README
¶
Juno
Under Construction A Permissions based authorization and authentication package for web apps.
Documentation
¶
Index ¶
- Constants
- Variables
- type AuthRepo
- type Authenticator
- type Authorizer
- func (mngr *Authorizer) AddPermission(p Permission) Permission
- func (mngr *Authorizer) AssignPermissionToRole(role Role, perm Permission) error
- func (mngr *Authorizer) CreateRole(r Role) (Role, error)
- func (mngr *Authorizer) CreateSuperAdmin(r Role) error
- func (mngr *Authorizer) GetPermissions() ([]Permission, error)
- func (mngr *Authorizer) GetRoles() ([]Role, error)
- func (mngr *Authorizer) Granted(role UserRole, p Permission) bool
- func (mngr *Authorizer) RevokePermissionFromRole(role Role, perm Permission) error
- type CookieProvider
- type Credentials
- type Permission
- type Permissions
- type Role
- type RolePermission
- type Roles
- type Session
- type SessionProvider
- type StdCookieProvider
- type StdPermission
- type StdRole
- type StdSession
- func (s *StdSession) Delete(key string)
- func (s *StdSession) Expired() bool
- func (s *StdSession) Get(key string) (interface{}, bool)
- func (s *StdSession) ReplaceStore(store map[string]interface{})
- func (s *StdSession) SessionID() string
- func (s *StdSession) Set(key string, value interface{})
- func (s *StdSession) Store() map[string]interface{}
- func (s *StdSession) StoreDirty() bool
- type StdUser
- type StdUserRole
- type User
- type UserAuthRepo
- type UserRole
Constants ¶
const USER_ID_SESSION_KEY = "userid"
Variables ¶
var ( ErrNoSessionID = errors.New("Cookie does not have valid session id") ErrInvalidSessionID = errors.New("Session ID present is not valid") ErrSessionExpired = errors.New("Your session has expired.") )
var ( //ErrInvalidCredentials to be returned for invalid credentials ErrInvalidCredentials = errors.New("The provided credentials are not valid.") )
Functions ¶
This section is empty.
Types ¶
type AuthRepo ¶
type AuthRepo interface {
GetPermissions() ([]Permission, error)
GetPermission(Permission) (Permission, error)
CreatePermission(Permission) (Permission, error)
GetRoles() ([]Role, error)
GetRole(Role) (Role, error)
CreateRole(Role) (Role, error)
GetRolePermissions() ([]RolePermission, error)
AssignPermissionToRole(Role, Permission) error
RevokePermissionFromRole(Role, Permission) error
}
AuthRepo is an interface that should be implemented by a repository that provides persistance to the data used in an Authorizer
type Authenticator ¶
type Authenticator struct {
// contains filtered or unexported fields
}
The Authenticator is used to login in users, encrypt passwords, and validate users are authenticated
func NewAuthenticator ¶
func NewAuthenticator(repo UserAuthRepo) *Authenticator
NewAuthenticator returns an pointer to an authenticar, taking an implemented UserRepo as it only argument
func (*Authenticator) Authenticate ¶
func (a *Authenticator) Authenticate(creds Credentials) (User, error)
Authenticate takes the provided credentials and authenticates the a user, returning the full user on success, error on failure
func (*Authenticator) EncryptPassword ¶
func (a *Authenticator) EncryptPassword(password string) (string, error)
EncryptPassword uses bcrypt to encrypt a provided password in a way that ensures decryption using respective Authenticate method works as expected
func (*Authenticator) IsAuthenticatedSession ¶
func (a *Authenticator) IsAuthenticatedSession(s Session) (User, error)
IsAuthenticatedSession takes an a current session, and return the user if the session is authenticated, otherwise return an error
type Authorizer ¶
Authorizer is the struct (with intended use as a singleton) for handling all things authorization
func NewAuthorizer ¶
func NewAuthorizer(repo AuthRepo) *Authorizer
NewAuthorizer is a factory constructor for getting a properly instantiated Authorizer
func (*Authorizer) AddPermission ¶
func (mngr *Authorizer) AddPermission(p Permission) Permission
AddPermission adds a permission the auth mngr
func (*Authorizer) AssignPermissionToRole ¶
