Middleware for keeping track of users, login states and permissions.
- Uses secure cookies and stores user information in a Redis database.
- Suitable for running a local Redis server, registering/confirming users and managing public/user/admin pages.
- Also supports connecting to remote Redis servers.
- Does not support SQL databases. For MariaDB/MySQL support, look into permissionsql.
- For Bolt database support (no database host needed, uses a file), look into permissionbolt.
- For PostgreSQL database support (using the HSTORE feature), look into pstore.
- Supports registration and confirmation via generated confirmation codes.
- Tries to keep things simple.
- Only supports public, user and admin permissions out of the box, but offers functionality for implementing more fine grained permissions, if so desired.
- The default permissions can be cleared with the
function. - Supports Negroni, Martini, Gin, Goji and plain
. - Should also work with other frameworks, since the standard
is used everywhere.
Example for Negroni
package main
import (
func main() {
n := negroni.Classic()
mux := http.NewServeMux()
// New permissions middleware
perm, err := permissions.New2()
if err != nil {
// Blank slate, no default permissions
// Get the userstate, used in the handlers below
userstate := perm.UserState()
mux.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Has user bob: %v\n", userstate.HasUser("bob"))
fmt.Fprintf(w, "Logged in on server: %v\n", userstate.IsLoggedIn("bob"))
fmt.Fprintf(w, "Is confirmed: %v\n", userstate.IsConfirmed("bob"))
fmt.Fprintf(w, "Username stored in cookies (or blank): %v\n", userstate.Username(req))
fmt.Fprintf(w, "Current user is logged in, has a valid cookie and *user rights*: %v\n", userstate.UserRights(req))
fmt.Fprintf(w, "Current user is logged in, has a valid cookie and *admin rights*: %v\n", userstate.AdminRights(req))
fmt.Fprintf(w, "\nTry: /register, /confirm, /remove, /login, /logout, /makeadmin, /clear, /data and /admin")
mux.HandleFunc("/register", func(w http.ResponseWriter, req *http.Request) {
userstate.AddUser("bob", "hunter1", "bob@zombo.com")
fmt.Fprintf(w, "User bob was created: %v\n", userstate.HasUser("bob"))
mux.HandleFunc("/confirm", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "User bob was confirmed: %v\n", userstate.IsConfirmed("bob"))
mux.HandleFunc("/remove", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "User bob was removed: %v\n", !userstate.HasUser("bob"))
mux.HandleFunc("/login", func(w http.ResponseWriter, req *http.Request) {
userstate.Login(w, "bob")
fmt.Fprintf(w, "bob is now logged in: %v\n", userstate.IsLoggedIn("bob"))
mux.HandleFunc("/logout", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "bob is now logged out: %v\n", !userstate.IsLoggedIn("bob"))
mux.HandleFunc("/makeadmin", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "bob is now administrator: %v\n", userstate.IsAdmin("bob"))
mux.HandleFunc("/clear", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Clearing cookie")
mux.HandleFunc("/data", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "user page that only logged in users must see!")
mux.HandleFunc("/admin", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "super secret information that only logged in administrators must see!\n\n")
if usernames, err := userstate.AllUsernames(); err == nil {
fmt.Fprintf(w, "list of all users: "+strings.Join(usernames, ", "))
// Custom handler for when permissions are denied
perm.SetDenyFunction(func(w http.ResponseWriter, req *http.Request) {
http.Error(w, "Permission denied!", http.StatusForbidden)
// Enable the permissions middleware
// Use mux for routing, this goes last
// Serve
Example for Martini
package main
import (
func main() {
m := martini.Classic()
// New permissions middleware
perm, err := permissions.New2()
if err != nil {
// Blank slate, no default permissions
// Get the userstate, used in the handlers below
userstate := perm.UserState()
m.Get("/", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Has user bob: %v\n", userstate.HasUser("bob"))
fmt.Fprintf(w, "Logged in on server: %v\n", userstate.IsLoggedIn("bob"))
fmt.Fprintf(w, "Is confirmed: %v\n", userstate.IsConfirmed("bob"))
fmt.Fprintf(w, "Username stored in cookies (or blank): %v\n", userstate.Username(req))
fmt.Fprintf(w, "Current user is logged in, has a valid cookie and *user rights*: %v\n", userstate.UserRights(req))
fmt.Fprintf(w, "Current user is logged in, has a valid cookie and *admin rights*: %v\n", userstate.AdminRights(req))
