README
¶
Pocketbase Auth Library
Currently supports the following:
- pocketbase 0.8.0
- Header Auth
/api/meendpoint for current user
Installation
go get github.com/kennethklee/pb-auth
Usage
package main
import (
"fmt"
"os"
"github.com/fatih/color"
"github.com/kennethklee/pb-auth"
"github.com/pocketbase/pocketbase"
"github.com/pocketbase/pocketbase/core"
)
func main() {
pb := pocketbase.New()
pb.OnBeforeServe().Add(func(e *core.ServeEvent) error {
bold := color.New(color.Bold).Add(color.FgGreen)
bold.Println("> Auth Config")
headerAuthConfig := getHeaderAuthConfig()
if headerAuthConfig.IsValid() {
fmt.Println(" - Header auth enabled")
} else {
fmt.Println(" - Header auth disabled")
}
auth.InstallHeaderAuth(e.App, e.Router, headerAuthConfig)
auth.InstallAPIMeEndpoint(e.Router)
return nil
})
pb.Start()
}
func getHeaderAuthConfig() auth.HeaderAuthConfig {
headerAuthConfig := auth.HeaderAuthConfig{
EmailHeader: "X-Auth-Email",
NameHeader: "X-Auth-Name",
AutoCreateUser: true,
}
// when not running `APP_ENV=production`, only local, force email and name
if os.Getenv("APP_ENV") != "production" {
headerAuthConfig.ForceEmail = "local@mycompany.com"
headerAuthConfig.ForceName = "Local User"
}
return headerAuthConfig
}
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuthenticateUser ¶ added in v1.4.0
AuthenticateUser is a helper function that authenticates a user via email. If the user doesn't exist, it will optionally create a new user (HeaderAuthConfig.AutoCreateUser).
func InstallAPIMeEndpoint ¶
Installs an `/api/me` endpoint
func InstallHeaderAuth ¶
func InstallHeaderAuth(app core.App, router *echo.Echo, config HeaderAuthConfig)
Header auth enables you to authenticate users and admins via HTTP headers. This is useful when you want to authenticate users via a proxy server. For example, you can use [caddy](https://caddyserver.com/) to authenticate users via SAML and pass the user's email to the backend via a header.
Types ¶
type HeaderAuthConfig ¶
type HeaderAuthConfig struct {
// The header name that contains the user's email address.
EmailHeader string
// The header name that contains the user's name.
NameHeader string
// Checks for admin users first
AdminLogin bool
// If true, automatically create a user if they don't exist.
AutoCreateUser bool
// If AutoCreateUser is true, this is a map of the user's fields to the header
AutoCreateFieldMapping map[string]string
// Dev only: Force the email address to this value.
ForceEmail string
// Dev only: Force the name to this value.
ForceName string
// Dev only: Force the username to this value.
ForceUsername string
}
func HeaderAuthConfigFromEnv ¶
func HeaderAuthConfigFromEnv() HeaderAuthConfig
func (*HeaderAuthConfig) GetEmailFromHeader ¶
func (config *HeaderAuthConfig) GetEmailFromHeader(reqHeader http.Header) string
func (*HeaderAuthConfig) GetFieldsFromHeader ¶ added in v1.2.0
func (config *HeaderAuthConfig) GetFieldsFromHeader(reqHeader http.Header) map[string]string
func (*HeaderAuthConfig) GetNameFromHeader ¶
func (config *HeaderAuthConfig) GetNameFromHeader(reqHeader http.Header) string
func (HeaderAuthConfig) IsValid ¶
func (c HeaderAuthConfig) IsValid() bool
Source Files
Click to show internal directories.
Click to hide internal directories.