casbin
validator
Our great sponsors
casbin | validator | |
---|---|---|
38 | 68 | |
16,865 | 15,562 | |
1.4% | 2.5% | |
7.2 | 7.4 | |
19 days ago | 7 days ago | |
Go | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
casbin
-
A guide to Auth & Access Control in web apps 🔐
https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.
-
Help needed - is there a product that provides the auth functionality we need?
Looks like you’re looking for a role-based access control (RBAC) module on your backend. What you would do is attach roles to your users/tokens which would allow or deny any specific action on a resource. Take a look at https://casbin.org/ that might be useful.
-
Keycloak – Open-Source Identity and Access Management Interview
Looking at your username, it would be nice to mention that you are one of the main developers behind the tool instead of making it sound like you are unrelated: https://github.com/casbin/casbin/graphs/contributors https://github.com/casdoor/casdoor/graphs/contributors
- Why elixir over Golang
-
Recommendations for a fine-grained authorization engine?
We use casbin . We’re using python version, but it has libraries for many languages. There are some adapters for loading policies from a datastore but we are not using any of them
-
Help me choose Auth Tech Stack for SaaS?
- Casbin handles RBAC, ABAC: https://casbin.org/
- I created Atomic: Self Hosted Open Source Alternative to Reclaim, Clockwise & Motion
-
Permissions (access control) in web apps
https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.
-
RBAC and OAuth2.0 Scope based Access control with Go-Chi
You can probably look into casbin
- Something like Keycloak but in Go?
validator
- API completa em Golang - Parte 7
- API completa em Golang - Parte 3
-
Is there any equivalent to pydantic, serde, etc?
go-playground/validator
- API completa em Golang - Parte 1
-
API validation in Gin: Ensuring Data Integrity in Your API
If you want to know all the available validation in Gin. Then you can look at this package because Gin uses this package under the hood. Package: https://github.com/go-playground/validator Specific-file: https://github.com/go-playground/validator/blob/master/baked_in.go#L73
-
Yet another validator 0.9.5
Now it has most of the Playground validator's common checks and a few own tricks.
-
Openapi server generation
In Go I've found this package - https://github.com/go-playground/validator. It seems popular in the community, but it is tag-based. It looks like if I wanted to use it - I would have to basically duplicate structs.
-
Validator in handler or domain
so I am working on a ecommerce api as a hobby project which is mostly inspired by wtf dial project I like to use validator package to remove boilerplate over my domain package for example take a look https://github.com/mortezadadgar/ecommerce-api/blob/b0bf43d042d62fdca1c2d097ec51b05bc539cef2/domain/users.go#L33 I have to option either add validate.Struct() to my domain which is suggested to avoid by author of wtf peoject or add it to handler which I doubt is a good idea as it's not in business logic of handler and makes unit testing harder
-
Request Validations in Go REST API
I use https://github.com/go-playground/validator, but honestly, I am not a fan. I just haven’t found anything better.
-
Tools besides Go for a newbie
IDE: use whatever make you productive. I personally use vscode. VCS: git, as golang communities use github heavily as base for many libraries. AFAIK Linter: use staticcheck for linting as it looks like mostly used linting tool in go, supported by many also. In Vscode it will be recommended once you install go plugin. Libraries/Framework: actually the standard libraries already included many things you need, decent enough for your day-to-day development cycles(e.g. `net/http`). But here are things for extra: - Struct fields validator: validator - Http server lib: chi router , httprouter , fasthttp (for non standard http implementations, but fast) - Web Framework: echo , gin , fiber , beego , etc - Http client lib: most already covered by stdlib(net/http), so you rarely need extra lib for this, but if you really need some are: resty - CLI: cobra - Config: godotenv , viper - DB Drivers: sqlx , postgre , sqlite , mysql - nosql: redis , mongodb , elasticsearch - ORM: gorm , entgo , sqlc(codegen) - JS Transpiler: gopherjs - GUI: fyne - grpc: grpc - logging: zerolog - test: testify , gomock , dockertest - and many others you can find here
What are some alternatives?
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
ozzo-validation - An idiomatic Go (golang) validation package. Supports configurable and extensible validation rules (validators) using normal language constructs instead of error-prone struct tags.
casdoor - An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA and RADIUS [Moved to: https://github.com/casdoor/casdoor]
govalidator - [Go] Package of validators and sanitizers for strings, numerics, slices and structs
Ory Keto - Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.
grpc-go - The Go language implementation of gRPC. HTTP/2 based RPC
CASL - CASL is an isomorphic authorization JavaScript library which restricts what resources a given user is allowed to access
viper - Go configuration with fangs
zanzibar - A build system & configuration system to generate versioned API gateways.
uuid - Go package for UUIDs based on RFC 4122 and DCE 1.1: Authentication and Security Services.
jwt-auth - This package provides json web token (jwt) middleware for goLang http servers
fiber-swagger - fiber middleware to automatically generate RESTful API documentation with Swagger 2.0.