README
¶
golang-nanoauth
Nanoauth provides a uniform means of serving HTTP/S for golang projects securely. It allows the specification of a certificate (or generates one) as well as an auth token which is checked before the request is processed.
Quickstart
Import and serve
main.go
package main import ( "net/http" "fmt" "io" "github.com/nanobox-io/golang-nanoauth" ) func main() {> http.HandleFunc("/", func(rw http.ResponseWriter, req *http.>Request) { io.WriteString(rw, "World, Hello!\n") }) fmt.Printf("Stopped serving! - %v\n", nanoauth.ListenAndServe("127.0.0.1:8081", "$ECRET", nil)) }
Test
$ curl localhost:8081 -i
# HTTP/1.1 401 Unauthorized
# Date: Thu, 09 Jun 2016 22:18:55 GMT
# Content-Length: 0
# Content-Type: text/plain; charset=utf-8
$ curl -H 'X-NANOBOX-TOKEN: $ECRET' localhost:8081 -i
# HTTP/1.1 200 OK
# Date: Thu, 09 Jun 2016 22:27:24 GMT
# Content-Length: 14
# Content-Type: text/plain; charset=utf-8
#
# World, hello!
Usage
Generate a cert and customize auth the token header
...
cert, _ := nanoauth.Generate("logvac.nanopack.io")
auth := nanoauth.Auth{
Header: "X-AUTH-TOKEN",
Certificate: cert,
}
return auth.ListenAndServeTLS(config.ListenHttp, "secret", router, "/")
...
Contributing
Contributions to the nanobox-router project are welcome and encouraged. Contributions should follow the Nanobox Contribution Process & Guidelines.
Documentation
¶
Overview ¶
Package nanoauth provides a uniform means of serving HTTP/S for golang projects securely. It allows the specification of a certificate (or generates one) as well as an auth token which is checked before the request is processed.
Index ¶
- Variables
- func Generate(host string) (*tls.Certificate, error)
- func ListenAndServe(addr, token string, h http.Handler, excludedPaths ...string) error
- func ListenAndServeTLS(addr, token string, h http.Handler, excludedPaths ...string) error
- func Load(certFile, keyFile, password string) (*tls.Certificate, error)
- type Auth
Examples ¶
Constants ¶
This section is empty.
Variables ¶
var ( // DefaultAuth is the default Auth object DefaultAuth = &Auth{} )
Functions ¶
func Generate ¶
func Generate(host string) (*tls.Certificate, error)
Generate is a helper function which generates a tls.Certificate for serving TLS requests.
func ListenAndServe ¶
ListenAndServe is a shortcut function which uses the default one
Example ¶
http.HandleFunc("/", func(rw http.ResponseWriter, req *http.Request) {
io.WriteString(rw, "World, Hello!\n")
})
nanoauth.ListenAndServe("127.0.0.1:80", "secret", nil)
Output:
func ListenAndServeTLS ¶
ListenAndServeTLS is a shortcut function which uses the default one
Example ¶
http.HandleFunc("/", func(rw http.ResponseWriter, req *http.Request) {
io.WriteString(rw, "World, Hello!\n")
})
cert, _ := nanoauth.Generate("nanoauth.nanopack.io")
nanoauth.DefaultAuth.Header = "X-AUTH-TOKEN"
nanoauth.DefaultAuth.Certificate = cert
nanoauth.ListenAndServeTLS("127.0.0.1:443", "secret", nil)
Output:
Types ¶
type Auth ¶
type Auth struct {
Header string // Header is the authentication token's header name
Certificate *tls.Certificate // Certificate is the tls.Certificate to serve requests with
ExcludedPaths []string // ExcludedPaths is a list of paths to be excluded from being authenticated
Token string // Token is the security/authentication string to validate by
// contains filtered or unexported fields
}
Auth is a structure containing listener information
func (*Auth) ListenAndServe ¶
ListenAndServe starts a normal tcp listener and handles serving http while still validating the auth token.
Source Files