zhttpzgo.at/zhttp/auth Index | Files

package auth

import "zgo.at/zhttp/auth"



func Add

func Add(load loadFunc, noCSRF ...string) func(http.Handler) http.Handler

Add user auth to an endpoint.

The load callback is called with the value of the authentication cookie. The User is added to the context.

POST, PATH, PUT, and DELETE requests will check the CSRF token from the "csrf" field with the value from User.CSRFToken(). The list of paths in noCSRF will be excluded for CSRF checks.

func ClearCookie

func ClearCookie(w http.ResponseWriter, domain string)

ClearCookie sends an empty auth cookie with an expiry in the past for the given domain, clearing it in the client.

Make sure the domain matches with what was sent before *exactly*, or the browser will set a second cookie.

func Filter

func Filter(f filterFunc) func(http.Handler) http.Handler

Filter access to a resource.

If the returning error is a zgo.at/guru.coder and has a redirect code, then the error value is used as a redirection.

func SetCookie

func SetCookie(w http.ResponseWriter, val, domain string)

SetCookie sets the authentication cookie to val for the given domain.


type User

type User interface {
	CSRFToken() string

Source Files


v0.0.0-20240323065918-2e72ad661026 (latest)
Mar 23, 2024
11 packages
Last checked
1 month ago

Tools for package owners.