fmt.Fprintf(w, "\nTry: /register, /confirm, /remove, /login, /logout, /makeadmin, /clear, /data and /admin")
m.Get("/register", func(w http.ResponseWriter) {
userstate.AddUser("bob", "hunter1", "bob@zombo.com")
fmt.Fprintf(w, "User bob was created: %v\n", userstate.HasUser("bob"))
m.Get("/confirm", func(w http.ResponseWriter) {
fmt.Fprintf(w, "User bob was confirmed: %v\n", userstate.IsConfirmed("bob"))
m.Get("/remove", func(w http.ResponseWriter) {
fmt.Fprintf(w, "User bob was removed: %v\n", !userstate.HasUser("bob"))
m.Get("/login", func(w http.ResponseWriter) {
userstate.Login(w, "bob")
fmt.Fprintf(w, "bob is now logged in: %v\n", userstate.IsLoggedIn("bob"))
m.Get("/logout", func(w http.ResponseWriter) {
fmt.Fprintf(w, "bob is now logged out: %v\n", !userstate.IsLoggedIn("bob"))
m.Get("/makeadmin", func(w http.ResponseWriter) {
fmt.Fprintf(w, "bob is now administrator: %v\n", userstate.IsAdmin("bob"))
m.Get("/clear", func(w http.ResponseWriter) {
fmt.Fprintf(w, "Clearing cookie")
m.Get("/data", func(w http.ResponseWriter) {
fmt.Fprintf(w, "user page that only logged in users must see!")
m.Get("/admin", func(w http.ResponseWriter) {
fmt.Fprintf(w, "super secret information that only logged in administrators must see!\n\n")
if usernames, err := userstate.AllUsernames(); err == nil {
fmt.Fprintf(w, "list of all users: "+strings.Join(usernames, ", "))
// Set up a middleware handler for Martini, with a custom "permission denied" message.
permissionHandler := func(w http.ResponseWriter, req *http.Request, c martini.Context) {
// Check if the user has the right admin/user rights
if perm.Rejected(w, req) {
// Deny the request
http.Error(w, "Permission denied!", http.StatusForbidden)
// Reject the request by not calling the next handler below
// Call the next middleware handler
// Enable the permissions middleware
// Serve
Example for Gin
package main
import (
func main() {
g := gin.New()
// New permissions middleware
perm, err := permissions.New2()
if err != nil {
// Blank slate, no default permissions
// Set up a middleware handler for Gin, with a custom "permission denied" message.
permissionHandler := func(c *gin.Context) {
// Check if the user has the right admin/user rights
if perm.Rejected(c.Writer, c.Request) {
// Deny the request, don't call other middleware handlers
fmt.Fprint(c.Writer, "Permission denied!")
// Call the next middleware handler
// Logging middleware
// Enable the permissions middleware, must come before recovery
// Recovery middleware
// Get the userstate, used in the handlers below
userstate := perm.UserState()
g.GET("/", func(c *gin.Context) {
msg := ""
msg += fmt.Sprintf("Has user bob: %v\n", userstate.HasUser("bob"))
msg += fmt.Sprintf("Logged in on server: %v\n", userstate.IsLoggedIn("bob"))
msg += fmt.Sprintf("Is confirmed: %v\n", userstate.IsConfirmed("bob"))
msg += fmt.Sprintf("Username stored in cookies (or blank): %v\n", userstate.Username(c.Request))
msg += fmt.Sprintf("Current user is logged in, has a valid cookie and *user rights*: %v\n", userstate.UserRights(c.Request))
msg += fmt.Sprintf("Current user is logged in, has a valid cookie and *admin rights*: %v\n", userstate.AdminRights(c.Request))
msg += fmt.Sprintln("\nTry: /register, /confirm, /remove, /login, /logout, /makeadmin, /clear, /data and /admin")
c.String(http.StatusOK, msg)
g.GET("/register", func(c *gin.Context) {
userstate.AddUser("bob", "hunter1", "bob@zombo.com")
c.String(http.StatusOK, fmt.Sprintf("User bob was created: %v\n", userstate.HasUser("bob")))
g.GET("/confirm", func(c *gin.Context) {
c.String(http.StatusOK, fmt.Sprintf("User bob was confirmed: %v\n", userstate.IsConfirmed("bob")))
g.GET("/remove", func(c *gin.Context) {
c.String(http.StatusOK, fmt.Sprintf("User bob was removed: %v\n", !userstate.HasUser("bob")))
g.GET("/login", func(c *gin.Context) {
// Headers will be written, for storing a cookie
userstate.Login(c.Writer, "bob")
c.String(http.StatusOK, fmt.Sprintf("bob is now logged in: %v\n", userstate.IsLoggedIn("bob")))
g.GET("/logout", func(c *gin.Context) {
c.String(http.StatusOK, fmt.Sprintf("bob is now logged out: %v\n", !userstate.IsLoggedIn("bob")))
g.GET("/makeadmin", func(c *gin.Context) {
c.String(http.StatusOK, fmt.Sprintf("bob is now administrator: %v\n", userstate.IsAdmin("bob")))
g.GET("/clear", func(c *gin.Context) {
c.String(http.StatusOK, "Clearing cookie")
g.GET("/data", func(c *gin.Context) {
c.String(http.StatusOK, "user page that only logged in users must see!")
