xyproto / permissions2 Goto Github PK

Hello

I'm looking at connecting to Redis with the data encrypted in transit. One public example would be using AWS Elasticache as the Redis backend with the feature enabled as described here.

It doesn't appear to be possible to configure this kind of encryption for permissions2. Is that correct or did I miss something? If yes, can you please consider adding support for this functionality? If not, can we have a code example?

Speaking of which, the code examples are great and much appreciated!

Thanks,
Pierre

Hi, there is a project called casbin. It is an authorization library that supports models like MAC, RBAC, ABAC. Maybe it can assist your need in the perm management.

First of all, thank you. This is a great package indeed that works very well with Echo. I have tried a few but i am sticking with this one for now.
I have a few questions concerning this package that could help me better implement it and clarify some things.

• Why Redis database? It would only make sense if there was a way to make data persistent. I tried to look and see if that is the case but i was confused. Is the data persistent? I can testify that it is truly efficient and fast but i also want to save as much RAM/memory for my real program.

• Bolt database stores data in the root directory in a file! To me that sounds a bit risky. Is that by design?

• Also, bolt almost looks and works like Amazon S3. Would you mind supporting that in the future for folks like me that would rather save everything in a cloud key/value storage?

• About JWT -- I can actually incorporate that but your package seems to almost implement things the same way. Am i losing anything by not using JWT vs cookies?

Regards.

There MYSQL support plan?

Show example for passing userstate to handler functions contained in a different file.

Hi, I'm interested in use permissions but I'd like avoid install redis for small projects, I know than redis is great and I'm currently using it in medium/big projects but for small ones seems a bit unnecessary, would be possible use maybe a key/value golang storage and avoid need install more tools?...or maybe a memory persistent...

thanks

Is this project alive or abandoned?

We find out that every time when we restart server we have different cookie secret. We don't use rand package and don't seed it, that may be doing one of another package, but we don't have control over that.

Hi Folks,

How can we handle the errors from Redis if we are using the default implementation?

Thanks!

There is no function in UserState permitting to hange a user password (update the password hash).

Would it be possible to have one ?

it says:
dial tcp :6379: connectex: The requested address is not valid in its context.
the redis server is already run.

How do I specify the Redis password? I tried using password@host:port without success.

Hello, are there any plans to add support for fasthttp? https://github.com/valyala/fasthttp
https://github.com/valyala/fasthttp#switching-from-nethttp-to-fasthttp

Thanks!

What would be the best way to disable a user without deleting them? Maybe for disciplinary action or for reported abuse?

An example for golang's builtin http package would be good

It has been great using this package for the last 4 or more years.
I would like to migrate to a more robust user management system.
Would you be able to help me understand the database setup?
We can email privately if this is a security issue.
Thanks.

Hello again,

I have managed to incorporate permissions2 into my project and I think that small change can make a big difference. Permissions2 is by far the most flexible user auth package in go.
By default "username" seems to be a unique field as I quess was the original intention of the project. But to make it really unique I have found myself using email or uuid for username.
If it was "useridentity" or "userid", then I could easily use email or uuid or anything unique without having to worry about code readability later. I would also still have username available for an actual username or useralias.

Expecting to get a version of permissions working with mongodb instead redis, this is really important feature, please implement it if possible.
Thanks.

I am doing my admin module now and i can't seem to figure this part out. On the examples i see you check if perm.Rejected(w, req) but i don't seem to know how to set the rejected part.

Lets say i just checked userstate.IsAdmin("bob") and it is false. How do i deny here and use middleware to check that.

I am using echo but a good example should work too in any of those frameworks.