JWT Authentication Middleware
The JWTAuth function in the middlewares package provides JSON Web Token (JWT) authentication for your Twix router. This middleware allows you to authenticate requests using JWTs either from the request headers or cookies.
JWTConfig
The JWTConfig struct holds the configuration for the JWT authentication middleware.
type JWTConfig struct {
SecretKey []byte
TokenSource TokenSource
CookieName string
}
SecretKey: The key used to sign and verify JWTs.TokenSource: Specifies where the token should be extracted from (either headers or cookies). Possible values areHeaderandCookie.CookieName: The name of the cookie that holds the JWT ifTokenSourceis set toCookie.
TokenSource
TokenSource is an enumeration that defines where the JWT should be extracted from.
type TokenSource string
const (
Header TokenSource = "header"
Cookie TokenSource = "cookie"
)
JWTAuth
The JWTAuth function creates a middleware handler that performs JWT authentication based on the provided configuration.
func JWTAuth(config JWTConfig) func(http.Handler) http.Handler
Example
package main
import (
"net/http"
"github.com/farhanmobashir/twix"
"github.com/farhanmobashir/twix/middlewares"
"github.com/golang-jwt/jwt/v5"
)
func main() {
router := twix.New()
// Define JWT configuration
jwtConfig := middlewares.JWTConfig{
SecretKey: []byte("your-secret-key"),
TokenSource: middlewares.Header,
}
// Apply JWT authentication middleware to the router
router.Use(middlewares.JWTAuth(jwtConfig))
router.Get("/", func(w http.ResponseWriter, r *http.Request) {
// Access token claims from the context
ctx := r.Context().Value(twix.TwixContextKey).(*twix.Context)
claims := ctx.TokenClaims.(*jwt.MapClaims)
// Use token claims
userId := claims["user_id"]
w.Write([]byte("User ID: " + userId.(string)))
})
http.ListenAndServe(":8080", router)
}
In this example, the JWTAuth middleware is applied to the Twix router, and the token is expected to be provided in the Authorization header. If the token is valid, its claims are stored in the request context and can be accessed in route handlers.
How It Works
The JWTAuth middleware works as follows:
- Extract Token: It extracts the JWT from the request header or cookie based on the
TokenSourceconfiguration. - Parse Token: It parses and validates the JWT using the provided
SecretKey. - Handle Errors: It returns an appropriate error response if the token is missing, invalid, or if any error occurs.
- Store Claims: It stores the JWT claims in the request context for use in route handlers.
- Pass Context: It passes the updated context with the token claims to the next handler.
Usage
You can apply the JWTAuth middleware to your Twix router by calling the Use method with the middleware function:
router.Use(middlewares.JWTAuth(jwtConfig))
This will ensure that JWT authentication is enforced for the routes in your application, and valid token claims are available in the request context.