1
0
mirror of https://github.com/labstack/echo.git synced 2024-12-14 10:23:00 +02:00
echo/website/content/middleware/jwt.md
Vishal Rana 2507dc13e9 website and recipe in the main repo
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-10-01 20:49:22 -07:00

1.8 KiB

+++ title = "JWT" [menu.side] name = "JWT" parent = "middleware" weight = 5 +++

JWT Middleware

JWT provides a JSON Web Token (JWT) authentication middleware.

  • For valid token, it sets the user in context and calls next handler.
  • For invalid token, it sends "401 - Unauthorized" response.
  • For empty or invalid Authorization header, it sends "400 - Bad Request".

Usage

e.Use(middleware.JWT([]byte("secret"))

Custom Configuration

Usage

e := echo.New()
e.Use(middleware.JWTWithConfig(middleware.JWTConfig{
  SigningKey: []byte("secret"),
  TokenLookup: "query:token",
}))

Configuration

// JWTConfig defines the config for JWT middleware.
JWTConfig struct {
  // Skipper defines a function to skip middleware.
  Skipper Skipper

  // Signing key to validate token.
  // Required.
  SigningKey interface{} `json:"signing_key"`

  // Signing method, used to check token signing method.
  // Optional. Default value HS256.
  SigningMethod string `json:"signing_method"`

  // Context key to store user information from the token into context.
  // Optional. Default value "user".
  ContextKey string `json:"context_key"`

  // Claims are extendable claims data defining token content.
  // Optional. Default value jwt.MapClaims
  Claims jwt.Claims

  // TokenLookup is a string in the form of "<source>:<name>" that is used
  // to extract token from the request.
  // Optional. Default value "header:Authorization".
  // Possible values:
  // - "header:<name>"
  // - "query:<name>"
  // - "cookie:<name>"
  TokenLookup string `json:"token_lookup"`
}

Default Configuration

DefaultJWTConfig = JWTConfig{
  Skipper:       defaultSkipper,
  SigningMethod: AlgorithmHS256,
  ContextKey:    "user",
  TokenLookup:   "header:" + echo.HeaderAuthorization,
  Claims:        jwt.MapClaims{},
}

[Recipe]({{< ref "recipes/jwt.md">}})