This is the authentication library used by the microservices of the Taliesin project. It is a simple wrapper around the auth microservice API, it delegates all the logic to it.
- Add the library to the imports of your go files
import "github.com/taliesin-insa/lib-auth" - Make sure that the environment variable
AUTH_API_URLcontains the URL to the auth microservice - Call the method
AuthenticateUser(r *http.Request)with a request as a parameter to verify that the request was issued by a legitimate User and get its identity
AuthenticateUser(r *http.Request) (*UserData, error, int)
Parameters:
- r : the http.Request you want to authenticate, it shall contain the
Authorizationheader with the user's token (enforced by the frontend)
Returned data:
- a struct containing information about the authenticated user (see
UserDatadefinition),nilif an error occurred or the user wasn't authenticated - an error struct,
nilif there was no error - an int corresponding to the HTTP error code associated to the error, value is http.StatusOK if there was no error
package test
import (
"github.com/taliesin-insa/lib-auth"
"net/http"
)
func createDatabase(w http.ResponseWriter, r *http.Request) {
user, authErr, authStatusCode := lib_auth.AuthenticateUser(r)
// first check if there was an error during the authentication or if the user wasn't authenticated
if authErr != nil {
w.WriteHeader(authStatusCode)
w.Write([]byte("[AUTH] "+authErr.Error()))
return
}
// check if the authenticated user has sufficient permissions to
if user.Role != lib_auth.RoleAdmin {
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte("[AUTH] Insufficient permissions to create database"))
}
// do some stuff ...
}