func (mngr *Authorizer) AssignPermissionToRole(role Role, perm Permission) error
AssignPermissionToRole takes a role and grants access to the provided permission
func (*Authorizer) CreateRole ¶
func (mngr *Authorizer) CreateRole(r Role) (Role, error)
func (*Authorizer) CreateSuperAdmin ¶
func (mngr *Authorizer) CreateSuperAdmin(r Role) error
CreateSuperAdmin is a method on Authorizor to create a Role that is granted all permissions
func (*Authorizer) GetPermissions ¶
func (mngr *Authorizer) GetPermissions() ([]Permission, error)
GetPermissions returns all permissions
func (*Authorizer) GetRoles ¶
func (mngr *Authorizer) GetRoles() ([]Role, error)
GetRoles returns all roles
func (*Authorizer) Granted ¶
func (mngr *Authorizer) Granted(role UserRole, p Permission) bool
Granted verifies if a role specified by role name is currently granted a permission
func (*Authorizer) RevokePermissionFromRole ¶
func (mngr *Authorizer) RevokePermissionFromRole(role Role, perm Permission) error
RevokePermissionFromRole removes roles grant to a permission
type CookieProvider ¶
type CookieProvider interface {
//Read returns a session, or error if empty
Read(*http.Request) (Session, error)
//Write takes a response writer and sets a cookie to it
Set(http.ResponseWriter, Session) error
//Invalidate a the session cookie
Invalidate(http.ResponseWriter)
}
type Credentials ¶
The Credentials interface exposes getters for password and username
type Permission ¶
type Permission interface {
ID() string
Equals(Permission) bool
}
The Permission interface is to be implemented in a way that exports an identifier via the ID method, as well as defines equality with another permission via implementing the Match Method
type Permissions ¶
type Permissions map[string]Permission
Permissions is a map of string keys to Permission values
type Role ¶
type Role interface {
UserRole
Has(Permission) bool
Assign(Permission) error
Revoke(Permission) error
}
Role is an interface
type RolePermission ¶
RolePermission is an interface to full fill the exposes role and associated granted permission
type Session ¶
type Session interface {
SessionID() string
Set(key string, value interface{})
Get(key string) (interface{}, bool)
Delete(key string)
Expired() bool
Store() map[string]interface{}
StoreDirty() bool
ReplaceStore(map[string]interface{})
}
Session is an interface to be implemented by a general session object - provides access to the id, expiration state, and general setter, getters, and delete against session values
type SessionProvider ¶
type SessionProvider interface {
GetSession(*http.Request) (Session, error)
SetSession(Session) error
EndSession(http.ResponseWriter, Session) error
UpdateSession(Session) error
WriteCookie(http.ResponseWriter, Session) error
}
The SessionProvider is to be implemented by the persistance mechanism for sessions and injected into the session manager
type StdCookieProvider ¶
type StdCookieProvider struct {
// contains filtered or unexported fields
}
StdCookieProvider implements the juno.Cookie provider interface, and is to be used in the context of a juno.SessionProvider to augment persistance operations in the provider with cookie handling
func NewStdCookieProvider ¶
func NewStdCookieProvider(hashKey, blockKey []byte, cookieName string) *StdCookieProvider
NewStdCookieProvider is a factory constructor for returning a standard cookie provider
func (*StdCookieProvider) Invalidate ¶
func (c *StdCookieProvider) Invalidate(w http.ResponseWriter)
Invalidate cookie by setting mage age -1
func (*StdCookieProvider) Read ¶
func (c *StdCookieProvider) Read(req *http.Request) (Session, error)
func (*StdCookieProvider) Set ¶
func (c *StdCookieProvider) Set(w http.ResponseWriter, s Session) error
Set the session id securely on a cookie in the response
type StdPermission ¶
type StdPermission struct {
//The PermissionID as it is in the database
PermissionID int `json:"id" db:"PermissionID"`
Label string `json:"label" db:"Label"`
Description string `json:"description" db:"Description"`
}
StdPermission is the Juno implementation of the permission interface
