Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Login Auth solutions. #26

Closed
vinceyoumans opened this issue Jan 2, 2021 · 1 comment
Closed

Login Auth solutions. #26

vinceyoumans opened this issue Jan 2, 2021 · 1 comment
Labels
wishlist Anything new which does not directly affect or improve the project.

Comments

@vinceyoumans
Copy link

Is your feature request related to a problem? Please describe.
I wanted to get some examples of how to add login authentication. I have some ideas myself, but curious what the world has in mind.

Describe the solution you'd like
I would like to see examples for:
Firebase auth
3rd party Auth
perhaps some JWT and or cookie solutions
@bnkamalesh
Copy link
Owner

bnkamalesh commented Jan 5, 2021
edited
Loading

@vinceyoumans Login/authentication would depend on what service you're using. You've mentioned Firebase, JWT etc. In case of Webgo, the middleware is quite easy to write. I use the following:

func AuthenticateAndAuthorize(rw http.ResponseWriter, req *http.Request, next http.HandlerFunc) {
	wctx := webgo.Context(r)
	// I use webgo's route.Name to identify a route/API. e.g. 'getusers', 'myapp.users.get' etc.
	// The same name can be given for multiple routes if your app needs it.
	currentAPI := wctx.Route.Name

	// openAPIs is a slice of strings, which are open for any user. i.e. no authentication required
	for _, oapi := range openAPIs {
		if oapi == currentAPI {
			next(rw, req)
			return
		}
	}

	// there might be some APIs which need not have specific access, but only requires the user to be
	// authenticated. Those 
	for _, authAPI := range authOnlyAPIs {
		if currentAPI == authAPI {
			next(rw, req)
			return
		}
	}

	// sess is a session instance (there's no code posted for this), which I'm using from a custom IAM (within my company)
	// It makes sure if the user has access to the respective API
	err := sess.IsAuthorized(currentAPI)
	if err == nil {
		next(rw, req)
		return
	}

	// if user is trying to access an unauthorized API, a security log is generated.
	// `logH` is an instance of the logger I use
	logH.Security(
		err.Error(),
		sess.ClientID,
		sess.OrganizationID,
		req.RemoteAddr,
		req.URL.String(),
	)

       // errors is a custom errors package which I use, github.com/bnkamalesh/errors
	status, msg, _ := errors.HTTPStatusCodeMessage(err)
	webgo.SendError(rw, msg, status)
}

The above is a sample of a middleware which implements authentication + authorization. And it can be used as follows:

router := webgo.NewRouter(cfg *webgo.Config, routes []*webgo.Route)
router.Use(AuthenticateAndAuthorize)

@bnkamalesh bnkamalesh added the wishlist Anything new which does not directly affect or improve the project. label Jan 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
wishlist Anything new which does not directly affect or improve the project.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vinceyoumans @bnkamalesh