basic

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 20, 2026 License: MIT Imports: 4 Imported by: 0

Documentation

Overview

Package basic provides Basic Authentication verification using bcrypt hashed passwords or a custom validator function.

Concurrency: All exported functions and types are safe for concurrent use. The Verifier does not mutate any shared state after construction.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrInvalidCredentials is returned when the username/password combination is incorrect.
	ErrInvalidCredentials = errors.New("invalid credentials")
	// ErrBasicAuthDisabled is returned when Basic Auth verification is attempted but not enabled.
	ErrBasicAuthDisabled = errors.New("basic auth is not enabled")
	// ErrNoCredentialSource is returned when neither Users map nor Validator is configured.
	ErrNoCredentialSource = errors.New("no credential source configured")
)

Predefined errors for Basic Auth verification.

Functions

This section is empty.

Types

type Config 

type Config struct {
	// Enabled controls whether Basic Auth verification is active.
	Enabled bool

	// Users maps usernames to bcrypt-hashed passwords.
	// Passwords must be bcrypt hashes (e.g., output of bcrypt.GenerateFromPassword).
	// Storing plaintext passwords here is a security violation.
	Users map[string]string

	// Validator is an optional custom validation function.
	// When set, it takes priority over the Users map.
	// The function must return (true, nil) for valid credentials,
	// (false, nil) for invalid credentials, or (false, err) on internal error.
	Validator func(ctx context.Context, username, password string) (bool, error)

	// Realm is the authentication realm returned in WWW-Authenticate headers.
	// If empty, defaults to "Restricted".
	Realm string
}

Config configures the Basic Auth verifier.

If Validator is set, it takes priority over the Users map. If only Users is set, passwords are compared using bcrypt. Realm is used for the WWW-Authenticate header value; defaults to "Restricted" if empty.

type Verifier 

type Verifier struct {
	// contains filtered or unexported fields
}

Verifier performs Basic Auth credential verification.

Concurrency: Verifier is safe for concurrent use. It does not mutate state after construction. Zero-value is not usable; create via NewVerifier.

func NewVerifier 

func NewVerifier(cfg Config) (*Verifier, error)

NewVerifier creates a new Basic Auth verifier from the provided Config.

Returns ErrBasicAuthDisabled if cfg.Enabled is false. Returns ErrNoCredentialSource if neither Users nor Validator is configured.

func (*Verifier) Realm 

func (v *Verifier) Realm() string

Realm returns the configured authentication realm.

func (*Verifier) Verify 

func (v *Verifier) Verify(ctx context.Context, username, password string) error

Verify checks the provided username and password.

If a custom Validator is configured, it is used exclusively. Otherwise, the Users map is consulted with bcrypt comparison.

Returns nil on success, or an error describing the failure. On invalid credentials, the returned error wraps ErrInvalidCredentials.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.