g.GET("/admin", func(c *gin.Context) {
c.String(http.StatusOK, "super secret information that only logged in administrators must see!\n\n")
if usernames, err := userstate.AllUsernames(); err == nil {
c.String(http.StatusOK, "list of all users: "+strings.Join(usernames, ", "))
// Serve
Example for Goji
package main
import (
func main() {
// New permissions middleware
perm, err := permissions.New2()
if err != nil {
// Blank slate, no default permissions
// Get the userstate, used in the handlers below
userstate := perm.UserState()
goji.Get("/", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Has user bob: %v\n", userstate.HasUser("bob"))
fmt.Fprintf(w, "Logged in on server: %v\n", userstate.IsLoggedIn("bob"))
fmt.Fprintf(w, "Is confirmed: %v\n", userstate.IsConfirmed("bob"))
fmt.Fprintf(w, "Username stored in cookies (or blank): %v\n", userstate.Username(req))
fmt.Fprintf(w, "Current user is logged in, has a valid cookie and *user rights*: %v\n", userstate.UserRights(req))
fmt.Fprintf(w, "Current user is logged in, has a valid cookie and *admin rights*: %v\n", userstate.AdminRights(req))
fmt.Fprintf(w, "\nTry: /register, /confirm, /remove, /login, /logout, /makeadmin, /clear, /data and /admin")
goji.Get("/register", func(w http.ResponseWriter, req *http.Request) {
userstate.AddUser("bob", "hunter1", "bob@zombo.com")
fmt.Fprintf(w, "User bob was created: %v\n", userstate.HasUser("bob"))
goji.Get("/confirm", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "User bob was confirmed: %v\n", userstate.IsConfirmed("bob"))
goji.Get("/remove", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "User bob was removed: %v\n", !userstate.HasUser("bob"))
goji.Get("/login", func(w http.ResponseWriter, req *http.Request) {
userstate.Login(w, "bob")
fmt.Fprintf(w, "bob is now logged in: %v\n", userstate.IsLoggedIn("bob"))
goji.Get("/logout", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "bob is now logged out: %v\n", !userstate.IsLoggedIn("bob"))
goji.Get("/makeadmin", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "bob is now administrator: %v\n", userstate.IsAdmin("bob"))
goji.Get("/clear", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Clearing cookie")
goji.Get("/data", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "user page that only logged in users must see!")
goji.Get("/admin", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "super secret information that only logged in administrators must see!\n\n")
if usernames, err := userstate.AllUsernames(); err == nil {
fmt.Fprintf(w, "list of all users: "+strings.Join(usernames, ", "))
// Custom "permissions denied" message
perm.SetDenyFunction(func(w http.ResponseWriter, req *http.Request) {
http.Error(w, "Permission denied!", http.StatusForbidden)
// Permissions middleware for Goji
permissionHandler := func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
// Check if the user has the right admin/user rights
if perm.Rejected(w, req) {
// Deny the request
perm.DenyFunction()(w, req)
// Serve the requested page
next.ServeHTTP(w, req)
// Enable the permissions middleware
// Goji will listen to port 8000 by default
package main
import (
type permissionHandler struct {
// perm is a Permissions structure that can be used to deny requests
// and acquire the UserState. By using `pinterface.IPermissions` instead
// of `*permissions.Permissions`, the code is compatible with not only
// `permissions2`, but also other modules that uses other database
// backends, like `permissionbolt` which uses Bolt.
