README
¶
1. Direct user to the /login url 2. Display login form 3. Check for successful login when form is submitted 4. IF login is successful, redirect to successful login handler 5. Check if service parameter exists. If yes, create a cache entry with api_key of requesting service and the guid of the user that was requested. Redirect with cache entry key 6. Service makes API call with key in header and the token received in step 5 7. If authentic, show user details curl -H "X-API-KEY: DUQ0s4DozbGaEj6K6i1G9Wkbk0jPK9MVTTRmwJRqoReJDEoQD3ljjfdmPwxxkjhTf-8sOUnkvXG5a7JFu3iiGQ==" http://127.0.0.1:4000/api/verify_login?tk=c5q4ted4n6bj30t08afg
Documentation
¶
Index ¶
- Constants
- type AccessControl
- type AppRole
- type Config
- type EnhancedGroup
- type GroupDetail
- type GroupMaster
- type OneTimeUserAuthToken
- type PasswordResetRequest
- type Server
- func (s *Server) APILogin() http.HandlerFunc
- func (s *Server) AddAuthenticationMethod(authMethodCode string, authMethod authlib.AuthenticationMethod)
- func (svc *Server) ApiKeyRequired(next http.Handler) http.Handler
- func (s *Server) AuthenticateAgainstLocalDB() authlib.AuthenticationMethod
- func (s *Server) ChangePasswordHandler() http.HandlerFunc
- func (s *Server) CreateGroup() http.HandlerFunc
- func (s *Server) CreatePermission() http.HandlerFunc
- func (s *Server) GenerateNewSessionKeys() http.HandlerFunc
- func (s *Server) GetCSRFToken() http.HandlerFunc
- func (s *Server) GetGroup() http.HandlerFunc
- func (s *Server) GetLoggedInUserDetails() http.HandlerFunc
- func (s *Server) GetPermissions() http.HandlerFunc
- func (s *Server) GetUser() http.HandlerFunc
- func (s *Server) GetUserDomains(username string, logger *zap.SugaredLogger) []string
- func (s *Server) GetUserGroups(username string, logger *zap.SugaredLogger) []string
- func (s *Server) GetUserPermissions(username string, logger *zap.SugaredLogger) map[string]map[string]bool
- func (s *Server) Groups() http.HandlerFunc
- func (s *Server) Init(c Config)
- func (s *Server) InitLogger()
- func (s *Server) InitRoutes()
- func (s *Server) ListServices() http.HandlerFunc
- func (s *Server) Login() http.HandlerFunc
- func (s *Server) LoginRequired(h http.Handler) http.Handler
- func (s *Server) Logout() http.HandlerFunc
- func (s *Server) MigrateDB()
- func (s *Server) PasswordResetRequestHandler() http.HandlerFunc
- func (s *Server) ProfilePage() http.HandlerFunc
- func (s *Server) Register() http.HandlerFunc
- func (s *Server) RegisterService() http.HandlerFunc
- func (s *Server) RegisterUserViaApi() http.HandlerFunc
- func (s *Server) Run()
- func (s *Server) UpdateUser() http.HandlerFunc
- func (s *Server) WhoAmI() http.HandlerFunc
- type Service
- type UserContextkey
- type UserDomain
- type UserGroup
- type UserPermissions
Constants ¶
View Source
const API_LOGIN_URL = "/auth/api/login"
View Source
const API_WHOAMI_URL = "/auth/whoami"
View Source
const PROFILE_URL = "/auth/profile"
View Source
const SERVICE_ID_CONTEXT_KEY myString = "thirdPartyService.ServiceID"
View Source
const STATIC_PATH = "/auth/static/"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessControl ¶
type AccessControl struct {
gorm.Model
ModNo int
Username string
Group string `gorm:"index:idx_access_control,unique;size:255;column:user_group"`
Service string `gorm:"index:idx_access_control,unique;size:255"`
Role string `gorm:"index:idx_access_control,unique;size:255"`
Domain string `gorm:"index:idx_access_control,unique;size:255"`
IsAllowed bool
}
type Config ¶
type Config struct {
Host string `mapstructure:"AUTH_HOST"`
Port int `mapstructure:"AUTH_PORT"`
URLPrefix string `mapstructure:"AUTH_URL_PREFIX"`
RedisServer string `mapstructure:"AUTH_REDIS_SERVER"`
SessionDuration time.Duration `mapstructure:"AUTH_SESSION_EXPIRY"`
CSRFKey string `mapstructure:"AUTH_CSRF_KEY"`
EnableTOTP bool `mapstructure:"AUTH_ENABLE_OTP"`
