fiber api key authentication middleware

Related tags

Authentication & OAuth fiber-key-auth
Overview

fiber-key-auth

Secure your fiber endpoints using API keys.
Report Bug · Request Feature

Table of Contents
  1. About The Project
  2. Getting Started
  3. Usage
  4. License
  5. Contact

About The Project

On deployment inject API keys authorized to use your service. Every call to a private endpoint of your service has to include a header['x-api-key'] attribute that is validated against the API keys (starting with: API_KEY_) in your environment. If it is present, a request is authorized. If it is not fiber returns 401 Unauthorized. Use this either as a middleware the usage.

Built With

Getting Started

Installation

go get github.com/iwpnd/fiber-key-auth

Usage

As Middleware:

package main

import (
	"os"

	"github.com/iwpnd/fiber-key-auth"
	"github.com/gofiber/fiber/v2"
	)

os.Setenv("API_KEY_TEST", "valid")

func main() {
    app := fiber.New()

    app.Use(keyauth.New())

    app.Get("/", func(c *fiber.Ctx) error {
        return c.SendString("Hello, World 👋!")
    })

    app.Listen(":3000")
}

Now try to access your / route.

> "invalid api key" curl localhost:3000 -H "x-api-key: valid" >> Hello, World 👋! "> 
curl localhost:3000

>> "no api key"

curl localhost:3000 -H "x-api-key: invalid"

>> "invalid api key"

curl localhost:3000 -H "x-api-key: valid"

>> Hello, World 👋!

License

Distributed under the MIT License. See LICENSE for more information.

Contact

Benjamin Ramser - @imwithpanda - [email protected]
Project Link: https://github.com/iwpnd/fiber-key-auth

Comments
  • chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1

    chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1

    Bumps github.com/stretchr/testify from 1.8.0 to 1.8.1.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • chore(deps): bump github.com/gofiber/fiber/v2 from 2.40.0 to 2.40.1

    chore(deps): bump github.com/gofiber/fiber/v2 from 2.40.0 to 2.40.1

    Bumps github.com/gofiber/fiber/v2 from 2.40.0 to 2.40.1.

    Release notes

    Sourced from github.com/gofiber/fiber/v2's releases.

    v2.40.1

    🐛 Fixes

    • Fix mounting when mount prefix is / (#2227)

    Full Changelog: https://github.com/gofiber/fiber/compare/v2.40.0...v2.40.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump github.com/gofiber/fiber/v2 from 2.39.0 to 2.40.0

    chore(deps): bump github.com/gofiber/fiber/v2 from 2.39.0 to 2.40.0

    Bumps github.com/gofiber/fiber/v2 from 2.39.0 to 2.40.0.

    Release notes

    Sourced from github.com/gofiber/fiber/v2's releases.

    v2.40.0

    ❗ BreakingChange

    • Bump github.com/valyala/fasthttp from 1.40.0 to 1.41.0 (#2171)
    • Deprecate: go 1.14 & go 1.15 support deprecation (#2172)

    Due to the fact that fasthttp, which fiber is based on in release 1.41.0, does not support go versions 1.14 & 1.15 anymore, we had to remove them from our package as well.

    🚀 New

    // now you can add your own custom methods
app := fiber.New(fiber.Config{
    RequestMethods: append(fiber.DefaultMethods, "LOAD", "TEST"),
})

    app.Add("LOAD", "/hello", func(c *fiber.Ctx) error {
return c.SendString("Hello, World 👋!")
})


    // declaration of multiple paths for the ".Use" method as in express is now possible
app.Use([]string{"/john", "/doe"}, func(c *Ctx) error {
    return c.SendString(c.Path())
})

    app.Get("/:userId<int>?", func(c *fiber.Ctx) error {
    return c.SendString(c.Params("userId"))
})
// curl -X GET http://localhost:3000/42
// 42

    // curl -X GET http://localhost:3000/
//


    app := fiber.New()
micro := fiber.New()
// order when registering the mounted apps no longer plays a role
app.Mount("/john", micro)
// before there was problem when after mounting routes were registered
</tr></table>

    ... (truncated)

    Commits
    • c8baa61 prepare release v2.40.0
    • e4b3b5c Improve interface for custom logger func (#2225)
    • 92ce4aa :memo: Update middleware/logger docs (#2224)
    • 3d39b82 logger: adjustment for the new Done function - use nil instead of empty func
    • e8f8cb6 :sparkles: Add customTags in logger middleware Config (#2188)
    • 3157fb5 :sparkles: Add callback function for middleware/logger (#2219)
    • 61b4496 Track Configured Values (#2221)
    • 235cd9d ctx: simplify Protocol() (#2217)
    • b288a9f ctx: make Secure() also report whether a secure connection was established to...
    • a0645af Fix and optimize memory storage (#2207)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump github.com/gofiber/fiber/v2 from 2.38.1 to 2.39.0

    chore(deps): bump github.com/gofiber/fiber/v2 from 2.38.1 to 2.39.0

    Bumps github.com/gofiber/fiber/v2 from 2.38.1 to 2.39.0.

