Aegis middleware is an token based authentication mechanism. It provides token
extraction from an Authorization header and allows for custom validation.
If no token is provided in the Authorization header or the validation function
returns false a 401 unauthorized response will be given to the client and the
Route handlers will not be processed.
Configuration
Aegis is configured using an AegisConfig structure that must be given a
structure that implements the AegisAdapter interface. This config structure can
be passed to the Aegis factory function in the middleware package.
AegisConfig
type AegisConfig struct {
Adapater: AegisAdapter
}AegisAdapter
type AegisConfig interface {
ValidateSession(c celerity.Context, token string) bool
}Usage
import (
"github.com/5Sigma/celerity"
"github.com/5Sigma/celerity/middleware"
)
// custom adapter
type AegisAdapter { }
// validation function
func (aa AegisAdapter) ValidateSession(c celerity.Context, token string) bool {
// look up the session token and return some kind of user structure
user := getUserByToken(token)
if user != nil {
// set the user in the context so route handlers can extract it
c.Set("user", user)
return true
}
// no session was found a 401 will be returned to the client
return false
}
func main() {
celerity.HandleCLI(func() *celerity.Server{
// create a server
svr := Server.New()
// build the config structure and assign the adapter
aegisConfig := middleware.AegisConfig{
Adapter: AegisAdapter{}
}
// inject the middleware using the factory function
svr.Use(middleware.Aegis(aegisConfig))
})
return svr
}