go-packages/iris
1
0
Fork 0
mirror of https://github.com/kataras/iris.git synced 2025-01-23 02:31:04 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
Page: Request authentication
Pages
API versioning Automatic public address Benchmarks Cache Configuration Content negotiation Cookies Documentation terms and conditions Forms Grpc HTTP method override HTTP referrer Home Host Installation Localization MVC Model validation Our users Project and community Publications Quick start Request authentication Response recorder Routing context methods Routing error handlers Routing middleware Routing override context Routing path parameter types Routing reverse lookups Routing subdomains Routing wrap the router Routing Sessions database Sessions flash messages Sessions Sitemap Starter kits Support Testing URL query parameters View Websockets dependency injection
7 Request authentication
Gerasimos (Makis) Maropoulos edited this page 2020-03-06 11:48:57 +02:00
Table of Contents

Iris offers request authentication through its jwt middleware. In this chapter you will learn the basics of how to use JWT with Iris.

1. Install it by executing the following shell command:

$ go get github.com/iris-contrib/middleware/jwt

2. To create a new jwt middleware use the jwt.New function. This example extracts the token through a "token" url parameter. Authenticated clients should be designed to set that with a signed token. The default jwt middleware's behavior to extract a token value is by the Authentication: Bearer $TOKEN header.

The jwt middleware has three methods to validate tokens.

  • The first one is the Serve method - it is an iris.Handler,
  • the second one is the CheckJWT(iris.Context) bool and
  • the third one is a helper to retrieve the validated token - the Get(iris.Context) *jwt.Token.

3. To register it you simply prepend the jwt j.Serve middleware to a specific group of routes, a single route, or globally e.g. app.Get("/secured", j.Serve, myAuthenticatedHandler).

4. To generate a token inside a handler that accepts a user payload and responses the signed token which later on can be sent through client requests headers or url parameter in this case, e.g. jwt.NewToken or jwt.NewTokenWithClaims.

Example

import (
    "github.com/kataras/iris/v12"
    "github.com/iris-contrib/middleware/jwt"
)

func getTokenHandler(ctx iris.Context) {
    token := jwt.NewTokenWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
        "foo": "bar",
    })

    // Sign and get the complete encoded token as a string using the secret
    tokenString, _ := token.SignedString([]byte("My Secret"))

    ctx.HTML(`Token: ` + tokenString + `<br/><br/>
    <a href="/secured?token=` + tokenString + `">/secured?token=` + tokenString + `</a>`)
}

func myAuthenticatedHandler(ctx iris.Context) {
    user := ctx.Values().Get("jwt").(*jwt.Token)

    ctx.Writef("This is an authenticated request\n")
    ctx.Writef("Claim content:\n")

    foobar := user.Claims.(jwt.MapClaims)
    for key, value := range foobar {
        ctx.Writef("%s = %s", key, value)
    }
}

func main(){
    app := iris.New()

    j := jwt.New(jwt.Config{
        // Extract by "token" url parameter.
        Extractor: jwt.FromParameter("token"),

        ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) {
            return []byte("My Secret"), nil
        },
        SigningMethod: jwt.SigningMethodHS256,
    })

    app.Get("/", getTokenHandler)
    app.Get("/secured", j.Serve, myAuthenticatedHandler)
    app.Listen(":8080")
}

You can use any payload as "claims".

Home | Project | Quick Start | Technical Docs | Copyright © 2019-2020 Gerasimos Maropoulos. Documentation terms of use.