    Release notes

    Sourced from github.com/gofiber/fiber/v2's releases.

    v2.39.0

    🚀 New

    🧹 Updates

    • Improve memory storage (#2162)
    • Make IP validation 2x faster (#2158)
    • Switch to text/javascript as per RFC9239 (#2146)
    • Test: add nil jsonDecoder test case (#2139)
    • Utils: update mime extensions (#2133)

    🐛 Fixes

    • Unhandled errors and update code comments to help the IDEs (#2128)
    • Multi-byte AppName displays confusion (#2148)
    • Query string parameter pass to fiber context (#2164)
    • Handle multiple X-Forwarded header (#2154)
    • Middleware/proxy - solve data race in middleware/proxy's test (#2153)
    • Middleware/session - Reset d.Data instead of deleting keys in it (#2156)
    • Agent: agent.Struct fails to unmarshal response since 2.33.0 #2134 (#2137)

    📚 Documentation

    • Update logger's comment (#2157)
    • Update ReadmeID (#2150)
    • Add doc about usage of CSRF and EncryptCookie middlewares. (#2141)
    • Update language count (#2131)
    • Typos (#2127)

    Full Changelog: https://github.com/gofiber/fiber/compare/v2.38.1...v2.39.0

    Thank you @​Kamandlou, @​Yureien, @​efectn, @​floxydio, @​fufuok, @​joseroberto, @​leonklingele, @​li-jin-gou, @​marcmartin13, @​nathanfaucett, @​sadfun, @​supakornbabe, @​unickorn and @​xbt573 for making this update possible.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump github.com/stretchr/testify from 1.7.0 to 1.8.0

    chore(deps): bump github.com/stretchr/testify from 1.7.0 to 1.8.0

    Bumps github.com/stretchr/testify from 1.7.0 to 1.8.0.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
Releases(v0.2.0)

  • v0.2.0(Oct 22, 2022)

    v0.2.0

    feat:

    • optional structured error message (45beb0)

    Usage

    package main

import (
  "os"

  "github.com/iwpnd/fiber-key-auth"
  "github.com/gofiber/fiber/v2"
)

os.Setenv("API_KEY_TEST", "valid")

func main() {
    app := fiber.New()

    app.Use(keyauth.New(WithStructuredErrorMsg()))

    app.Get("/", func(c *fiber.Ctx) error {
        return c.SendString("Hello, World 👋!")
    })

    app.Listen(":3000")
}

    curl localhost:3000

>> {"message": "no api key"}

curl localhost:3000 -H "x-api-key: invalid"

>> {"message": "invalid api key"}

curl localhost:3000 -H "x-api-key: valid"

>> "Hello, World 👋!"
    Source code(tar.gz)
    Source code(zip)

  • v0.1.0(Oct 2, 2021)

    About The Project

    On deployment inject API keys authorized to use your service. Every call to a private endpoint of your service has to include a header['x-api-key'] attribute that is validated against the API keys (starting with: API_KEY_) in your environment. If it is present, a request is authorized. If it is not fiber returns 401 Unauthorized. Use this either as a middleware the usage.

    Built With

    Getting Started

    Installation

    go get github.com/iwpnd/fiber-key-auth

    Usage

    As Middleware:

    package main

import (
	"os"

	"github.com/iwpnd/fiber-key-auth"
	"github.com/gofiber/fiber/v2"
	)

os.Setenv("API_KEY_TEST", "valid")

func main() {
    app := fiber.New()

    app.Use(keyauth.New())

    app.Get("/", func(c *fiber.Ctx) error {
        return c.SendString("Hello, World 👋 !")
    })

    app.Listen(":3000")
}

    Now try to access your / route.

    curl localhost:3000

>> "no api key"

curl localhost:3000 -H "x-api-key: invalid"

>> "invalid api key"

curl localhost:3000 -H "x-api-key: valid"

>> "Hello, World 👋 !"

    License

    Distributed under the MIT License. See LICENSE for more information.

