gelada

package module
v1.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2016 License: BSD-2-Clause Imports: 9 Imported by: 3

README

Gelada

Gelada is a middleware package, which provides a cookie-based session management.

Get it

go get -u github.com/iu0v1/gelada

Try it

go run ./examples/main.go

Or you can look on DEMO page, and then look code from demo in examples.

Learn it

Read the doc.

Improve it

Fork it, hack it, PR it.

And be happy :)

Have a nice day.

Documentation

Overview

Package gelada provides a tool for HTTP session authentication control (via cookie).

Gelada use a part of great Gorilla web toolkit, 'gorilla/sessions' package (refer to http://github.com/gorilla/sessions for more information).

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthGuard 

type AuthGuard interface {
	Check(username string, req *http.Request) bool
	Complaint(username string, req *http.Request)
}

AuthGuard - interface for options.AuthGuard fuction.

type AuthProviderType 

type AuthProviderType func(user, password string) bool

AuthProviderType - AuthProvider type

type Client 

type Client struct {
	Username   string
	UserAgent  string
	UserHost   string
	LoginDate  time.Time
	ExpireDate time.Time
	// contains filtered or unexported fields
}

Client contain info about the current user session and provide some helper methods.

func (*Client) Expire 

func (c *Client) Expire() bool

Expire returns state of current user session. 'true' if session is expired, and 'false' if the session has not expired.

func (*Client) Logout 

func (c *Client) Logout(res http.ResponseWriter, req *http.Request) error

Logout - ends the user's session. Ignore a PostLogoutRoute option and does not redirect after session end.

func (*Client) TimeToEndOfSession 

func (c *Client) TimeToEndOfSession() int

TimeToEndOfSession returns the amount of time (seconds) left before the end of the current user session.

type Gelada 

type Gelada struct {
	// contains filtered or unexported fields
}

Gelada - main struct.

func New 

func New(o Options) (*Gelada, error)

New - init and return new Gelada struct.

func (*Gelada) Auth 

func (g *Gelada) Auth(f http.HandlerFunc) http.HandlerFunc

Auth provides the ability to control authorization for the individual handlers.

Example. 

g, _ := gelada.New(options)
mux := http.NewServeMux()
mux.HandleFunc("/api/", g.Auth(apiHandler)) // auth control only for this handler
mux.HandleFunc("/main", mainHandler)

http.Handle("/", mux)

func (*Gelada) AuthHandler 

func (g *Gelada) AuthHandler(res http.ResponseWriter, req *http.Request)

AuthHandler is a handler for processing a request for authorization.

func (*Gelada) GetClient 

func (g *Gelada) GetClient(req *http.Request) (*Client, error)

GetClient return Client for current session.

func (*Gelada) GlobalAuth 

func (g *Gelada) GlobalAuth(next http.Handler) http.Handler

GlobalAuth provides the opportunity to wrap all requests for auth control.

Example. 

g, _ := gelada.New(options)
mux := http.NewServeMux()
mux.HandleFunc("/api/", apiHandler)

http.Handle("/", g.GlobalAuth(mux)) // wrap all requests

func (*Gelada) LogoutHandler 

func (g *Gelada) LogoutHandler(res http.ResponseWriter, req *http.Request)

LogoutHandler is a handler for processing a logout action.

func (*Gelada) SimpleAuthPage 

func (g *Gelada) SimpleAuthPage(res http.ResponseWriter, req *http.Request)

SimpleAuthPage provide simple auth page handler.

func (*Gelada) SimpleAuthProvider 

func (g *Gelada) SimpleAuthProvider(userlist map[string]string) AuthProviderType

SimpleAuthProvider provide simple AuthProvider based on key=value list.

type Options 

type Options struct {
	// http.Cookie options
	// Please, look at http://golang.org/pkg/net/http/#Cookie
	Path     string
	Domain   string
	MaxAge   int
	Secure   bool
	HTTPOnly bool

	// Cookie session name.
	// Default: "gelada-session"
	SessionName string

	// Duration of session. In seconds.
	// Default: 86400 (24 hours)
	SessionLifeTime int

	// Authentication and encryption keys. This is required for encoding and
	// decoding authenticated and optionally encrypted cookie values.
	//
	// Recommended to use a key with 32 or 64 bytes, and block key
	// length must correspond to the block size of the encryption algorithm.
	// For AES, used by default, valid lengths are 16, 24, or 32 bytes to select
	// AES-128, AES-192, or AES-256.
	//
	// For more information, please refer to http://www.gorillatoolkit.org/pkg/securecookie
	//
	// Default: 261AD9502C583BD7D8AA03083598653B, E9F6FDFAC2772D33FC5C7B3D6E4DDAFF
	// But use the default key only for testing. It's not secure.
	SessionKeys [][]byte

	// Assign a user's session with his browser user agent value.
	// Default: false
	BindUserAgent bool

	// Assign a user's session with his host value (IP address).
	// Default: false
	BindUserHost bool

	// Path to login handler, for redirect the client to authentication page.
	LoginRoute string

	// HTML field names, to retrieve 'user' and 'password' data from login form.
	// Deafult: "login" and "password"
	LoginUserFieldName     string
	LoginPasswordFieldName string

	// Path for redirect a client after authentication.
	// If option does not set - clients will be redirected to URL's, which
	// they tried to open before the authentication.
	PostLoginRoute string

	// Evil twin brother of LoginRoute. He ends the client session.
	LogoutRoute string

	// Similarly to PostLoginRoute.
	PostLogoutRoute string

	// Gelada can use an existing Gorilla session (CookieStore).
	// If GorillaCookieStore was set - SessionKeys will be ignored.
	GorillaCookieStore *sessions.CookieStore

	// AuthProvider provide opportunity to handle auth data.
	// It's take a login and password data, check it,
	// and return 'true' on success and 'false' on fail.
	AuthProvider AuthProviderType

	// Exceptions is a list of rules to be able to create exceptions for some
	// auth-free routes.
	//
	// Example. We set GlobalAuth on whole project. But we want provide some
	// zone without auth (all /noauth/... for example). Then we add "/noauth/.*"
	// to Exceptions. Bingo! All places will require authorization, except pages
	// on /noauth/... .
	Exceptions []string

	// AuthGuard is a tool for handle and processing login attempts.
	AuthGuard AuthGuard

	// UnauthorizedHeaderName - heder which will be sent to the client if the
	// user is not authorized.
	// Sends only if it was selected.
	UnauthorizedHeaderName string
}

Options - structure, which is used to configure Gelada.

Source Files

View all Source files

Directories

Path Synopsis
Package authguard provides a tool for handle and processing login attempts.
 Package authguard provides a tool for handle and processing login attempts.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.