Categorygithub.com/lidstromberg/requestgateway
modulepackage
0.2.0
Repository: https://github.com/lidstromberg/requestgateway.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
9
Dependents
0
Files
261 SLOC

# README

Request Gateway - address restricting add-on for auth.

This package is a GCP Datastore controlled IP Address access controller. It can be plugged into AppEngine services in order to deliver service specific IP restriction. Works with or instead of the AppEngine Firewall. Originally written for use with auth.

What?

This is a fairly rudimentary backend client which persists a list of approved address names (IPs, hostnames, whatever you want to use to differentiate), and will provide a boolean check to indicate if a given address name is on the approved list.

Why?

This was written to augment a GCP Appengine service. Appengine already provides a firewall service which can be used to control incoming traffic, so this address restriction utility is useful where a appengine default service already exists serving a superset of incoming traffic. This can be plugged into middleware to permit access to a non-default service for a subset of traffic.

How?

The best place to start is probably with the examples and tests. Initialise the approval list entity in Datastore by running the tests.

Examples

See examples for a http/appengine implementations which uses requestgateway and auth. This is written for appengine standard 2nd gen, but also works as a standalone.

Dependencies and services

This utilises the following fine pieces of work:

Installation

If you want to run the example code, then install using

$ go get -u github.com/lidstromberg/examples

If you only want the requestgateway utility, then install with

$ go get -u github.com/lidstromberg/requestgateway

Environment Variables

You will also need to export (linux/macOS) or create (Windows) some environment variables.

################################
# GCP DETAILS
################################
export GTWAY_GCP_PROJECT='{{PROJECTNAME}}'

################################
# GCP CREDENTIALS
################################
export GOOGLE_APPLICATION_CREDENTIALS="/PATH/TO/GCPCREDENTIALS.JSON"

(See Google Application Credentials)

Change LB_DEBUGON to true/false if you want verbose logging on/off. The other variables don't need to be changed.

################################
# REQUEST GATEWAY
################################
export GTWAY_DEBUGON='true'
export GTWAY_NAMESP='global'
export GTWAY_KD='gateway'
export GTWAY_CLIPOOL='5'

Main Files

FilePurpose
requestgateway.goLogic manager
requestgateway_test.goTests

Ancillary Files

FilePurpose
config.goBoot package parameters, environment var collection
entity.goPackage structs
envPackage environment variables for local/dev installation
gogetsStatements for go-getting required packages

# Functions

NewMgr creates a new gateway manager.

# Variables

EnvClientPool is the size of the client pool.
EnvDebugOn controls verbose logging.

# Structs

Gateway is the list of addresses authorised to use a given service.
GtwyMgr handles interactions with the datastore.