api

package
v0.0.0-...-1eed7ee Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 5, 2017 License: MIT Imports: 12 Imported by: 0

README

BreadTech User REST API

User
id             bson.ObjectID
username       string
password       string
email          string
role           int
Task

This is a non-existent data model, but for the sake of providing some context of user permissions, imagine that it is some object that has a one-to-many relationship with the user.

Permissions

CreateUser:
  can create user
ModifySelfTasks:
  can view/modify self
  can CRUD tasks where task.user_id = self
ModifyAllUsers: 
  can CRUD all users
ModifyAllUsersRestricted:
  like ModifyAllUsers except:
    cannot modify users where role = Admin
    cannot modify user.role
ViewAllTasks:
  can read all tasks
ModifyAllTasks: 
  can CRUD all tasks

Roles

Anon: CreateUser
User: ModifySelfTasks
Manager: User + ModifyAllUserRestricted + ViewAllTasks
Admin: Manager + ModifyAllUsers + ModifyAllTasks

API

all routes mounted on /api/v1

GET /service/ping
  • allows: All
  • details: healthcheck endpoint reporting version
GET /login
  • allows: All
  • details: presents authenticated user with 1 hr jwt session
  • requires: BasicAuth
GET /users
  • allows: Manager, Admin
  • details: retrieves all users
  • requires: Bearer JWT Auth
POST /users
  • allows: Anon, Manager, Admin
  • details: creates a user
  • requires: Bearer JWT Auth
GET /users/:userID
  • allows: User*, Manager, Admin
  • details: retrieves a user by id
  • requires: Bearer JWT Auth
PATCH /users/:userID
  • allows: User*, Manager, Admin
  • details: updates a user by field
  • requires: Bearer JWT Auth
DELETE /users/:userID
  • allows: User*, Manager, Admin
  • details: deletes a user and all associated tasks
  • requires: Bearer JWT Auth

[^*]: only allowed for resources owned by that role's user

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AuthenticateJWT 

func AuthenticateJWT(authString string) (string, error)

AuthenticateJWT ensures that input jwt string matches 

signature of secret and is valid within the given time
returns aud field (username)

func DeleteUser 

func DeleteUser(c echo.Context) error

func DoJWTAuth 

func DoJWTAuth(next echo.HandlerFunc) echo.HandlerFunc

DoJWTAuth is a middleware function that will try to 

validate the Authorization:Bearer token and fetch the
corresponding user

func GetLogin 

func GetLogin(c echo.Context) error

func GetUserByUserID 

func GetUserByUserID(c echo.Context) error

func GetUsers 

func GetUsers(c echo.Context) error

GetUsers retrieves all users 

available to roles with ModifyAllUsersRestricted permission

func New 

func New() *echo.Echo

func NewJWTSession 

func NewJWTSession(user string) (string, error)

NewJWTSession creates a jwt token with 

aud = user
exp = now + sessionDuration
iss = now

func PatchUser 

func PatchUser(c echo.Context) error

func PostUsers 

func PostUsers(c echo.Context) error

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.