auth

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 19, 2018 License: MIT Imports: 23 Imported by: 0

Documentation

Overview

Package auth provides oauth2 support as well as related middlewares.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authenticator 

type Authenticator struct {
	JWTService *JWT
	Providers  []Provider
	Admins     []string
	AdminEmail string
	DevPasswd  string
}

Authenticator is top level auth object providing middlewares

func (*Authenticator) AdminOnly 

func (a *Authenticator) AdminOnly(next http.Handler) http.Handler

AdminOnly allows access to admins

func (*Authenticator) Auth 

func (a *Authenticator) Auth(reqAuth bool) func(http.Handler) http.Handler

Auth middleware adds auth from session and populates user info

type CustomClaims 

type CustomClaims struct {
	jwt.StandardClaims
	User *store.User `json:"user,omitempty"`

	// state and from used for oauth handshake
	State       string `json:"state,omitempty"`
	From        string `json:"from,omitempty"`
	SiteID      string `json:"site_id,omitempty"`
	SessionOnly bool   `json:"sess_only,omitempty"`
}

CustomClaims stores user info for auth and state & from from login

type JWT 

type JWT struct {
	// contains filtered or unexported fields
}

JWT wraps jwt operations supports both header and cookie jwt

func NewJWT 

func NewJWT(secret string, secureCookies bool, exp time.Duration) *JWT

NewJWT makes JWT service

func (*JWT) Get 

func (j *JWT) Get(r *http.Request) (*CustomClaims, error)

Get jwt from header or cookie if cookie used, verify xsrf token to match

func (*JWT) Parse 

func (j *JWT) Parse(tokenString string) (*CustomClaims, error)

Parse token string and verify

func (*JWT) Refresh 

func (j *JWT) Refresh(w http.ResponseWriter, r *http.Request) (*CustomClaims, error)

Refresh gets jwt from request, checks if it will be expiring soon (1/2 of expiration) and create the new onw

func (*JWT) Reset 

func (j *JWT) Reset(w http.ResponseWriter)

Reset token's cookies

func (*JWT) Set 

func (j *JWT) Set(w http.ResponseWriter, claims *CustomClaims, sessionOnly bool) error

Set creates jwt cookie with xsrf cookie and put it to ResponseWriter accepts claims and sets expiration if none defined. permanent flag means long-living cookie, false makes it session only.

func (*JWT) Token 

func (j *JWT) Token(claims *CustomClaims) (string, error)

Token makes jwt with claims

type Params 

type Params struct {
	RemarkURL    string
	AvatarProxy  *proxy.Avatar
	JwtService   *JWT
	IsVerifiedFn func(siteID string, userID string) bool
	SecretKey    string
	Admins       []string
	Cid          string
	Csecret      string
}

Params to make initialized and ready to use provider

type Provider 

type Provider struct {
	Params
	Name        string
	RedirectURL string
	InfoURL     string
	Endpoint    oauth2.Endpoint
	Scopes      []string
	MapUser     func(userData, []byte) store.User // map info from InfoURL to User
	// contains filtered or unexported fields
}

Provider represents oauth2 provider

func NewFacebook 

func NewFacebook(p Params) Provider

NewFacebook makes facebook oauth2 provider

func NewGithub 

func NewGithub(p Params) Provider

NewGithub makes github oauth2 provider

func NewGoogle 

func NewGoogle(p Params) Provider

NewGoogle makes google oauth2 provider

func NewYandex 

func NewYandex(p Params) Provider

NewYandex makes yandex oauth2 provider

func (Provider) LogoutHandler 

func (p Provider) LogoutHandler(w http.ResponseWriter, r *http.Request)

LogoutHandler - GET /logout

func (Provider) Routes 

func (p Provider) Routes() chi.Router

Routes returns auth routes for given provider

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.