package
0.0.0-20240513174111-a311b3bdd62a
Repository: https://github.com/aptrust/registry.git
Documentation: pkg.go.dev

# Functions

AddTokenToContext adds an xor'ed version of the CSRF token to the context, so we can pass it into forms.
No description provided by the author
Authenticate ensures the current user is logged in for all requests other than those going to "/" or static resources.
Authorize ensures that a user is authorized to commit a specific action on a specific resource.
AuthorizeResource returns a ResourceAuthorization struct describing what is being authorized and whether the current user is allowed to do what they're trying to do.
No description provided by the author
No description provided by the author
No description provided by the author
GetCSRFCookieToken returns the csrf token set in the cookie.
GetCSRFRequestToken returns the token set in the request form or header.
No description provided by the author
GetUserFromAPIHeaders returns the current user based on the API auth headers.
GetUserFromSession returns the User for the current session.
No description provided by the author
IsAPIRoute returns true if the requested route matches one of our API prefixes.
No description provided by the author
LoadCookie loads a cookie's value into the request context.
LoadCookies loads the user's flash and preference cookes into the request context.
SetDefaultHeaders sets headers that we want to include with every response.
XorStrings scrambles the CSRF token that appears in the header and in forms on each request.

# Variables

AuthMap maps HTTP handler names to the permissions required to access that handler.

# Structs

AuthMetadata contains information about what type of resource is being requested, and what action the user wants to take on that resource.
ResourceAuthorization contains information about the current request handler, the resource and action being requested, and whether the current user is authorized to do what they're trying to do.