auth

package

v0.0.0-...-96fe679 Latest Latest Go to latest Published: Jun 9, 2014 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/paulmaddox/docker.directory

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func Authenticate(r *web.Request, db *mgo.Session) (*models.User, error)
func AuthenticateBasic(r *web.Request, db *mgo.Session) (*models.User, error)
func AuthenticateToken(r *web.Request, db *mgo.Session, user *models.User) (*models.User, error)
func Authorize(session *mgo.Session, user *models.User, request *web.Request) error
type WhitelistEntry

Constants ¶

This section is empty.

Variables ¶

View Source

var (

	// ErrNoDatabase is thrown if no database connection is present
	// during an authentication.
	ErrNoDatabase = errors.New("no database connection")

	// ErrAuthenticationRequired is thrown if no valid user authenticates
	// but authentication is required for the requested resource.
	ErrAuthenticationRequired = errors.New("authentication required")

	// ErrForbidden is thrown if a user is authenticated, but not
	// allowed to access the requested resource.
	ErrForbidden = errors.New("forbidden")

	// ErrInternalServerError is thrown if an internal problem occurs
	// during the authentication process at no fault of the requestor.
	ErrInternalServerError = errors.New("internal server error")
)

View Source

var Whitelist = []WhitelistEntry{

	{Method: "PUT", URL: regexp.MustCompile(`/v[0-9]+/users[/]?`)},
	{Method: "POST", URL: regexp.MustCompile(`/v[0-9]+/users[/]?`)},

	{Method: "GET", URL: regexp.MustCompile(`/v[0-9]+/_ping?`)},
}

Whitelist is an array of WhitelistEntry's for URLs that require no authentication or authorization.

Functions ¶

func Authenticate ¶

func Authenticate(r *web.Request, db *mgo.Session) (*models.User, error)

Authenticate is responsible for authenticating users. It current recognises both basic and token authentication (as used by the Docker client). It will either return nil,nil if no authentication is required for the page, or a user object if authentication succeeds, or an error if authentication is required but fails.

func AuthenticateBasic ¶

func AuthenticateBasic(r *web.Request, db *mgo.Session) (*models.User, error)

AuthenticateBasic attempts to authenticate users via basic auth

func AuthenticateToken ¶

func AuthenticateToken(r *web.Request, db *mgo.Session, user *models.User) (*models.User, error)

AuthenticateToken allows token based access to repositories rather than basic auth as per the Docker Registry & Index Spec

func Authorize ¶

func Authorize(session *mgo.Session, user *models.User, request *web.Request) error

Authorize checks whether an authenticated user is allowed to access the requested resource. Returns nil if allowed or an error if not

Types ¶

type WhitelistEntry ¶

type WhitelistEntry struct {
	Method string
	URL    *regexp.Regexp
}

WhitelistEntry is a URL matcher that is used to whitelist certain HTTP method/URLs. It comprises of a Method string (eg, GET) and a regexp for matching the URL.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL