package module
Version: v1.0.0 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jan 31, 2020 License: MIT Imports: 7 Imported by: 1


GoDoc Build Status Go Report Card

JWT Token Authentication Middleware for Buffalo


$ go get -u


For details on how to use this middleware, see the godocs.

You can also gain insight into how to use it by looking at the tests



Package tokenauth provides jwt token authorisation middleware supports HMAC, RSA, ECDSA, RSAPSS algorithms uses for jwt implementation

Setting Up tokenauth middleware

Using tokenauth with defaults


Specifying Signing method for JWT

    SignMethod: jwt.SigningMethodRS256,

By default the Key used is loaded from the JWT_SECRET or JWT_PUBLIC_KEY env variable depending on the SigningMethod used. However you can retrive the key from a different source.

    GetKey: func(jwt.SigningMethod) (interface{}, error) {
         // Your Implementation here ...

Default authorisation scheme is Bearer, you can specify your own.

    AuthScheme: "Token"

Creating a new token

This can be referred from the underlying JWT package being used


claims := jwt.MapClaims{}
claims["userid"] = "123"
claims["exp"] = time.Now().Add(time.Minute * 5).Unix()
// add more claims
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err := token.SignedString([]byte(SecretKey))

Getting Claims from JWT token from buffalo context

Example of retriving username from claims (this step is same regardless of the signing method used)

claims := c.Value("claims").(jwt.MapClaims)
username := claims["username"].(string)



This section is empty.


View Source
var (
	// ErrTokenInvalid is returned when the token provided is invalid
	ErrTokenInvalid = errors.New("token invalid")
	// ErrNoToken is returned if no token is supplied in the request.
	ErrNoToken = errors.New("token not found in request")
	// ErrBadSigningMethod is returned if the token sign method in the request
	// does not match the signing method used
	ErrBadSigningMethod = errors.New("unexpected signing method")


func GetHMACKey

func GetHMACKey(jwt.SigningMethod) (interface{}, error)

GetHMACKey gets secret key from env

func GetKeyECDSA

func GetKeyECDSA(jwt.SigningMethod) (interface{}, error)

GetKeyECDSA gets the public.pem file location from env and returns ecdsa.PublicKey

func GetKeyRSA

func GetKeyRSA(jwt.SigningMethod) (interface{}, error)

GetKeyRSA gets the public key file location from env and returns rsa.PublicKey

func GetKeyRSAPSS

func GetKeyRSAPSS(signingMethod jwt.SigningMethod) (interface{}, error)

GetKeyRSAPSS uses GetKeyRSA() since both requires rsa.PublicKey

func New

func New(options Options) buffalo.MiddlewareFunc

New enables jwt token verification if no Sign method is provided, by default uses HMAC


type Options

type Options struct {
	SignMethod jwt.SigningMethod
	GetKey     func(jwt.SigningMethod) (interface{}, error)
	AuthScheme string

Options for the JWT middleware

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL