README
¶
Authentification service
Use the Dockerfile
docker build
Compile/Run (manualy)
cd server
go build
./server
Configuration via Environment variables
The EXTERNAL_URL is used for setting the link in the token validation email.
EXTERNAL_URL="http://localhost:8080"
PORT=8080
RABBITMQ_URI="amqps://guest:guest@rabbit:5671"
POSTGRESQL_URI="postgresql://postgres:yicpass@db:5432/yic_auth?sslmode=disable"
ADMIN_USERNAME="admin"
ADMIN_PASSWORD="admin"
#TLS_CERT=cert.pem
#TLS_KEY=key.pem
#EXPIRATION_VALIDATION="24h"
#EXPIRATION_APP_TOKEN="8760h"
Generate of the swagger doc
Install go-swagger https://goswagger.io/install.html then generate the swagger specification
cd server
swagger generate spec -o swagger.json
To quick show the doc
swagger serve swagger.json
Documentation
¶
Overview ¶
Package auth provide user Account authentification and authorization service
Index ¶
Constants ¶
const CookieSessionName = "session_token"
CookieSessionName of the token
Variables ¶
This section is empty.
Functions ¶
func Middleware ¶
func Middleware(valid ValidSession, wanted Roles) func(next echo.HandlerFunc) echo.HandlerFunc
Middleware handle the authentifiaction and authorization of the request. It accept http header or cookie. If the session is valid an auth.Account is put in the echo.Context in the key "account".
Types ¶
type Account ¶
type Account struct {
//swagger:strfmt uuid
ID uuid.UUID `json:"id,omitempty"`
//swagger:strfmt email
Email string `json:"email,omitempty"`
Validated bool `json:"validated,omitempty"`
CreatedAt time.Time `json:"created_at,omitempty"`
}
Account represent an user account
type AppToken ¶
type AppToken struct {
//example: qNNDZeWVFAOYZw_gCX7M2csgR_8W5HpnSWV2i8MZC68
Token string `json:"app_token,omitempty"`
//example: NESGQUHmUFdLaVjBH39
ValidToken string `json:"validation_token,omitempty"`
Name string `json:"name,omitempty"`
//example: sensor
Type string `json:"type,omitempty"`
Roles Roles `json:"roles,omitempty"`
//swagger:strfmt uuid
AID uuid.UUID `json:"account_id,omitempty"`
Account *Account `json:"account,omitempty"`
CreatedAt time.Time `json:"created_at,omitempty"`
UpdatedAt time.Time `json:"updated_at,omitempty"`
ExpiredAt time.Time `json:"expired_at,omitempty"`
}
AppToken represent an app token.
It is associated to an Account and provide access to different API via roles. An AppToken must be validate, it can be named. To revoke simply delete it or set the ExpiredAt to past or current time.
swagger:response appToken
type ValidSession ¶
ValidSession is an interface to abstract the way a session token is authentificated
func NewValidAMQPCache ¶
func NewValidAMQPCache(conn *amqp.Connection, wanted Roles, fallback ValidSession) (ValidSession, error)
NewValidAMQPCache accept or refuse the request base on the validity of the token and the associated roles attached to it.
It listen for new token to be emit on an amqp channel and keep a local cache. At startup it retrive every token that satisfy the wanted roles.
func NewValidHTTP ¶
func NewValidHTTP(url string) ValidSession
NewValidHTTP autheticate a token by checking to a remote HTTP auth service
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Authentification service Schemes: http, https Host: localhost:2020 Version: 0.0.1 Consumes: - application/json Produces: - application/json swagger:meta
|
Authentification service Schemes: http, https Host: localhost:2020 Version: 0.0.1 Consumes: - application/json Produces: - application/json swagger:meta |