Skip to content
Snippets Groups Projects
Select Git revision
  • 365182a54626ba0f15a5d1b5064f7f7e124ad93a
  • master default protected
  • bugfix/fix-return-var-in-find
  • feature/upgrade2
  • v1.10.0
  • v1.8.2
  • v1.8.1
  • v1.8.0
  • 1.7.3
  • v1.7.1
  • v1.6.1
  • v1.6.0
  • v1.5.0
  • v1.4.1
  • v1.3.0
  • v1.2.2
  • v1.2.1
  • v1.2.0
  • v1.0.1
  • v1.0.0
  • v0.0.23
  • v0.0.17
  • v0.0.10
  • v0.0.9
24 results

MANIFEST.in

Blame
    • auth.go 3.91 KiB 
    package perxis

import (
	"context"
	"runtime"
	"strings"

	"git.perx.ru/perxis/perxis-go/pkg/errors"
)

var (
	ErrAccessDenied = errors.New("access denied")
)

type Principal interface {
	GetID() string
}

// Authenticator интерфейс для аутентификации
type Authenticator interface {
	// Authenticate аутентификация
	Authenticate(ctx context.Context) (Principal, error)
}

type Authorization struct {
	Authorizer Authorizer
}

// Authorizer интерфейс для авторизации
type Authorizer interface {
	Authorize(principal Principal, action string, resource any) (*Authorization, error)
}

var (
	authorizer    Authorizer
	authenticator Authenticator
)

func SetAuthorizer(a Authorizer) {
	authorizer = a
}

func SetAuthenticator(a Authenticator) {
	authenticator = a
}

func Authenticate(ctx context.Context) (Principal, error) {
	if authenticator == nil {
		return nil, nil
	}
	return authenticator.Authenticate(ctx)
}

func Authorize(principal Principal, action string, resource any) (*Authorization, error) {
	if authorizer == nil {
		return nil, nil
	}
	return authorizer.Authorize(principal, action, resource)
}

func AuthorizeContext(ctx context.Context, action string, resource any) (*Authorization, error) {
	principal, err := Authenticate(ctx)
	if err != nil {
		return nil, err
	}
	return Authorize(principal, action, resource)
}

func IsAllowed(ctx context.Context, res any) (*Authorization, error) {
	pc, _, _, _ := runtime.Caller(1)