import "github.com/mdouchement/middlewarex"
crud.go paseto.go versioning.go
const (
// XApplicationVersion is the header for the asked API version (e.g. vnd.github.v1)
XApplicationVersion = "X-Application-Version"
// XApplicationStableVersion is the header for the stable API version (e.g. vnd.github.v3)
XApplicationStableVersion = "X-Application-Stable-Version"
)var (
ErrPASETOMissing = echo.NewHTTPError(http.StatusBadRequest, "missing or malformed paseto")
ErrPASETOUnsupported = echo.NewHTTPError(http.StatusBadRequest, "unsupported paseto version/purpose")
)Errors
var (
// DefaultPASETOConfig is the default PASETO auth middleware config.
DefaultPASETOConfig = PASETOConfig{
Skipper: middleware.DefaultSkipper,
ContextKey: "paseto",
TokenLookup: "header:" + echo.HeaderAuthorization,
AuthScheme: "Bearer",
Validators: []paseto.Validator{},
}
)CRUD defines the folowwing resources:
POST: /path GET: /path GET: /path/:id PATCH: /path/:id DEL: /path/:id
PASETO returns a JSON Platform-Agnostic SEcurity TOkens (PASETO) auth middleware.
For valid token, it sets the user in context and calls next handler. For invalid token, it returns "401 - Unauthorized" error. For missing token, it returns "400 - Bad Request" error.
func PASETOWithConfig(config PASETOConfig) echo.MiddlewareFunc
PASETOWithConfig returns a PASETO auth middleware with config.
Versioning rewrites routes to match the last part of the version header. e.g. `X-Application-Version: vnd.github.v3' header will prefix the request's path by `/v3'. The stable API version will be returned in the response's headers.
CreateSupported interface
DeleteSupported interface
ListSupported interface
type PASETOConfig struct {
// Skipper defines a function to skip middleware.
Skipper middleware.Skipper
// BeforeFunc defines a function which is executed just before the middleware.
BeforeFunc middleware.BeforeFunc
// SuccessHandler defines a function which is executed for a valid token.
SuccessHandler PASETOSuccessHandler
// ErrorHandler defines a function which is executed for an invalid token.
// It may be used to define a custom PASETO error.
ErrorHandler PASETOErrorHandler
// ErrorHandlerWithContext is almost identical to ErrorHandler, but it's passed the current context.
ErrorHandlerWithContext PASETOErrorHandlerWithContext
// Signing key to validate token.
// Required.
SigningKey []byte
// Validators is the list of custom validators.
// Time validation is enforced.
Validators []paseto.Validator
// Context key to store user information from the token into context.
// Optional. Default value "user".
ContextKey string
// TokenLookup is a string in the form of "<source>:<name>" that is used
// to extract token from the request.
// Optional. Default value "header:Authorization".
// Possible values:
// - "header:<name>"
// - "query:<name>"
// - "param:<name>"
// - "cookie:<name>"
TokenLookup string
// AuthScheme to be used in the Authorization header.
// Optional. Default value "Bearer".
AuthScheme string
}PASETOConfig defines the config for PASETO middleware.
PASETOErrorHandler defines a function which is executed for an invalid token.
PASETOErrorHandlerWithContext is almost identical to PASETOErrorHandler, but it's passed the current context.
type PASETOSuccessHandler func(echo.Context)
PASETOSuccessHandler defines a function which is executed for a valid token.
ShowSupported interface
Token represents a PASETO JSONToken with its footer.
UpdateSupported interface
Package middlewarex imports 8 packages (graph). Updated 2020-09-28. Refresh now. Tools for package owners.