permify
Redis
permify | Redis | |
---|---|---|
39 | 32 | |
2,504 | 19,322 | |
3.9% | 0.9% | |
9.8 | 8.8 | |
4 days ago | 7 days ago | |
Go | Go | |
Apache License 2.0 | BSD 2-clause "Simplified" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
permify
-
Policy-Based Access Control (PBAC): A Comprehensive Overview
However, in this piece we're focusing on the PBAC model also known as Policy-Based Access Control and how it differentiates itself these from traditional access control models in terms of scalability, flexibility and security.
-
Show HN: AI assistant powered by Groq to generate authorization models
Hi I'm Karan, one of the maintainers of Permify (https://github.com/Permify/permify), an open source authorization service to build scalable authorization systems.
I want to share with you that we've built an AI assistant to help modeling your desired authorization logic! You can basically describe your authorization logic in Permify AI and it will generate the respective model and semantics accordingly. Think of it like ChatGPT for authorization modeling/policy generation.
Here's the project if you would like to play with it: https://ai.permify.co/.
Brief backstory:
Since authorization is generally a domain specific issue use cases vary widely - roles, relationships, attributes, hierarchies between business units, contextual permissions, etc.
To address this, we're offering a domain specific language that we built purely using golang to help model authorization logic programmatically. You can see what it looks like with sample examples in our playground: https://play.permify.co/
Although our domain specific language helps our users significantly, the general idea of policy generation is hard challenging if you have complex authorization logic and versatile permission requirements. Additionally, the flexibility of our modeling language allows for achieving the same policy/permissions through various approaches. But creating the best possible policy is crucial for several reasons including the performance of access checks, the readability of the authorization logic, visibility, and achieving least privilege, etc.
When we tallied up all those reasons, it hit us: using AI could really smooth out the policy generation process. It could not only reduce the engineering effort but also yield the best possible results. That's why we integrated Groq to make to create Permify AI!
Would love to get your feedback on this!
- OAuth 2.0 implementation in Node.js
-
Implementing JWT Authentication in a Golang Application
At that point consider exploring our solution, Permify. It's a Google Zanzibar-based open-source authorization service that helps to build scalable authorization systems.
-
Relationship Based Access Control (ReBAC): When To Use It
Additional to shifts from large tech companies, ReBAC based solutions increased over the time. We're also one of them, building an open source authorization service that builds its core on top of ReBAC and Google Zanzibar.
-
5 Open Source tools written in Golang that you should know about
Permify is an open-source service for creating and managing complex permissions in applications, inspired by Google Zanzibar. It offers a flexible authorization language compatible with various models like RBAC, ReBAC, and ABAC, and allows for efficient authorization data management in preferred databases. Permify's API facilitates access checks, resource filtering, and bulk permission analyses. It also includes comprehensive testing tools for authorization logic, including scenario-based testing and policy coverage analysis. Additionally, Permify supports multi-tenancy, enabling distinct authorization models for different applications within a single instance.
-
Authentication vs Authorization: Exploring The Difference
As Permify we're building open source authorization infrastructure to build fine grained authorization systems at scale. Would love to learn your use case and help you to build robust authorization systems. Don't hesitate to reach us from our Discord Channel!
- Permify: Open-Source Authorization Service For Building Fine Grained Authorization Systems At Scale!
-
Open-Source Authorization Service for Building Scalable Authorization Systems
Iām one of the maintainers of the OSS project Permify (https://github.com/Permify/permify), an open-source authorization service inspired by Google Zanzibar, which is the global authorization system used at Google to handle authorization for hundreds of its services and products, including YouTube, Drive, Calendar, Cloud, and Maps.
-
Show HN: Blending Go and WebAssembly to Build Authorization Playground
Hi folks,
Iām one of the maintainers and co-founder of the Go OSS project Permify (https://github.com/Permify/permify), an open-source authorization infrastructure inspired by Google Zanzibar.
I would like to share a post where we aimed to provide a brief overview of how we integrated WASM with Golang to provide a richer user experience in our open-source playground. You can use the playground to create and test any authorization logic in a browser.
The playground has three main sections:
Schema: to model your authorization logic through our domanin specific language we built.
Data: to create sample authorization data according to the model for use in tests.
