README
¶
Auth
Installation
go get bitbucket.org/amotus/[email protected]
Usages
package main
import (
"bitbucket.org/amotus/auth"
"bitbucket.org/amotus/auth/oauth"
"bitbucket.org/amotus/oauth/cache"
"bitbucket.org/amotus/oauth/config"
"bitbucket.org/amotus/cache/redis"
"github.com/go-chi/chi"
)
func main() {
cache := redis.New(config.Redis)
oauthServer := oauth.New(config.Services.OAuth, cache)
authService := auth.New(oauthServer, auth.WithInsecureCookie())
router := chi.NewRouter()
router.Route("/app", func (r chi.Router) {
//Use the auth middleware to add the user session to the route
r.Use(auth.Middleware(authService))
r.Get("/", testCaseController.Index)
})
}
In a controller:
if auth := Auth.FromContext(r.Context()); auth == nil || auth.Disallow("list", "project", -1) {
c.View.Error(w, "403")
return
}
Change Log
v1.0.0 (2023-12-05)
Added
Validate function to validate a user's permission
ok := auth.Validate(gates.Can("list", ""))
The Validate function will return a boolean value indicating if the user has the permission or not. The function also allow mixing ownship of container with permission check like so:
ok := auth.Validate(gates.Can("store", "project"), gates.In("project", 2))
Modified
The User model has been split into multiple model and struct. All permissions checking logic is now inside Gates.
License
Proprietary © Dimonoff
Maintainers
Documentation
¶
Index ¶
- func Middleware(auth AuthService) func(handler http.Handler) http.Handler
- func ToContext(ctx context.Context, auth AuthService) context.Context
- type Auth
- func (a *Auth) Allow(permissionName string, containerName string, containerItemId int64) bool
- func (a *Auth) Disallow(permissionName string, containerName string, containerItemId int64) bool
- func (a *Auth) Fresh() AuthService
- func (a *Auth) Init(token string) user.User
- func (a *Auth) Login(w http.ResponseWriter, r *http.Request)
- func (a *Auth) Logout(w http.ResponseWriter, r *http.Request, redirectTo string)
- func (a *Auth) OnOAuthCallback(w http.ResponseWriter, r *http.Request) (http.ResponseWriter, error)
- func (a *Auth) Token() string
- func (a *Auth) User() user.User
- func (a *Auth) Validate(gateFunc ...gates.GateConfigFunc) bool
- type AuthService
- type ConfigFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Middleware ¶
func Middleware(auth AuthService) func(handler http.Handler) http.Handler
Types ¶
type Auth ¶
type Auth struct {
// contains filtered or unexported fields
}
func (*Auth) Fresh ¶ added in v1.1.0
func (a *Auth) Fresh() AuthService
func (*Auth) OnOAuthCallback ¶
func (a *Auth) OnOAuthCallback(w http.ResponseWriter, r *http.Request) (http.ResponseWriter, error)
type AuthService ¶
type AuthService interface {
User() user.User
Token() string
Init(string) user.User
Validate(gateFunc ...gates.GateConfigFunc) bool
Allow(permissionName string, containerName string, containerItemId int64) bool
Disallow(permissionName string, containerName string, containerItemId int64) bool
OnOAuthCallback(w http.ResponseWriter, r *http.Request) (http.ResponseWriter, error)
Login(w http.ResponseWriter, r *http.Request)
Logout(w http.ResponseWriter, r *http.Request, redirectTo string)
// Fresh returns a new instance of AuthService with the same configuration, this is a quick fix, this package needs to be refactored
Fresh() AuthService
}
func FromContext ¶
func FromContext(ctx context.Context) AuthService
func New ¶
func New(oauth oauth.OAuthService, configs ...ConfigFunc) AuthService
type ConfigFunc ¶
type ConfigFunc func(*Auth)
func MockRoleSystem ¶ added in v1.1.1
func MockRoleSystem(rs permissions.RoleSystem) ConfigFunc
func MockUser ¶ added in v1.1.1
func MockUser(u user.User) ConfigFunc
func WithInsecureCookie ¶
func WithInsecureCookie() ConfigFunc
func WithSessionMaxAge ¶
func WithSessionMaxAge(maxAge time.Duration) ConfigFunc
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.