Generic Auth Scheme
aah provides generic auth scheme as an extensible feature. It means authentication responsibility lies with the user; JWT auth scheme implementation, for example. aah does not validate the credentials. It is quiet flexible too.
There are two steps to make use of generic auth scheme -
- Implement interface
authc.Authenticator
to authenticate. After successful authentication, provide subject’s authentication info to aah- aah treats any non-nil error as
401 Unauthorized
- For example, returning
authc.ErrAuthenticationFailed
andauthc.ErrSubjectNotExists
appropriately
- aah treats any non-nil error as
- Implement
authz.Authorizer
to provide subject’s roles and permissions
Refer aah RESTFul API JWT auth example.
Table of Contents
Configuration
aah supports one or more generic
auth schemes.
Section: generic_scheme_key { … }
generic_scheme_key { ... }
configuration goes under section security.auth_schemes { ... }
.
Example Config: jwt_auth
JWT auth scheme implemented using generic auth scheme. Configuration from aah RESTFul API JWT auth example.