Domain string `mapstructure:"AUTH_LDAP_DOMAIN"`
LdapServerIP string `mapstructure:"AUTH_LDAP_SERVER_IP"`
LdapServerSupportsTLS int `mapstructure:"AUTH_LDAP_SERVER_SUPPORTS_TLS"`
DBHost string `mapstructure:"AUTH_DBHOST"`
DBPort int `mapstructure:"AUTH_DBPORT"`
DBUser string `mapstructure:"AUTH_DBUSER"`
DBPassword string `mapstructure:"AUTH_DBPASSWD"`
DBName string `mapstructure:"AUTH_DBNAME"`
DBType string `mapstructure:"AUTH_DB_TYPE"`
CORSWhiteList string `mapstructure:"AUTH_CORS_ORIGIN_WHITELIST"`
SubDirectory string `mapstructure:"AUTH_SUBDIRECTORY"`
LoginURL string `mapstructure:"LOGIN_URL"`
SaveLoginSessions bool `mapstructure:"SAVE_LOGIN_SESSIONS"`
LogLevel string
}
type EnhancedGroup ¶
type GroupDetail ¶
type GroupDetail struct {
gorm.Model
GroupID string `gorm:"index:idx_gid;size:255"`
GroupName string `gorm:"index:idx_gname;size:255"`
Active bool
ModNo int `gorm:"index"`
CreatedBy string `gorm:"index"`
CreatedOn time.Time `gorm:"index"`
ApprovalStatus string `gorm:"index"`
ApprovedBy string `gorm:"index"`
ApprovedOn time.Time `gorm:"index"`
}
type GroupMaster ¶
type OneTimeUserAuthToken ¶
type PasswordResetRequest ¶
type Server ¶
type Server struct {
CSRFMiddleware func(http.Handler) http.Handler
SupportedAuthenticationMethods map[string]authlib.AuthenticationMethod
// contains filtered or unexported fields
}
func (*Server) APILogin ¶
func (s *Server) APILogin() http.HandlerFunc
func (*Server) AddAuthenticationMethod ¶
func (s *Server) AddAuthenticationMethod(authMethodCode string, authMethod authlib.AuthenticationMethod)
func (*Server) AuthenticateAgainstLocalDB ¶
func (s *Server) AuthenticateAgainstLocalDB() authlib.AuthenticationMethod
func (*Server) ChangePasswordHandler ¶
func (s *Server) ChangePasswordHandler() http.HandlerFunc
func (*Server) CreateGroup ¶
func (s *Server) CreateGroup() http.HandlerFunc
func (*Server) CreatePermission ¶
func (s *Server) CreatePermission() http.HandlerFunc
func (*Server) GenerateNewSessionKeys ¶
func (s *Server) GenerateNewSessionKeys() http.HandlerFunc
func (*Server) GetCSRFToken ¶
func (s *Server) GetCSRFToken() http.HandlerFunc
func (*Server) GetGroup ¶
func (s *Server) GetGroup() http.HandlerFunc
func (*Server) GetLoggedInUserDetails ¶
func (s *Server) GetLoggedInUserDetails() http.HandlerFunc
func (*Server) GetPermissions ¶
func (s *Server) GetPermissions() http.HandlerFunc
func (*Server) GetUser ¶
func (s *Server) GetUser() http.HandlerFunc
func (*Server) GetUserDomains ¶
func (s *Server) GetUserDomains(username string, logger *zap.SugaredLogger) []string
func (*Server) GetUserGroups ¶
func (s *Server) GetUserGroups(username string, logger *zap.SugaredLogger) []string
func (*Server) GetUserPermissions ¶
func (*Server) Groups ¶
func (s *Server) Groups() http.HandlerFunc
func (*Server) InitLogger ¶
func (s *Server) InitLogger()
func (*Server) InitRoutes ¶
func (s *Server) InitRoutes()
func (*Server) ListServices ¶
func (s *Server) ListServices() http.HandlerFunc
func (*Server) Login ¶
func (s *Server) Login() http.HandlerFunc
func (*Server) Logout ¶
func (s *Server) Logout() http.HandlerFunc
func (*Server) PasswordResetRequestHandler ¶
func (s *Server) PasswordResetRequestHandler() http.HandlerFunc
func (*Server) ProfilePage ¶
func (s *Server) ProfilePage() http.HandlerFunc
func (*Server) Register ¶
func (s *Server) Register() http.HandlerFunc
func (*Server) RegisterService ¶
func (s *Server) RegisterService() http.HandlerFunc
func (*Server) RegisterUserViaApi ¶
func (s *Server) RegisterUserViaApi() http.HandlerFunc
func (*Server) UpdateUser ¶
func (s *Server) UpdateUser() http.HandlerFunc
func (*Server) WhoAmI ¶
func (s *Server) WhoAmI() http.HandlerFunc
type UserContextkey ¶
type UserContextkey string
var STATIC_PATH string
const CTX_USER_KEY UserContextkey = "currentuser"
type UserDomain ¶
type UserPermissions ¶
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.