go-packages/iris
1
0
Fork 0
mirror of https://github.com/kataras/iris.git synced 2025-03-15 08:06:27 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

OK, I think we are done with the new JWT package

Browse Source
This commit is contained in:
Gerasimos (Makis) Maropoulos 2020-11-05 10:47:56 +02:00
parent a9e808345b
commit d562f09531
No known key found for this signature in database
GPG Key ID: 5DBE766BD26A54E7
3 changed files with 53 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
_examples/auth/jwt/tutorial/README.md
View File

@ -1,9 +1,15 @@
# Iris JWT Tutorial # Iris JWT Tutorial
This example show how to use JWT with domain-driven design pattern with Iris. There is also a simple Go client which describes how you can use Go to authorize a user and use the server's API.
## Run the server
```sh ```sh
$ go run main.go $ go run main.go
``` ```
## Authenticate, get the token
```sh ```sh
$ curl --location --request POST 'http://localhost:8080/signin' \ $ curl --location --request POST 'http://localhost:8080/signin' \
--header 'Content-Type: application/x-www-form-urlencoded' \ --header 'Content-Type: application/x-www-form-urlencoded' \
@ -13,6 +19,8 @@ $ curl --location --request POST 'http://localhost:8080/signin' \
> $token > $token
``` ```
## Get all TODOs for this User
```sh ```sh
$ curl --location --request GET 'http://localhost:8080/todos' \ $ curl --location --request GET 'http://localhost:8080/todos' \
--header 'Authorization: Bearer $token' --header 'Authorization: Bearer $token'
@ -20,6 +28,8 @@ $ curl --location --request GET 'http://localhost:8080/todos' \
> $todos > $todos
``` ```
## Get a specific User's TODO
```sh ```sh
$ curl --location --request GET 'http://localhost:8080/todos/$id' \ $ curl --location --request GET 'http://localhost:8080/todos/$id' \
--header 'Authorization: Bearer $token' --header 'Authorization: Bearer $token'
@ -27,6 +37,8 @@ $ curl --location --request GET 'http://localhost:8080/todos/$id' \
> $todo > $todo
``` ```
## Get all TODOs for all Users (admin role)
```sh ```sh
$ curl --location --request GET 'http://localhost:8080/admin/todos' \ $ curl --location --request GET 'http://localhost:8080/admin/todos' \
--header 'Authorization: Bearer $token' --header 'Authorization: Bearer $token'
@ -34,6 +46,8 @@ $ curl --location --request GET 'http://localhost:8080/admin/todos' \
> $todos > $todos
``` ```
## Create a new TODO
```sh ```sh
$ curl --location --request POST 'http://localhost:8080/todos' \ $ curl --location --request POST 'http://localhost:8080/todos' \
--header 'Authorization: Bearer $token' \ --header 'Authorization: Bearer $token' \
@ -46,5 +60,3 @@ $ curl --location --request POST 'http://localhost:8080/todos' \
> Status Created > Status Created
> $todo > $todo
``` ```
TODO: write the article on https://medium.com/@kataras, https://dev.to/kataras and linkedin first.

4
_examples/dependency-injection/jwt/contrib/go.mod
View File

@ -2,4 +2,6 @@ module github.com/kataras/iris/_examples/dependency-injection/jwt/contrib
go 1.15 go 1.15
require github.com/iris-contrib/middleware/jwt v0.0.0-20200810001613-32cf668f999f require (
github.com/iris-contrib/middleware/jwt v0.0.0-20201017024110-39b50ffeb885
)

53
_examples/dependency-injection/jwt/main.go
View File

@ -11,40 +11,59 @@ func main() {
app := iris.New() app := iris.New()
app.ConfigureContainer(register) app.ConfigureContainer(register)
// http://localhost:8080/authenticate
// http://localhost:8080/restricted
app.Listen(":8080") app.Listen(":8080")
} }
func register(api *iris.APIContainer) { var (
j := jwt.HMAC(15*time.Minute, "secret", "secretforencrypt") secret = []byte("secret")
signer = jwt.NewSigner(jwt.HS256, secret, 15*time.Minute)
verify = jwt.NewVerifier(jwt.HS256, secret, jwt.Expected{Issuer: "myapp"}).Verify(func() interface{} {
return new(userClaims)
})
)
api.RegisterDependency(func(ctx iris.Context) (claims userClaims) { func register(api *iris.APIContainer) {
if err := j.VerifyToken(ctx, &claims); err != nil { // To register the middleware in the whole api container:
ctx.StopWithError(iris.StatusUnauthorized, err) // api.Use(verify)
return // Otherwise, protect routes when userClaims is expected on the functions input
// by calling the middleware manually, see below.
api.RegisterDependency(func(ctx iris.Context) (claims *userClaims) {
if ctx.Proceed(verify) { // the "verify" middleware will stop the execution if it's failed to verify the request.
// Map the input parameter of "restricted" function with the claims.
return jwt.Get(ctx).(*userClaims)
} }
return return nil
}) })
api.Get("/authenticate", writeToken(j)) api.Get("/authenticate", writeToken)
api.Get("/restricted", restrictedPage) api.Get("/restricted", restrictedPage)
} }
type userClaims struct { type userClaims struct {
jwt.Claims Username string `json:"username"`
Username string
} }
func writeToken(j *jwt.JWT) iris.Handler { func writeToken(ctx iris.Context) {
return func(ctx iris.Context) { claims := userClaims{
j.WriteToken(ctx, userClaims{ Username: "kataras",
Claims: j.Expiry(jwt.Claims{Issuer: "an-issuer"}),
Username: "kataras",
})
} }
standardClaims := jwt.Claims{
Issuer: "myapp",
}
token, err := signer.Sign(claims, standardClaims)
if err != nil {
ctx.StopWithError(iris.StatusInternalServerError, err)
return
}
ctx.Write(token)
} }
func restrictedPage(claims userClaims) string { func restrictedPage(claims *userClaims) string {
// userClaims.Username: kataras // userClaims.Username: kataras
return "userClaims.Username: " + claims.Username return "userClaims.Username: " + claims.Username
} }