Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Authorizer ¶
Authz is a middleware that controls the access to the HTTP service, it is based on Casbin, which supports access control models like ACL, RBAC, ABAC. The plugin determines whether to allow a request based on (user, path, method). user: the authenticated user name. path: the URL for the requested resource. method: one of HTTP methods like GET, POST, PUT, DELETE.
This middleware should be inserted fairly early in the middleware stack to protect subsequent layers. All the denied requests will not go further.
It's notable that this middleware should be behind the authentication (e.g., HTTP basic authentication, OAuth), so this plugin can get the logged-in user name to perform the authorization.
Types ¶
This section is empty.