casbin
zap
Our great sponsors
casbin | zap | |
---|---|---|
38 | 51 | |
16,865 | 20,947 | |
1.4% | 1.7% | |
7.2 | 8.1 | |
19 days ago | 2 days ago | |
Go | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
casbin
-
A guide to Auth & Access Control in web apps 🔐
https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.
-
Help needed - is there a product that provides the auth functionality we need?
Looks like you’re looking for a role-based access control (RBAC) module on your backend. What you would do is attach roles to your users/tokens which would allow or deny any specific action on a resource. Take a look at https://casbin.org/ that might be useful.
-
Keycloak – Open-Source Identity and Access Management Interview
Looking at your username, it would be nice to mention that you are one of the main developers behind the tool instead of making it sound like you are unrelated: https://github.com/casbin/casbin/graphs/contributors https://github.com/casdoor/casdoor/graphs/contributors
- Why elixir over Golang
-
Recommendations for a fine-grained authorization engine?
We use casbin . We’re using python version, but it has libraries for many languages. There are some adapters for loading policies from a datastore but we are not using any of them
-
Help me choose Auth Tech Stack for SaaS?
- Casbin handles RBAC, ABAC: https://casbin.org/
- I created Atomic: Self Hosted Open Source Alternative to Reclaim, Clockwise & Motion
-
Permissions (access control) in web apps
https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.
-
RBAC and OAuth2.0 Scope based Access control with Go-Chi
You can probably look into casbin
- Something like Keycloak but in Go?
zap
- Desvendando o package fmt do Go
-
Building RESTful API with Hexagonal Architecture in Go
The project currently uses slog package from standard library for logging. But switching to a more advanced logger like zap could offer more flexibility and features.
-
Structured Logging with Slog
It's nice to have this in the standard library, but it doesn't solve any existing pain points around structured log metadata and contexts. We use zap [0] and store a zap logger on the request context which allows different parts of the request pipeline to log with things like tenantid, traceId, and correlationId automatically appended. But getting a logger off the context is annoying, leads to inconsistent logging practices, and creates a logger dependency throughout most of our Go code.
[0] https://github.com/uber-go/zap
-
Kubebuilder Tips and Tricks
Kubebuilder, like much of the k8s ecosystem, utilizes zap for logging. Out of the box, the Kubebuilder zap configuration outputs a timestamp for each log, which gets formatted using scientific notation. This makes it difficult for me to read the time of an event just by glancing at it. Personally, I prefer ISO 8601, so let's change it!
-
Go 1.21 Released
What else would you expect from a structured logging package?
To me it absolutely makes sense as the default and standard for 99% of applications, and the API isn't much unlike something like Zap[0] (a popular Go structured logger).
The attributes aren't an "arbitrary" concept, they're a completely normal concept for structured loggers. Groups are maybe less standard, but reasonable nevertheless.
I'm not sure if you're aware that this is specifically a structured logging package. There already is a "simple" logging package[1] in the sodlib, and has been for ages, and isn't particularly fast either to my knowledge. If you want really fast you take a library (which would also make sure to optimize allocations heavily).
[0]: https://pkg.go.dev/go.uber.org/zap
[1]: https://pkg.go.dev/log
- Efficient logging in Go?
-
Why elixir over Golang
And finally for structured logging: https://github.com/uber-go/zap
-
Beginner-friendly API made with Go following hexagonal architecture.
For logging: I recommend using Uber Zap https://github.com/uber-go/zap It will log stack backtraces and makes it super easy to debug errors when deployed. I typically log in the business logic and not below. And log at the entry for failures to start the system. Maybe not necessary for this example, but it’s an essential piece of any API backend.
- slogx - slog package extensions and middlewares
- Why it is so weirdo??
What are some alternatives?
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
logrus - Structured, pluggable logging for Go.
casdoor - An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA and RADIUS [Moved to: https://github.com/casdoor/casdoor]
zerolog - Zero Allocation JSON Logger
Ory Keto - Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.
slog
CASL - CASL is an isomorphic authorization JavaScript library which restricts what resources a given user is allowed to access
glog - Leveled execution logs for Go
zanzibar - A build system & configuration system to generate versioned API gateways.
go-log - a golang log lib supports level and multi handlers
jwt-auth - This package provides json web token (jwt) middleware for goLang http servers
log - Structured logging package for Go.