basicauth

package

v3.2.0 Latest Latest Go to latest Published: Apr 25, 2026 License: MIT Imports: 15 Imported by: 5

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/gofiber/fiber

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func New(config ...Config) fiber.Handler
func UsernameFromContext(ctx any) string
type Config

Constants ¶

This section is empty.

Variables ¶

View Source

var ConfigDefault = Config{
	Next:         nil,
	Users:        map[string]string{},
	Realm:        "Restricted",
	Charset:      "UTF-8",
	HeaderLimit:  8192,
	Authorizer:   nil,
	Unauthorized: nil,
	BadRequest:   nil,
}

ConfigDefault is the default config

View Source

var ErrInvalidSHA256PasswordLength = errors.New("decode SHA256 password: invalid length")

Functions ¶

func New ¶

func New(config ...Config) fiber.Handler

New creates a new middleware handler

func UsernameFromContext ¶

func UsernameFromContext(ctx any) string

UsernameFromContext returns the username found in the context. It accepts fiber.CustomCtx, fiber.Ctx, *fasthttp.RequestCtx, and context.Context. It returns an empty string if the username does not exist.

Types ¶

type Config ¶

type Config struct {
	// Next defines a function to skip this middleware when returned true.
	//
	// Optional. Default: nil
	Next func(c fiber.Ctx) bool

	// Users defines the allowed credentials
	//
	// Required. Default: map[string]string{}
	Users map[string]string

	// Authorizer defines a function you can pass
	// to check the credentials however you want.
	// It will be called with a username, password and
	// the current fiber context and is expected to return
	// true or false to indicate that the credentials were
	// approved or not.
	//
	// Optional. Default: nil.
	Authorizer func(string, string, fiber.Ctx) bool

	// Unauthorized defines the response body for unauthorized responses.
	// By default it will return with a 401 Unauthorized and the correct WWW-Auth header
	//
	// Optional. Default: nil
	Unauthorized fiber.Handler

	// BadRequest defines the response body for malformed Authorization headers.
	// By default it will return with a 400 Bad Request without the WWW-Authenticate header.
	//
	// Optional. Default: nil
	BadRequest fiber.Handler

	// Realm is a string to define realm attribute of BasicAuth.
	// the realm identifies the system to authenticate against
	// and can be used by clients to save credentials
	//
	// Optional. Default: "Restricted".
	Realm string

	// Charset defines the value for the charset parameter in the
	// WWW-Authenticate header. According to RFC 7617 clients can use
	// this value to interpret credentials correctly. Only the value
	// "UTF-8" is allowed; any other value will panic.
	//
	// Optional. Default: "UTF-8".
	Charset string

	// HeaderLimit specifies the maximum allowed length of the
	// Authorization header. Requests exceeding this limit will
	// be rejected.
	//
	// Optional. Default: 8192.
	HeaderLimit int
}

Config defines the config for middleware.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL