Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // HAMCSecret used by the DefaultGenerateTokenFunc and DefaultParseTokenFunc functions for generating and parsing the token. HMACSecret = []byte("71eec4de2f7ea12a6533ff4abaf20e63a001b3a9") )
Functions ¶
func DefaultVerifyCredentialsFunc ¶
func DefaultVerifyCredentialsFunc(c Credentials) (bool, []byte, error)
DefaultVerifyCredentialsFunc always return true, please replace this handler.
Types ¶
type BearerToken ¶
type BearerToken string
BearerToken is the token from HTTP Authorization header.
func DefaultGenerateTokenFunc ¶
func DefaultGenerateTokenFunc(c Credentials, _ []byte) (BearerToken, error)
DefaultGenerateTokenFunc will generate a jwt based using HMACSecret, and it stores the provided Credentials as one of the claims with key as "creds". Note: This handler clears the password just to not to leak the sensitive information.
type Credentials ¶
type Credentials struct { // UserId is the unique identifier of an user. UserId string // Password is the secret to identify the user. Password string // Metadata is the any applicaton specific extra data. // Most common use case is to put a encoded json message in Metadata. Metadata []byte }
Credentials is a container used to store or pass around the user credentials.
func DefaultParseTokenFunc ¶
func DefaultParseTokenFunc(bt BearerToken, _ string) (Credentials, error)
DefaultParseTokenFunc parses the jwt using HMACSecret and returns the stored Credentials in the jwt claims. It must be used only with DefaultGenerateTokenFunc.
type GenerateTokenFunc ¶
type GenerateTokenFunc func(Credentials, []byte) (BearerToken, error)
GenerateTokenFunc is a handler to generate a token based on the provided user credentials.
type ParseTokenFunc ¶
type ParseTokenFunc func(BearerToken, string) (Credentials, error)
ParseTokenFunc is a handler to parse the user provided BearerToken and return the Credentials.
type ServiceImpl ¶
type ServiceImpl struct { VerifyCredentialsFunc VerifyCredentialsFunc GenerateTokenFunc GenerateTokenFunc ParseTokenFunc ParseTokenFunc }
ServiceImpl is an implementation of pb.LoginService
func New ¶
func New(v VerifyCredentialsFunc, g GenerateTokenFunc, t ParseTokenFunc) *ServiceImpl
New creates a new login service with provided handlers. If the nil handlers are given, they will be replaced with default handlers. When GenerateTokenFunc or ParseTokenFunc or one of them are nil, both the handlers will be replaces with default handlers. Do not forget to refer: DefaultVerifyCredentialsFunc, DefaultGenerateTokenFunc, DefaultParseTokenFunc.
func (*ServiceImpl) Authenticate ¶
func (s *ServiceImpl) Authenticate(ctx context.Context, in *pb.AuthenticateReq) (*pb.Credentials, error)
Authenticate calls the ParseTokenFunc with token, if anything wrong return codes.Unauthenticated error.
func (*ServiceImpl) Login ¶
func (s *ServiceImpl) Login(ctx context.Context, in *pb.Credentials) (*pb.TokenResponse, error)
Login
Step 1: Calls VerifyCredentialsFunc, anything wrong, returns codes.NotFound error. Step 2: Calls GenerateTokenFunc, anything wrong, return codes.Unauthenticated error. Step 3: Reponds with token.
type VerifyCredentialsFunc ¶
type VerifyCredentialsFunc func(Credentials) (bool, []byte, error)
VerifyCredentialsFunc is a handler to verify the client provided user credentials.