    Contact

    Benjamin Ramser - @imwithpanda - [email protected]
    Project Link: https://github.com/iwpnd/fiber-key-auth

    Source code(tar.gz)
    Source code(zip)
Owner
Ben
geographer turned spatial engineer turned data-something turned software developer
Ben
GitHub
Authelia: an open-source authentication and authorization server providing two-factor authentication

Authelia is an open-source authentication and authorization server providing two

Streato 0 Jan 5, 2022
Authentication Plugin for implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0, SAML Authentication

Authentication Plugin for implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0, SAML Authentication

Paul Greenberg 697 Jan 8, 2023
A simple passwordless proxy authentication middleware using email.

email proxy auth A simple passwordless proxy authentication middleware that uses only email as the authentication provider. Motivation I wanted to res

Miroslav Šedivý 5 Jul 27, 2022
Authorization and authentication. Learning go by writing a simple authentication and authorization service.

Authorization and authentication. Learning go by writing a simple authentication and authorization service.

Dinesh Bhattarai 0 Aug 5, 2022
Key-Checker - Go scripts for checking API key / access token validity

Key-Checker Go scripts for checking API key / access token validity Update V1.0.0 ?? Added 37 checkers! Screenshoot ?? How to Install go get github.co

Muhammad Daffa 190 Dec 19, 2022
stark key authentication library, signature generator for dydx exchange

stark key authentication library, signature generator for dydx exchange for the following operations: Place an order Withdraw funds link : https://doc

null 11 Nov 10, 2022
Golang based User creation and Management application. GORM, Fiber, JWT

User Creation and Management app (BACK-END) Auth Features: Create Clients (regular password + 6 one-time passwords + (optional) QR code and Secret for

Artūras 4 Dec 2, 2022
Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication.

❗ Cache package has been moved to libcache repository Go-Guardian Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to

Sanad Haj Yahya 426 Dec 23, 2022
🔥 Golang Rest Api with basic JWT Authentication and Basic Crud Operations.

?? Golang Rest Api with basic JWT Authentication and Basic Crud Operations.

Junaid Javed 19 Oct 4, 2022
:key: Secure alternative to JWT. Authenticated Encrypted API Tokens for Go.

branca branca is a secure alternative to JWT, This implementation is written in pure Go (no cgo dependencies) and implements the branca token specific

Wesley Hill 169 Dec 29, 2022
Go login handlers for authentication providers (OAuth1, OAuth2)

gologin Package gologin provides chainable login http.Handler's for Google, Github, Twitter, Facebook, Bitbucket, Tumblr, or any OAuth1 or OAuth2 auth

Dalton Hubble 1.6k Dec 30, 2022
Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applications.

Goth: Multi-Provider Authentication for Go Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applic

Mark Bates 4k Dec 29, 2022
HTTP Authentication middlewares

goji/httpauth httpauth currently provides HTTP Basic Authentication middleware for Go. It is compatible with Go's own net/http, goji, Gin & anything t

Goji 217 Dec 23, 2022
This package provides json web token (jwt) middleware for goLang http servers

jwt-auth jwt auth middleware in goLang. If you're interested in using sessions, checkout my sessions library! README Contents: Quickstart Performance

Adam Hanna 224 Dec 5, 2022
:closed_lock_with_key: Middleware for keeping track of users, login states and permissions

Permissions2 Middleware for keeping track of users, login states and permissions. Online API Documentation godoc.org Features and limitations Uses sec

Alexander F. Rødseth 470 Dec 31, 2022
A dead simple, highly performant, highly customizable sessions middleware for go http servers.

If you're interested in jwt's, see my jwt library! Sessions A dead simple, highly performant, highly customizable sessions service for go http servers

Adam Hanna 70 Dec 19, 2022
[DEPRECATED] Go package authcookie implements creation and verification of signed authentication cookies.

Package authcookie import "github.com/dchest/authcookie" Package authcookie implements creation and verification of signed authentication cookies. Co

Dmitry Chestnykh 111 Dec 22, 2022
Basic and Digest HTTP Authentication for golang http

HTTP Authentication implementation in Go This is an implementation of HTTP Basic and HTTP Digest authentication in Go language. It is designed as a si

Lev Shamardin 529 Dec 22, 2022
Package go-otp implements one-time-password generators used in 2-factor authentication systems like RSA-tokens. Currently this supports both HOTP (RFC-4226), TOTP (RFC-6238) and Base32 encoding (RFC-3548) for Google Authenticator compatibility

OTP Package go-otp implements one-time-password generators used in 2-factor authentication systems like RSA-tokens and Google Authenticator. Currently

Herbert Fischer 198 Oct 8, 2022