/secure"
Hey dahernan@dahernan.com you have a token
Documentation
¶
Index ¶
- Constants
- func GetToken(r *http.Request) string
- func GetUserId(r *http.Request) string
- func RequestToJsonObject(req *http.Request, jsonDoc interface{}) error
- type AuthRoute
- func (a *AuthRoute) AuthHandler(h http.Handler) http.Handler
- func (a *AuthRoute) AuthHandlerFunc(next http.HandlerFunc) http.Handler
- func (a *AuthRoute) AuthMiddleware(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
- func (a *AuthRoute) Login(w http.ResponseWriter, req *http.Request)
- func (a *AuthRoute) RefreshToken(w http.ResponseWriter, req *http.Request)
- func (a *AuthRoute) Signin(w http.ResponseWriter, req *http.Request)
Constants ¶
View Source
const ( TokenKey = "token" UserKey = "user" )
Variables ¶
This section is empty.
Functions ¶
func RequestToJsonObject ¶
Types ¶
type AuthRoute ¶
type AuthRoute struct {
// contains filtered or unexported fields
}
func NewAuthRoute ¶
func NewAuthRoute(store store.UserRepository, opt jwt.Options) *AuthRoute
func (*AuthRoute) AuthHandler ¶
Auth Handler for net/http
func (*AuthRoute) AuthHandlerFunc ¶
func (a *AuthRoute) AuthHandlerFunc(next http.HandlerFunc) http.Handler
func (*AuthRoute) AuthMiddleware ¶
func (a *AuthRoute) AuthMiddleware(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
Auth middleware for negroni
func (*AuthRoute) RefreshToken ¶
func (a *AuthRoute) RefreshToken(w http.ResponseWriter, req *http.Request)
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Godeps
|
|
|
_workspace/src/github.com/boltdb/bolt
Package bolt implements a low-level key/value store in pure Go.
|
Package bolt implements a low-level key/value store in pure Go. |
|
_workspace/src/github.com/dgrijalva/jwt-go
Package jwt is a Go implementation of JSON Web Tokens: http://self-issued.info/docs/draft-jones-json-web-token.html See README.md for more info.
|
Package jwt is a Go implementation of JSON Web Tokens: http://self-issued.info/docs/draft-jones-json-web-token.html See README.md for more info. |
|
_workspace/src/github.com/dgrijalva/jwt-go/cmd/jwt
A useful example app.
|
A useful example app. |
|
_workspace/src/github.com/gorilla/context
Package context stores values shared during a request lifetime.
|
Package context stores values shared during a request lifetime. |
|
_workspace/src/golang.org/x/crypto/pbkdf2
Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC 2898 / PKCS #5 v2.0.
|
Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC 2898 / PKCS #5 v2.0. |
|
_workspace/src/golang.org/x/crypto/scrypt
Package scrypt implements the scrypt key derivation function as defined in Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard Functions" (http://www.tarsnap.com/scrypt/scrypt.pdf).
|
Package scrypt implements the scrypt key derivation function as defined in Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard Functions" (http://www.tarsnap.com/scrypt/scrypt.pdf). |
Click to show internal directories.
Click to hide internal directories.