func NewStdPermission ¶
func NewStdPermission(label, description string) *StdPermission
NewStdPermission is a factory constructor for returning a standard implementation of the Permission Interface
func (*StdPermission) Equals ¶
func (p *StdPermission) Equals(perm Permission) bool
Equals is the implementation of the Permission interface Equal method
func (*StdPermission) ID ¶
func (p *StdPermission) ID() string
ID implements the Permission interface, exposing the value intended to represent the StdPermissions ID
type StdRole ¶
type StdRole struct {
sync.RWMutex
StdUserRole
CreatedDate time.Time `json:"created" db:"created"`
// contains filtered or unexported fields
}
StdRole is an Implementation of the Role
func NewStdRole ¶
func (*StdRole) Assign ¶
func (r *StdRole) Assign(p Permission) error
Assign a permission to a juno.StdRole
func (*StdRole) Has ¶
func (r *StdRole) Has(p Permission) bool
Has verifies of a StdRole has permission
func (*StdRole) Revoke ¶
func (r *StdRole) Revoke(p Permission) error
Revoke a permission from a StdRole - return an error if the StdRole is currently not granted the permission attempted to revoke
type StdSession ¶
type StdSession struct {
ID uuid.UUID `db:"GUID"`
Expiration time.Time `db:"Expiration"`
sync.RWMutex
// contains filtered or unexported fields
}
StdSession is an implementation of the juno.Session interface
func NewStdSession ¶
func NewStdSession(duration ...time.Duration) *StdSession
NewStdSession is factory constructor for returning a brand new session
func (*StdSession) Expired ¶
func (s *StdSession) Expired() bool
Expired returns true if the session is expired, false if it is still valid
func (*StdSession) Get ¶
func (s *StdSession) Get(key string) (interface{}, bool)
Get a value off the session
func (*StdSession) ReplaceStore ¶
func (s *StdSession) ReplaceStore(store map[string]interface{})
ReplaceStore replaces the entire contents of the store. It is not marked dirty since this should only be used when loading from a db.
func (*StdSession) SessionID ¶
func (s *StdSession) SessionID() string
SessionID retrieves the session id
func (*StdSession) Set ¶
func (s *StdSession) Set(key string, value interface{})
Set a value on the session
func (*StdSession) Store ¶
func (s *StdSession) Store() map[string]interface{}
Store returns the key/value map of stored contents
func (*StdSession) StoreDirty ¶
func (s *StdSession) StoreDirty() bool
StoreDirty is true when something has been set or deleted on the store but it hasn't been persisted
type StdUser ¶
type StdUser struct {
UserID int `db:"UserID" json:"userId"`
Email string `db:"Email" json:"email"`
Password string `db:"Password" json:"password,omitempty"`
StdUserRole `json:"role"`
Created time.Time `db:"Created" json:"created"`
Modified time.Time `db:"Modified" json:"modified"`
LastLogin time.Time `db:"LastLogin" json:"lastLogin"`
}
StdUser implements the user interface and is meant to be thought of as a base user struct, and embedded in more involved and/or specfic user structs
func (*StdUser) GetPassword ¶
GetPassword implements the Credentials interface and returns the users password
func (*StdUser) GetUsername ¶
GetUsername implements the Credentials interface and returns the users email
type StdUserRole ¶
type StdUserRole struct {
//ID of the StdRole
RoleID int `json:"id" db:"RoleID"`
//Name of the StdRole
RoleName string `json:"name" db:"RoleName"`
}
func (*StdUserRole) ID ¶
func (r *StdUserRole) ID() string
ID implements the juno.Role interface for exposing an identifier for the role
type User ¶
type User interface {
Credentials
ID() int
Role() UserRole
}
User interface is to be implemented in a way that provided access to the necessary values related to a user for utilization throughout the juno Authenticator and Authorizer workflows
type UserAuthRepo ¶
type UserAuthRepo interface {
GetUserByCredentials(Credentials) (User, error)
GetUserFromSession(Session) (User, error)
}
UserAuthRepo is the interface that is intended to be implemented by a data access struct methods
Source Files
Directories