-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Add licence header * Update library version
Showing
10 changed files
with
314 additions
and
123 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,6 +4,26 @@ Securing a REST API with Cerbos | |
This project demonstrates how to secure a REST API using Cerbos policies. It also shows how to run Cerbos as a sidecar. | ||
|
||
|
||
How it works | ||
------------ | ||
|
||
HTTP middleware checks the username and password sent with each request against the user database and builds a Cerbos principal object containing roles and attributes. | ||
|
||
```go | ||
principal := cerbos.NewPrincipal(username). | ||
WithRoles(record.Roles...). | ||
WithAttr("aisles", record.Aisles). | ||
WithAttr("ipAddress", r.RemoteAddr) | ||
``` | ||
|
||
Checking access is as simple as making a call to Cerbos PDP. | ||
|
||
```go | ||
resource := cerbos.NewResource("inventory", item.ID).WithAttr("aisle", item.Aisle) | ||
allowed, err := cerbos.IsAllowed(ctx, principal, resource, "DELETE") | ||
``` | ||
|
||
|
||
The Store API | ||
------------- | ||
|
||
|
@@ -277,3 +297,11 @@ curl -i -u bella:bellasStrongPassword -XDELETE http://localhost:9999/backoffice/ | |
} | ||
``` | ||
</details> | ||
|
||
|
||
Get help | ||
-------- | ||
|
||
- Visit the [Cerbos website](https://cerbos.dev) | ||
- [Join the Cerbos community on Slack](http://go.cerbos.io/slack) | ||
- Email us at [email protected] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,5 @@ | ||
// Copyright 2021 Zenauth Ltd. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
package db | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,5 @@ | ||
// Copyright 2021 Zenauth Ltd. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
package db | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,5 @@ | ||
// Copyright 2021 Zenauth Ltd. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
package db | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,5 @@ | ||
// Copyright 2021 Zenauth Ltd. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
package main | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters