JWT Middleware for Atreugo Framework

preamble: this is cloned appleyboy's JWT middleware adapted for Atreugo framework

This is a middleware for Atreugo framework, which built on top of fasthttp

Be aware: version of Atreugo is 10.x.x (v10)

It uses jwt-go to provide a jwt authentication middleware. It provides additional handler functions to provide the login api that will generate the token and an additional refresh handler that can be used to refresh tokens.

Usage

Download and install using go module:

export GO111MODULE=on
go get github.com/LdDl/atreugo-jwt

Import it in your code:

import (
    jwt "github.com/LdDl/atreugo-jwt"
)

Example

Please see the example file

go run example/main.go

Demo server will start on port 8080.

Login API

Correct username/password and user access

curl -X POST 'http://localhost:8080/api/doauth' -d '{"username": "user", "password": "pass"}'
curl -X GET 'http://localhost:8080/api/v0.0.1/secret_page?token=PUT_RECIEVED_TOKEN'

Correct username/password but user has no access (banned)

curl -X POST 'http://localhost:8080/api/doauth' -d '{"username": "user2", "password": "pass"}'

Wrong user or password

curl -X POST 'http://localhost:8080/api/doauth' -d '{"username": "user", "password": "pass333"}'

Refresh token API

curl -X GET 'http://localhost:8080/api/v0.0.1/refresh?token=PUT_RECIEVED_TOKEN'

Login Flow

1. Authenticator: handles the login logic. On success LoginResponse is called, on failure Unauthorized is called.
2. LoginResponse: optional, allows setting a custom response such as a redirect.

JWT Flow

1. PayloadFunc: maps the claims in the JWT.
2. IdentityHandler: extracts identity from claims.
3. Authorizator: receives identity and handles authorization logic.
4. Unauthorized: handles unauthorized logic.