Documentation ¶
Index ¶
Constants ¶
View Source
const (
// AuthHeaderKey helps to obtain authorization header matching the field in a request
AuthHeaderKey = "authorization"
)
Variables ¶
Functions ¶
This section is empty.
Types ¶
type AuthenticationDB ¶
type AuthenticationDB interface { // AddUser adds new user with name, password and permission groups. Password should be already hashed. AddUser(name, password string, permissions []string) error // GetUser returns user data according to name, or nil of not found GetUser(name string) (*User, error) // Authenticate authenticates user with password. Authenticate(name, password string) error // SetLoginTime writes last login time for specific user SetLoginTime(name string) // SetLogoutTime writes last logout time for specific user SetLogoutTime(name string) // IsLoggedOut uses login/logout timestamps to evaluate whether the user was logged out IsLoggedOut(name string) (bool, error) }
AuthenticationDB is common interface to access user database/permissions
func CreateDefaultAuthDB ¶
func CreateDefaultAuthDB(cost int) AuthenticationDB
CreateDefaultAuthDB builds new default storage
type AuthenticatorAPI ¶
type AuthenticatorAPI interface { // RegisterHandlers registers authenticator handlers to router. RegisterHandlers(router *mux.Router) // AddPermissionGroup adds new permission group. PG is defined by name and // a set of URL keys. User with permission group enabled has access to that // set of keys. PGs with duplicated names are skipped. AddPermissionGroup(group ...*access.PermissionGroup) // Validate provides middleware used while registering new HTTP handler. // For every request, token and permission group is validated. Validate(h http.Handler) http.Handler // AuthorizeRequest tries to authorize user from request. AuthorizeRequest(r *http.Request) (user string, err error) // IsPermitted checks if user is permitted to access URL from request. IsPermitted(user string, r *http.Request) error }
AuthenticatorAPI provides methods for handling permissions
func NewAuthenticator ¶
func NewAuthenticator(opt *Settings, log logging.Logger) AuthenticatorAPI
NewAuthenticator prepares new instance of authenticator.
type Settings ¶
type Settings struct { // Router Router *mux.Router // Authentication database, default implementation is used if not set AuthStore AuthenticationDB // List of registered users Users []access.User // Expiration time (token claim). If not set, default value of 1 hour will be used. ExpTime time.Duration // Cost value used to hash user passwords Cost int // Custom token sign key. If not set, default value will be used. SignKey string }
Settings defines fields required to instantiate authenticator
Click to show internal directories.
Click to hide internal directories.