go-macaron / auth

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

auth

Macaron middleware/handler for http basic authentication. Modified from https://github.com/martini-contrib/auth

API Reference

Simple Usage

Use auth.Basic to authenticate against a pre-defined username and password:

import (
  "gopkg.in/macaron.v1"
  "github.com/go-macaron/auth"
)

func main() {
  m := macaron.Classic()
  // authenticate every request
  m.Use(auth.Basic("username", "secretpassword"))
  m.Run()
}

Advanced Usage

Using auth.BasicFunc lets you authenticate on a per-user level, by checking the username and password in the callback function:

import (
  "gopkg.in/macaron.v1"
  "github.com/go-macaron/auth"
)

func main() {
  m := macaron.Classic()
  // authenticate every request
  m.Use(auth.BasicFunc(func(username, password string) bool {
    return username == "admin" && password == "guessme"
  }))
  m.Run()
}

Note that checking usernames and passwords with string comparison might be susceptible to timing attacks. To avoid that, use auth.SecureCompare instead:

  m.Use(auth.BasicFunc(func(username, password string) bool {
    return auth.SecureCompare(username, "admin") && auth.SecureCompare(password, "guessme")
  }))
}

Upon successful authentication, the username is available to all subsequent handlers via the auth.User type:

  m.Get("/", func(user auth.User) string {
    return "Welcome, " + string(user)
  })
}

Authors

About

License:MIT License


Languages

Language:Go 100.0%