perm pinterface.IPermissions
// The HTTP multiplexer
mux *http.ServeMux
// Implement the ServeHTTP method to make a permissionHandler a http.Handler
func (ph *permissionHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
// Check if the user has the right admin/user rights
if ph.perm.Rejected(w, req) {
// Let the user know, by calling the custom "permission denied" function
ph.perm.DenyFunction()(w, req)
// Reject the request
// Serve the requested page if permissions were granted
ph.mux.ServeHTTP(w, req)
func main() {
mux := http.NewServeMux()
// New permissions middleware
perm, err := permissions.New2()
if err != nil {
// Blank slate, no default permissions
// Get the userstate, used in the handlers below
userstate := perm.UserState()
mux.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Has user bob: %v\n", userstate.HasUser("bob"))
fmt.Fprintf(w, "Logged in on server: %v\n", userstate.IsLoggedIn("bob"))
fmt.Fprintf(w, "Is confirmed: %v\n", userstate.IsConfirmed("bob"))
fmt.Fprintf(w, "Username stored in cookies (or blank): %v\n", userstate.Username(req))
fmt.Fprintf(w, "Current user is logged in, has a valid cookie and *user rights*: %v\n", userstate.UserRights(req))
fmt.Fprintf(w, "Current user is logged in, has a valid cookie and *admin rights*: %v\n", userstate.AdminRights(req))
fmt.Fprintf(w, "\nTry: /register, /confirm, /remove, /login, /logout, /makeadmin, /clear, /data and /admin")
mux.HandleFunc("/register", func(w http.ResponseWriter, req *http.Request) {
userstate.AddUser("bob", "hunter1", "bob@zombo.com")
fmt.Fprintf(w, "User bob was created: %v\n", userstate.HasUser("bob"))
mux.HandleFunc("/confirm", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "User bob was confirmed: %v\n", userstate.IsConfirmed("bob"))
mux.HandleFunc("/remove", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "User bob was removed: %v\n", !userstate.HasUser("bob"))
mux.HandleFunc("/login", func(w http.ResponseWriter, req *http.Request) {
userstate.Login(w, "bob")
fmt.Fprintf(w, "bob is now logged in: %v\n", userstate.IsLoggedIn("bob"))
mux.HandleFunc("/logout", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "bob is now logged out: %v\n", !userstate.IsLoggedIn("bob"))
mux.HandleFunc("/makeadmin", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "bob is now administrator: %v\n", userstate.IsAdmin("bob"))
mux.HandleFunc("/clear", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Clearing cookie")
mux.HandleFunc("/data", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "user page that only logged in users must see!")
mux.HandleFunc("/admin", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "super secret information that only logged in administrators must see!\n\n")
if usernames, err := userstate.AllUsernames(); err == nil {
fmt.Fprintf(w, "list of all users: "+strings.Join(usernames, ", "))
// Custom handler for when permissions are denied
perm.SetDenyFunction(func(w http.ResponseWriter, req *http.Request) {
http.Error(w, "Permission denied!", http.StatusForbidden)
// Configure the HTTP server and permissionHandler struct
s := &http.Server{
Addr: ":3000",
Handler: &permissionHandler{perm, mux},
ReadTimeout: 10 * time.Second,
WriteTimeout: 10 * time.Second,
MaxHeaderBytes: 1 << 20,
log.Println("Listening for requests on port 3000")
// Start listening
- The /admin path prefix has admin rights by default.
- These path prefixes have user rights by default: /repo and /data
- These path prefixes are public by default: /, /login, /register, /style, /img, /js, /favicon.ico, /robots.txt and /sitemap_index.xml
The default permissions can be cleared with the Clear()
- bcrypt is used by default for hashing passwords. sha256 is also supported.
- By default, all new password will be hashed with bcrypt.
- For backwards compatibility, old password hashes with the length of a sha256 hash will be checked with sha256. To disable this behavior, and only ever use bcrypt, add this line:
- The code shall always be formatted with
go fmt
- Setting a property:
username := "bob"
propertyName := "clever"
propertyValue := "yes"
userstate.Users().Set(username, propertyName, propertyValue)
- Getting a property:
username := "bob"
propertyName := "clever"
propertyValue, err := userstate.Users().Get(username, propertyName)
if err != nil {
return err
fmt.Printf("%s is %s: %s\n", username, propertyName, propertyValue)
Using the *pinterface.IUserState
type (from the pinterface package) makes it possible to pass UserState structs between functions, also in other packages. By using this interface, it is possible to seamlessly change the database backend from, for instance, Redis (permissions2) to BoltDB (permissionbolt). pstore
, /permissionsql
, permissionbolt
and permissions2
are interchangeable.
- Version: 2.3
- License: MIT
- Alexander F Rødseth <xyproto@archlinux.org>