Categorygithub.com/rest-go/auth
modulepackage
0.1.1
Repository: https://github.com/rest-go/auth.git
Documentation: pkg.go.dev

# README

Auth

ci codecov Go Reference

Auth is a RESTFul Authentication and Authorization package for Golang HTTP apps.

It handles the common tasks of registration, logging in, logging out, JWT token generation, and JWT token verification.

Installation

$ go get github.com/rest-go/auth

Usage

import auth to your app, create auth.Handler and auth.Middleware based on requirements.

package main

import (
	"log"
	"net/http"

	"github.com/rest-go/auth"
)

func handle(w http.ResponseWriter, req *http.Request) {
	user := auth.GetUser(req)
	if user.IsAnonymous() {
		w.WriteHeader(http.StatusUnauthorized)
	} else {
		w.WriteHeader(http.StatusOK)
	}
}

func main() {
	dbURL := "sqlite://my.db"
	jwtSecret := "my secret"
	authHandler, err := auth.NewHandler(dbURL, []byte(jwtSecret))
	if err != nil {
		log.Fatal(err)
	}
	http.Handle("/auth/", authHandler)

	middleware := auth.NewMiddleware([]byte(jwtSecret))
	http.Handle("/", middleware(http.HandlerFunc(handle)))
	log.Fatal(http.ListenAndServe(":8000", nil)) //nolint:gosec
}

Setup database

Send a POST request to /auth/setup to set up database tables for users. This will also create an admin user account and return the username and password in the response.

$ curl -XPOST "localhost:8000/auth/setup"

Auth handler

The Auth struct implements the http.Hanlder interface and provides the below endpoints for user management.

  1. Register
$ curl  -XPOST "localhost:8000/auth/register" -d '{"username":"hello", "password": "world"}'
  1. Login
$ curl  -XPOST "localhost:8000/auth/login" -d '{"username":"hello", "password": "world"}'
  1. Logout

Currently, the authentication mechanism is based on JWT token only, logout is a no-op on the server side, and the client should clear the token by itself.

$ curl  -XPOST "localhost:8000/auth/logout"

Auth middleware and GetUser

Auth middleware will parse JWT token in the HTTP header, and when successful, set the user in the request context, the GetUser method can be used to get the user from the request.

user := auth.GetUser(req)

# Packages

No description provided by the author

# Functions

GenJWTToken generate and return jwt token.
GetUser return the user in request context.
HashPassword generate the hashed password for a plain password.
NewHandler return a Handler with provided database url and JWT secret.
NewMiddleware create a middleware using provided secret.
ParseJWTToken parse tokenString and return data if token is valid.
Setup setup database tables and create an admin user account.

# Constants

No description provided by the author
No description provided by the author
No description provided by the author
read with ?mine query, usually filter by user_id field.
No description provided by the author
No description provided by the author
No description provided by the author
the name of the policies table.
The name of the users table.

# Structs

Handler is handler with auth endpoints like `register`, `login`, and `logout`.
Policy represents a security policy against a table.
User represents a request user.

# Type aliases

No description provided by the author
No description provided by the author
Middleware is a type alias for http handler middleware.