keyauth

package
v3.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 24, 2026 License: MIT Imports: 7 Imported by: 4

Documentation

Index

Constants

View Source 
const (
	ErrorInvalidRequest    = "invalid_request"
	ErrorInvalidToken      = "invalid_token"
	ErrorInsufficientScope = "insufficient_scope"
)

Variables

View Source 
var ConfigDefault = Config{
	SuccessHandler: func(c fiber.Ctx) error {
		return c.Next()
	},
	ErrorHandler: func(c fiber.Ctx, _ error) error {
		return c.Status(fiber.StatusUnauthorized).SendString(ErrMissingOrMalformedAPIKey.Error())
	},
	Realm:     "Restricted",
	Extractor: extractors.FromAuthHeader("Bearer"),
}

ConfigDefault is the default config

View Source 
var ErrMissingOrMalformedAPIKey = errors.New("missing or invalid API Key")

ErrMissingOrMalformedAPIKey is returned when the API key is missing or invalid.

Functions

func New 

func New(config ...Config) fiber.Handler

New creates a new middleware handler

func TokenFromContext 

func TokenFromContext(ctx any) string

TokenFromContext returns the bearer token from the request context. It accepts fiber.CustomCtx, fiber.Ctx, *fasthttp.RequestCtx, and context.Context. It returns an empty string if the token does not exist.

Types

type Config 

type Config struct {
	// Next defines a function to skip this middleware when returned true.
	//
	// Optional. Default: nil
	Next func(c fiber.Ctx) bool

	// SuccessHandler defines a function which is executed for a valid key.
	//
	// Optional. Default: c.Next()
	SuccessHandler fiber.Handler

	// ErrorHandler defines a function which is executed for an invalid key.
	// It may be used to define a custom error.
	//
	// Optional. Default: 401 Missing or invalid API Key
	ErrorHandler fiber.ErrorHandler

	// Validator is a function to validate the key.
	//
	// Required.
	Validator func(c fiber.Ctx, key string) (bool, error)

	// Realm defines the protected area for WWW-Authenticate responses.
	// This is used to set the `WWW-Authenticate` header when authentication fails.
	//
	// Optional. Default value "Restricted".
	Realm string

	// Challenge defines the full `WWW-Authenticate` header value used when
	// the middleware responds with 401 and no Authorization scheme is
	// present.
	//
	// Optional. Default: `ApiKey realm="<Realm>"` when no Authorization scheme
	// is configured.
	Challenge string

	// Error is the RFC 6750 `error` parameter appended to Bearer
	// `WWW-Authenticate` challenges when validation fails. Allowed values
	// are `invalid_request`, `invalid_token`, or `insufficient_scope`.
	//
	// Optional. Default: "".
	Error string

	// ErrorDescription is the RFC 6750 `error_description` parameter
	// appended to Bearer `WWW-Authenticate` challenges when validation
	// fails. This field requires that `Error` is also set.
	//
	// Optional. Default: "".
	ErrorDescription string

	// ErrorURI is the RFC 6750 `error_uri` parameter appended to Bearer
	// `WWW-Authenticate` challenges when validation fails. This field
	// requires that `Error` is also set.
	//
	// Optional. Default: "".
	ErrorURI string

	// Scope is the RFC 6750 `scope` parameter appended to Bearer
	// challenges when the `error` is `insufficient_scope`. This field
	// requires that `Error` is set to `insufficient_scope`.
	//
	// Optional. Default: "".
	Scope string

	// Extractor is a function to extract the key from the request.
	//
	// Optional. Default: extractors.FromAuthHeader("Bearer")
	Extractor extractors.Extractor
}

Config defines the config for middleware.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.