Skip to content

Commit

Permalink
updated readme and server example
Browse files Browse the repository at this point in the history
  • Loading branch information
apexskier committed Oct 2, 2014
1 parent 8ea66ab commit 53e6988
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 5 deletions.
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,6 @@ data
auth
usage
auth_test.gob
auth.gob
server
mongodbtest
14 changes: 9 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,26 +3,29 @@
[![GoDoc](https://godoc.org/github.com/apexskier/httpauth?status.png)](https://godoc.org/github.com/apexskier/httpauth)

This package uses the [Gorilla web toolkit](http://www.gorillatoolkit.org/)'s
sessions and package to implement a user authentication and authorization
system for Go web servers.
sessions package to implement a user authentication and authorization system
for Go web servers.

Multiple user data storage backends are available, and new ones can be
implemented relatively easily.

- [File based](https://godoc.org/github.com/apexskier/goauth#NewGobFileAuthBackend) ([gob](http://golang.org/pkg/encoding/gob/))
- [Various SQL Databases](https://godoc.org/github.com/apexskier/httpauth#NewSqlAuthBackend)
- [MongoDB](https://godoc.org/github.com/apexskier/httpauth#NewMongodbBackend)

Access can be restricted by a users' role.

Uses [bcrypt](http://codahale.com/how-to-safely-store-a-password/) for password
hashing.

Run `go run server.go` from the examples directory and visit `localhost:8080`
Run `go run server.go` from the examples directory and visit `localhost:8009`
for an example. You can login with the username and password "admin".

Tests can be run by simulating Travis CI's build environment. A mysql database
must be running on the default port with a user "travis" with no password and a
dabase "httpauth_test".
database "httpauth_test". A mongodb database must be running with open access
as well. There's a very unsafe script --- `start-test-env.sh` that will do this
for you.

**Note**

Expand All @@ -34,5 +37,6 @@ know](https://github.com/Wombats/goauth/issues/new).

### TODO

- User roles
- User roles - modification
- SMTP email validation (key based)
- More backends
14 changes: 14 additions & 0 deletions examples/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package main

import (
"net/http"
"code.google.com/p/go.crypto/bcrypt"
"github.com/apexskier/httpauth"
"github.com/gorilla/mux"
"html/template"
Expand All @@ -20,16 +21,29 @@ var (

func main() {
var err error
// create the backend storage, remove when all done
os.Create(backendfile)
defer os.Remove(backendfile)

// create the backend
backend, err = httpauth.NewGobFileAuthBackend(backendfile)
if err != nil {
panic(err)
}

// create some default roles
roles = make(map[string]httpauth.Role)
roles["user"] = 30
roles["admin"] = 80
aaa, err = httpauth.NewAuthorizer(backend, []byte("cookie-encryption-key"), "user", roles)

// create a default user
hash, err := bcrypt.GenerateFromPassword([]byte("adminadmin"), 8)
if err != nil {
panic(err)
}
defaultUser := httpauth.UserData{Username:"admin", Email:"admin@localhost", Hash:hash, Role:"admin"}
err = backend.SaveUser(defaultUser)
if err != nil {
panic(err)
}
Expand Down

0 comments on commit 53e6988

Please sign in to comment.