Documentation
¶
Index ¶
Constants ¶
View Source
const (
AlgorithmHS256 = "HS256"
)
Algorithims
Variables ¶
View Source
var ( // DefaultCORSConfig is the default CORS middleware config. DefaultCORSConfig = CORSConfig{ AllowOrigins: []string{"*"}, AllowMethods: []string{"*"}, AllowHeaders: []string{"*"}, AllowCredentials: true, } )
View Source
var ( // DefaultJWTConfig is the default JWT auth middleware config. DefaultJWTConfig = JWTConfig{ SigningMethod: AlgorithmHS256, ContextKey: "user", TokenLookup: "header:" + echo.HeaderAuthorization, Claims: jwt.MapClaims{}, } )
Functions ¶
func CORS ¶
func CORS() echo.MiddlewareFunc
CORS returns a Cross-Origin Resource Sharing (CORS) middleware. See: https://developer.mozilla.org/en/docs/Web/HTTP/Access_control_CORS
func CORSWithConfig ¶
func CORSWithConfig(config CORSConfig) echo.MiddlewareFunc
CORSWithConfig returns a CORS middleware with config. See: `CORS()`.
func JWT ¶
func JWT(key []byte) echo.MiddlewareFunc
JWT returns a JSON Web Token (JWT) auth middleware.
For valid token, it sets the user in context and calls next handler. For invalid token, it returns "401 - Unauthorized" error. For empty token, it returns "400 - Bad Request" error.
See: https://jwt.io/introduction See `JWTConfig.TokenLookup`
func JWTWithConfig ¶
func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc
JWTWithConfig returns a JWT auth middleware from config. See: `JWT()`.
Types ¶
type CORSConfig ¶
type CORSConfig struct {
// AllowOrigin defines a list of origins that may access the resource.
// Optional. Default value []string{"*"}.
AllowOrigins []string `yaml:"allow_origins"`
// AllowMethods defines a list methods allowed when accessing the resource.
// This is used in response to a preflight request.
// Optional. Default value DefaultCORSConfig.AllowMethods.
AllowMethods []string `yaml:"allow_methods"`
// AllowHeaders defines a list of request headers that can be used when
// making the actual request. This is in response to a preflight request.
// Optional. Default value []string{}.
AllowHeaders []string `yaml:"allow_headers"`
// AllowCredentials indicates whether or not the response to the request
// can be exposed when the credentials flag is true. When used as part of
// a response to a preflight request, this indicates whether or not the
// actual request can be made using credentials.
// Optional. Default value false.
AllowCredentials bool `yaml:"allow_credentials"`
// ExposeHeaders defines a whitelist headers that clients are allowed to
// access.
// Optional. Default value []string{}.
ExposeHeaders []string `yaml:"expose_headers"`
// MaxAge indicates how long (in seconds) the results of a preflight request
// can be cached.
// Optional. Default value 0.
MaxAge int `yaml:"max_age"`
}
CORSConfig defines the config for CORS middleware.
type JWTConfig ¶
type JWTConfig struct {
// Signing key to validate token.
// Required.
SigningKey interface{} `json:"signing_key"`
// Signing method, used to check token signing method.
// Optional. Default value HS256.
SigningMethod string `json:"signing_method"`
// Context key to store user information from the token into context.
// Optional. Default value "user".
ContextKey string `json:"context_key"`
// Claims are extendable claims data defining token content.
// Optional. Default value jwt.MapClaims
Claims jwt.Claims
// TokenLookup is a string in the form of "<source>:<name>" that is used
// to extract token from the request.
// Optional. Default value "header:Authorization".
// Possible values:
// - "header:<name>"
// - "query:<name>"
// - "cookie:<name>"
TokenLookup string `json:"token_lookup"`
}
JWTConfig defines the config for JWT middleware.
Source Files
Click to show internal directories.
Click to hide internal directories.