Authenticate is middleware which authenticates the request by attempting to authenticate using all the provided methods.

AuthenticateBySession authenticates the request by the session cookie.

AuthenticateByToken authenticates a User by their API token.

AuthenticateExternalInitiator authenticates an external initiator request.

AuthenticateGQL middleware checks the session cookie for a user and sets it on the request context if it exists.

GetAuthenticatedExternalInitiator extracts the external initiator from the context.

GetAuthenticatedUser extracts the authentication user from the context.

GetGQLAuthenticatedSession extracts the authentication session from a context.

RequiresAdminRole extracts the user object from the context, and asserts the user's role is 'admin'.

RequiresEditRole extracts the user object from the context, and asserts the user's role is at least 'edit'.

RequiresRunRole extracts the user object from the context, and asserts the user's role is at least 'run'.

WithGQLAuthenticatedSession sets the authenticated session in the context There shouldn't be a need to do this outside of testing.

APIKey is the header name for the API token identifier for user authentication.

APISecret is the header name for the API token secret for user authentication.

SessionExternalInitiatorKey is the External Initiator key in the session map.

SessionIDKey is the session ID key in the session map.

SessionName is the session name.

SessionUserKey is the User key in the session map.

Authenticator defines the interface to authenticate requests against a datastore.