mjwt

Documentation

Index

• Constants
• Variables
• func JWT(key interface{}) echo.MiddlewareFunc
• func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc
• type ImClaims
• type JWTClaimsGotHandler
• type JWTConfig
• type JWTErrorHandler
• type JWTSuccessHandler

Constants

const (
	AlgorithmHS256    = "HS256"
	DefaultCookieName = "zag-token"
)

Algorithms

Variables

var (
	ErrJWTMissing = echo.NewHTTPError(http.StatusBadRequest, "Missing or malformed jwt")
	ErrJWTInvalid = echo.NewHTTPError(http.StatusUnauthorized, "Invalid or expired jwt")
)

Errors

var (
	// DefaultJWTConfig is the default JWT auth middleware config.
	DefaultJWTConfig = JWTConfig{
		Skipper:       middleware.DefaultSkipper,
		SigningMethod: AlgorithmHS256,
		ContextKey:    "user",
		TokenLookup:   "header:" + echo.HeaderAuthorization,
		AuthScheme:    "Bearer",
		Claims:        jwt.MapClaims{},
	}
)

Functions

func JWT

func JWT(key interface{}) echo.MiddlewareFunc

JWT returns a JSON Web Token (JWT) auth middleware.

For valid token, it sets the user in context and calls next handler. For invalid token, it returns "401 - Unauthorized" error. For missing token, it returns "400 - Bad Request" error.

See: https://jwt.io/introduction See `JWTConfig.TokenLookup`

func JWTWithConfig

func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc

JWTWithConfig returns a JWT auth middleware with config. See: `JWT()`.

Types

type ImClaims

type ImClaims struct {
	jwt.StandardClaims
	DeviceId string `json:"did" yaml:"device-id"`
}

type JWTClaimsGotHandler

type JWTClaimsGotHandler func(c echo.Context, tokenString string, token *jwt.Token, imtk *ImClaims)

type JWTConfig

type JWTConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper middleware.Skipper

	// BeforeFunc defines a function which is executed just before the middleware.
	BeforeFunc middleware.BeforeFunc

	// SuccessHandler defines a function which is executed for a valid token.
	SuccessHandler   JWTSuccessHandler
	ClaimsGotHandler JWTClaimsGotHandler

	// ErrorHandler defines a function which is executed for an invalid token.
	// It may be used to define a custom JWT error.
	ErrorHandler JWTErrorHandler

	// Signing key to validate token.
	// Required.
	SigningKey interface{}

	// Signing method, used to check token signing method.
	// Optional. Default value HS256.
	SigningMethod string

	// Context key to store user information from the token into context.
	// Optional. Default value "user".
	ContextKey string

	// Claims are extendable claims data defining token content.
	// Optional. Default value jwt.MapClaims
	Claims jwt.Claims

	// TokenLookup is a string in the form of "<source>:<name>" that is used
	// to extract token from the request.
	// Optional. Default value "header:Authorization".
	// Possible values:
	// - "header:<name>"
	// - "query:<name>"
	// - "cookie:<name>"
	TokenLookup string

	// AuthScheme to be used in the Authorization header.
	// Optional. Default value "Bearer".
	AuthScheme string
	// contains filtered or unexported fields
}

JWTConfig defines the config for JWT middleware.

type JWTErrorHandler

type JWTErrorHandler func(error) error

JWTErrorHandler defines a function which is executed for an invalid token.

type JWTSuccessHandler

type JWTSuccessHandler func(echo.Context)

JWTSuccessHandler defines a function which is executed for a valid token.