Skip to content

martini-contrib/auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

129 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
basic.go
basic.go
 
 
basic_test.go
basic_test.go
 
 
util.go
util.go
 
 
util_test.go
util_test.go
 
 
wercker.yml
wercker.yml
 
 

Repository files navigation

auth wercker status

Martini middleware/handler for http basic authentication.

API Reference

Simple Usage

Use auth.Basic to authenticate against a pre-defined username and password:

import (
  "github.com/go-martini/martini"
  "github.com/martini-contrib/auth"
)

func main() {
  m := martini.Classic()
  // authenticate every request
  m.Use(auth.Basic("username", "secretpassword"))
  m.Run()
}

Advanced Usage

Using auth.BasicFunc lets you authenticate on a per-user level, by checking the username and password in the callback function:

import (
  "github.com/go-martini/martini"
  "github.com/martini-contrib/auth"
)

func main() {
  m := martini.Classic()
  // authenticate every request
  m.Use(auth.BasicFunc(func(username, password string) bool {
    return username == "admin" && password == "guessme"
  }))
  m.Run()
}

Note that checking usernames and passwords with string comparison might be susceptible to timing attacks. To avoid that, use auth.SecureCompare instead:

  m.Use(auth.BasicFunc(func(username, password string) bool {
    return auth.SecureCompare(username, "admin") && auth.SecureCompare(password, "guessme")
  }))
}

Upon successful authentication, the username is available to all subsequent handlers via the auth.User type:

  m.Get("/", func(user auth.User) string {
    return "Welcome, " + string(user)
  })
}

Authors

About

Martini handlers for authentication.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

67 stars

Watchers

6 watching

Forks

32 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 8

Languages