Enforcement: to test your authorization structure bt access check scenarios.
Here's the post if you're interested: https://www.permify.co/post/wasm-go/
And here's the playground: https://play.permify.co/
Appreciate your time!
Redis
-
Using IAM authentication for Redis on AWS
MemoryDB documentation has an example for a Java application with the Lettuce client. The process is similar for other languages, but you still need to implement it. So, let's learn how to do it for a Go application with the widely used go-redis client.
-
Unexpected behavior from Redis cluster client - Keys not being found even if they exist in the cluster
We have setup a redis cluster with 3 master, and 3 slave nodes using redis-go package (https://github.com/redis/go-redis).
-
Building RESTful API with Hexagonal Architecture in Go
For building the RESTful Point of Sale service API, I've considered and selected a combination of technologies that would work seamlessly together. For handling HTTP requests and responses, using the Gin HTTP web framework would make sense because I think it seems complete and popular among Go community too. To ensure data integrity and persistence, I'm using PostgreSQL database with pgx as the database driver, the reason I choose PostgreSQL because it is the most popular relational database to use in production and offers efficient Go integration. I'm also implementing caching using Redis with go-redis client library, which provides powerful in-memory data storage capabilities.
-
Authentication system using Golang and Sveltekit - Initialization and setup
Following the completion of the series ā Secure and performant full-stack authentication system using rust (actix-web) and sveltekit and Secure and performant full-stack authentication system using Python (Django) and SvelteKit ā I felt I should keep the streak by building an equivalent system in PURE go with very minimal external dependencies. We won't use any fancy web framework apart from httprouter and other basic dependencies including a database driver (pq), and redis client. As usual, we'll be using SvelteKit at the front end, favouring JSDoc instead of TypeScript. The combination is ecstatic!
- Go linter and helper for the OpenTelemetry SDK
- Redis with golang
-
Tools besides Go for a newbie
IDE: use whatever make you productive. I personally use vscode. VCS: git, as golang communities use github heavily as base for many libraries. AFAIK Linter: use staticcheck for linting as it looks like mostly used linting tool in go, supported by many also. In Vscode it will be recommended once you install go plugin. Libraries/Framework: actually the standard libraries already included many things you need, decent enough for your day-to-day development cycles(e.g. `net/http`). But here are things for extra: - Struct fields validator: validator - Http server lib: chi router , httprouter , fasthttp (for non standard http implementations, but fast) - Web Framework: echo , gin , fiber , beego , etc - Http client lib: most already covered by stdlib(net/http), so you rarely need extra lib for this, but if you really need some are: resty - CLI: cobra - Config: godotenv , viper - DB Drivers: sqlx , postgre , sqlite , mysql - nosql: redis , mongodb , elasticsearch - ORM: gorm , entgo , sqlc(codegen) - JS Transpiler: gopherjs - GUI: fyne - grpc: grpc - logging: zerolog - test: testify , gomock , dockertest - and many others you can find here
-
Should I reuse the connection on Redis or close it after every use?
Asynq uses https://github.com/go-redis/redis in order to connect to Redis. Whenever you create a client using go-redis, the client internally manages a connection pool, so when you need to execute a command in Redis the client just retrieves a connection from the pool and uses it. After using it, the connection is released and it goes back to the pool (no need to say that the Redis client is thread-safe).
-
a tool for quickly creating web and microservice code
Caching component go-redis ristretto
-
Storage Layer š¦
First thing first, we will install Redis client for Golang
What are some alternatives?
Ory Keto - Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.
redigo - Go client for Redis
openfga - A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
riot - Go Open Source, Distributed, Simple and efficient Search Engine; Warning: This is V1 and beta version, because of big memory consume, and the V2 will be rewrite all code.
spicedb - Open Source, Google Zanzibar-inspired permissions database to enable fine-grained access control for customer applications
Hiredis - Minimalistic C client for Redis >= 1.2
topaz - Cloud-native authorization for modern applications and APIs
mongo-go-driver - The Official Golang driver for MongoDB
kala-go - An authorization framework written in Go based on Google's Zanzibar.
Go-NATS-Streaming-gRPC-PostgreSQL - Go Nats Streaming gRPC PostgerSQL emails microservice
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
mgo - Go Doc Dot Org