Awesome Open Source
Awesome Open Source

beego-authz Build Status Coverage Status GoDoc

beego-authz is an authorization middleware for Beego. It provides authorization like ACL, RBAC, ABAC based on Casbin: https://github.com/casbin/casbin

With beego-authz, you can control who can access what resource via which method for your Beego app.

Get Started

Step 1: edit the policy

Modify the Casbin model: authz_model.conf and policy: authz_policy.csv as you want. You may need to learn Casbin's basics to know how to edit these files. The policy means that the user alice can access /dataset1/* via GET and /dataset1/resource1 via POST. The similar way applies to user bob. cathy has the role dataset1_admin, which is permitted to access any resources under /dataset1/ with any action. For more advanced usage of Casbin (like database support, policy language grammar, etc), please refer to Casbin: https://github.com/casbin/casbin

Step 2: integrate with Beego

Insert the Casbin authorizer as a Beego filter.

beego.InsertFilter("*", beego.BeforeRouter, authz.NewAuthorizer(casbin.NewEnforcer("authz_model.conf", "authz_policy.csv")))

Step 3: setup with authentication

Make sure you already have an authentication mechanism, so you know who is accessing, like a username. Modify the GetUserName() method to let Casbin know the current authenticated username.

Getting Help

License

This project is under Apache 2.0 License. See the LICENSE file for the full license text.


Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
go (14,899
security (1,874
authorization (214
access-control (65
casbin (41
beego (29