martini-contrib / auth Goto Github PK
View Code? Open in Web Editor NEWMartini handlers for authentication.
License: MIT License
Martini handlers for authentication.
License: MIT License
I was able to solve this problem, using db as global variable. However, would be better if I could pass it to my callback (that today, accepts just two params - user and password). Could you support a variable number of params, where I could for example pass the db handle? I stumbled many times in this question and either I found a "use another middlewear" or "set your db variable global"..
Hey there I tried to use this middleware with go 1.1.1 but it is not working.
The Error: undefined sha256.Sum256 (line 10 and 11 in util.go)
So I updated my go to version 1.2.1
Now everything works fine.
As stated in the main readme of martini "go 1.1 and greater is required". So I was confused why it was not working 1.1.1
Based on the readme, I should be able to do something like:
m := martini.Classic()
m.Use(auth.Basic("username", "secretpassword"))
m.Run()
However, when serving static files via "./public" under Classic mode, none of the static files are authenticated, unless their content does not exist (all content that exists is not subject to basic auth).
You can verify the tests by modifying them like this:
diff --git a/basic_test.go b/basic_test.go
index b4f057b..616d756 100644
--- a/basic_test.go
+++ b/basic_test.go
@@ -13,11 +13,14 @@ func Test_BasicAuth(t *testing.T) {
auth := "Basic " + base64.StdEncoding.EncodeToString([]byte("foo:bar"))
- m := martini.New()
+ m := martini.Classic()
m.Use(Basic("foo", "bar"))
m.Use(func(res http.ResponseWriter, req *http.Request, u User) {
res.Write([]byte("hello " + u))
})
+ m.Get("/foo", func() string {
+ return "bar"
+ })
r, _ := http.NewRequest("GET", "foo", nil)
If the "public/foo" file exists, tests fail with this:
$ go test
[martini] Started GET foo for
[martini] [Static] Serving foo
[martini] Completed 200 OK in 5.934997ms
[martini] Started GET foo for
[martini] [Static] Serving foo
[martini] Completed 200 OK in 43.234µs
--- FAIL: Test_BasicAuth (0.01s)
basic_test.go:30: Response not 401
basic_test.go:46: Auth failed, got:
FAIL
exit status 1
FAIL github.com/martini-contrib/auth 0.013s
If "public/foo" does not exist, tests pass:
$ go test
[martini] Started GET foo for
[martini] Completed 401 Unauthorized in 92.823µs
[martini] Started GET foo for
[martini] Completed 200 OK in 15.74µs
PASS
ok github.com/martini-contrib/auth 0.007s
go get github.com/martini-contrib/auth
src/github.com/martini-contrib/auth/util.go:10: undefined: sha256.Sum256
src/github.com/martini-contrib/auth/util.go:11: undefined: sha256.Sum256
Ubuntu 13.10 64Bits
Golang 1.2
more conversation here:
We could either do this with an additional argument (which I would not be easily backwards-compatible), or with a global var Realm
, and let users set auth.Realm = "My Website"
. The latter does smell bad but it would not break any existing code.
Thoughts?
from @nimajalali
I'm finalizing a HMAC based auth handler. Using Amazon S3 signed and authorized model, more info here.
I use it for server to server communication where a pre shared secret is possible. The handler adds to the S3 model by enabling the use of a nonce.
Should this be under the auth package, possibly auth.HMAC? If so how should I go about adding info to the auth README?
Also, any thoughts on how to incorporate multiple auth handlers? For instance I have API endpoints that are accessed from servers as well as clients. I use this HMAC auth handler to handle server to server auth and another handler for session based auth. Today I have to create two separate endpoints to enable auth from either handler.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.