chore: Update Go to 1.19 + Update dependencies

2022-09-21 20:16:00 -04:00
parent 5bb3f6d0a9
commit be88af5d48
7 changed files with 139 additions and 57 deletions
--- a/vendor/github.com/TwiN/g8/README.md
+++ b/vendor/github.com/TwiN/g8/README.md
@ -1,6 +1,6 @@
 # g8

-![build](https://github.com/TwiN/g8/workflows/build/badge.svg?branch=master) 
+![test](https://github.com/TwiN/g8/workflows/test/badge.svg?branch=master) 
 [![Go Report Card](https://goreportcard.com/badge/github.com/TwiN/g8)](https://goreportcard.com/report/github.com/TwiN/g8)
 [![codecov](https://codecov.io/gh/TwiN/g8/branch/master/graph/badge.svg)](https://codecov.io/gh/TwiN/g8)
 [![Go version](https://img.shields.io/github/go-mod/go-version/TwiN/g8.svg)](https://github.com/TwiN/g8)
@ -177,13 +177,42 @@ have the `backup` permission:
 router.Handle("/backup", gate.ProtectWithPermissions(&testHandler{}, []string{"read", "backup"}))
 ```

+If you're using an HTTP library that supports middlewares like [mux](https://github.com/gorilla/mux), you can protect 
+an entire group of handlers instead using `gate.Protect` or `gate.PermissionMiddleware()`:
+```go
+router := mux.NewRouter()
+
+userRouter := router.PathPrefix("/").Subrouter()
+userRouter.Use(gate.Protect)
+userRouter.HandleFunc("/api/v1/users/me", getUserProfile).Methods("GET")
+userRouter.HandleFunc("/api/v1/users/me/friends", getUserFriends).Methods("GET")
+userRouter.HandleFunc("/api/v1/users/me/email", updateUserEmail).Methods("PATCH")
+
+adminRouter := router.PathPrefix("/").Subrouter()
+adminRouter.Use(gate.PermissionMiddleware("admin"))
+adminRouter.HandleFunc("/api/v1/users/{id}/ban", banUserByID).Methods("POST")
+adminRouter.HandleFunc("/api/v1/users/{id}/delete", deleteUserByID).Methods("DELETE")
+```
+
+
 ## Rate limiting
 To add a rate limit of 100 requests per second:
-```
+```go
 gate := g8.New().WithRateLimit(100)
 ```

-## Special use cases
+
+## Accessing the token from the protected handlers
+If you need to access the token from the handlers you are protecting with g8, you can retrieve it from the
+request context by using the key `g8.TokenContextKey`:
+```go
+http.Handle("/handle", gate.ProtectFunc(func(w http.ResponseWriter, r *http.Request) {
+    token, _ := r.Context().Value(g8.TokenContextKey).(string)
+    // ...
+}))
+```
+
+## Examples
 ### Protecting a handler using session cookie
 If you want to only allow authenticated users to access a handler, you can use a custom token extractor function 
 combined with a client provider.
@ -236,3 +265,23 @@ http.Handle("/handle", gate.ProtectFunc(func(w http.ResponseWriter, r *http.Requ
    // ...
 }))
 ```
+
+### Using a custom header
+The logic is the same as the example above:
+```go
+customTokenExtractorFunc := func(request *http.Request) string {
+    return request.Header.Get("X-API-Token")
+}
+
+clientProvider := g8.NewClientProvider(func(token string) *g8.Client {
+    // We'll assume that the following function calls your database and returns a struct "User" that 
+    // has the user's token as well as the permissions granted to said user
+    user := database.GetUserByToken(token)
+    if user != nil {
+        return g8.NewClient(user.Token).WithPermissions(user.Permissions)
+    }
+    return nil
+})
+authorizationService := g8.NewAuthorizationService().WithClientProvider(clientProvider)
+gate := g8.New().WithAuthorizationService(authorizationService).WithCustomTokenExtractor(customTokenExtractorFunc)
+```