README
¶
go-dynamodb-basicauth-plugin
Built to be run natively as a package by Tyk Gateways.
This is coded is intended to run as the "custom auth" part of the request lifecycle.
This will authenticate requests by connecting to DynamoDB and checking the Basic Auth credentials in the request to see if they match what's in the DB. If success, will let the request continue, otherwise will return an auth error.
Setup AWS session in the GO Plugin
In here,
sess, err := session.NewSession(&aws.Config{
Region: aws.String("us-east-2"),
Credentials: credentials.NewStaticCredentials("AKID", "SECRET", ""),
})
Replace AKID and SECRET with your AWS credentials. Leave the third parameter exactly as is, an empty string. Make sure the region is accurate also.
Build the plugin binary (shared object) without using go
docker run --rm -v pwd:/go/src/plugin-build tykio/tyk-plugin-compiler:v2.9.3 main.so
Build the plugin binary (shared object) using go
In the root of the "main.go" file, run
go build -o ./middleware/go/main.so -buildmode=plugin ./middleware/go
Put the generated file somewhere Tyk Gateway can access it
Build Tyk binary to run GOPLUGINS
Note: this is not required any longer, since Tyk published binaries support it already.
go build -tags 'goplugin' -o tyk .
Then run the compiled Tyk
Setup your API
in API Designer, click on "Raw API Definition"
- Set
"driver": "goplugin"and"use_go_plugin_auth": true - Set the request lifecycle to be run
"custom_middleware": {
"auth_check": [
{
"name": "DynamoDBAuth",
"path": "./middleware/go/main.so"
}
],
"name" has to be the name of the GO function
"path" is wherever you put the binary generated in step 1
Testing
- Create an entry in DynamoDB
username - hash
-------------
foo - bar
- Base encode our user:password combo into "user:pwd" convention
foo:bar becomes Zm9vOmJhcg==
-
Make cURL to Tyk Gateway.
curl http://www.tyk-test.com:8080/custom-auth-goplugin/headers -H "Authorization:Zm9vOmJhcg==" -
Watch it rate limit!
Documentation
¶
There is no documentation for this package.
Source Files