Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func SecureEndpointHTTPMiddleware ¶
func SecureEndpointHTTPMiddleware(next http.Handler, db database.DatabaseAccessor, opts ...EndpointSecurityOptions) http.Handler
Types ¶
type EndpointSecurityBasicAuth ¶ added in v0.2.0
func (EndpointSecurityBasicAuth) Middleware ¶ added in v0.2.0
func (e EndpointSecurityBasicAuth) Middleware(next http.HandlerFunc) http.HandlerFunc
type EndpointSecurityCustomMiddleware ¶ added in v0.3.0
type EndpointSecurityCustomMiddleware func(users.LocksmithUserInterface, database.DatabaseAccessor) int
Returns int (status code) Will only let the request continue if the status is "200"
type EndpointSecurityOptions ¶
type EndpointSecurityOptions struct { // Specify required permissions to hit the endpoint // Handlers can check permissions by themselves after this point // for any conditional requirements. MinimalPermissions []string // Eventually, add: // AllowAPITokens bool // If enabled, the API Key Management system will validate the permissions of the token BasicAuth EndpointSecurityBasicAuth // If you'd like to unwrap the Locksmith // context user into some other LocksmithUserInterface, // type it ehre. CustomUser users.LocksmithUserInterface // After initial confirmation of a user is confirmed, // you can use this function to validate endpoint-specific // validations. SecondaryValidation EndpointSecurityCustomMiddleware // PrioritizeMagic determines the precedence of authentication methods within the SecureEndpointMiddleware. // By default, a logged-in user's session (via the `token` cookie) is prioritized over the Magic Authentication Code (`magic` cookie). // Setting this to `true` gives preference to the `magic` cookie, even if a valid `token` cookie exists. // Please note that this action will revoke any permissions not explicitly specified in the `magic` cookie. PrioritizeMagic bool // Optionally, rate limit the endpoint. RateLimit *ratelimits.RateLimiter }
Click to show internal directories.
Click to hide internal directories.