A Go package that provides API key authentication for MCProuter applications, with built-in Fiber middleware support.
The mcprouter-authenticator package provides a simple and secure way to authenticate users via API keys in your Go applications. It includes:
- API Key Authenticator: Core authentication logic that validates API keys against a remote authentication service
- Fiber Middleware: Ready-to-use middleware for Fiber web framework applications
- Type Definitions: Structured types for users and authentication requests/responses
go get github.com/rxtech-lab/mcprouter-authenticatorpackage main
import (
"github.com/gofiber/fiber/v2"
"github.com/rxtech-lab/mcprouter-authenticator/authenticator"
"github.com/rxtech-lab/mcprouter-authenticator/middleware"
"github.com/rxtech-lab/mcprouter-authenticator/types"
)
func main() {
// Create authenticator instance
auth := authenticator.NewApikeyAuthenticator("https://your-auth-server.com", nil)
// Create Fiber app
app := fiber.New()
// Add authentication middleware
app.Use(middleware.FiberApikeyMiddleware(auth, "your-server-key", func(c *fiber.Ctx, user *types.User) error {
// Store user in context for later use
c.Locals("user", user)
return nil
}))
// Protected route
app.Get("/profile", func(c *fiber.Ctx) error {
user := middleware.GetUserFromContext(c)
if user == nil {
return c.Status(500).JSON(fiber.Map{"error": "no user found"})
}
return c.JSON(fiber.Map{
"id": user.ID,
"name": user.Name,
"email": user.Email,
"role": user.Role,
})
})
app.Listen(":3000")
}Clients should include the API key in the x-api-key header:
curl -H "x-api-key: your-user-api-key" http://localhost:3000/profileThe core authentication component that validates API keys against a remote service.
type ApikeyAuthenticator struct {
// Internal fields
}
// Create a new authenticator instance
func NewApikeyAuthenticator(url string, httpClient *http.Client) *ApikeyAuthenticator
// Authenticate a user with server key and user API key
func (a *ApikeyAuthenticator) Authenticate(serverKey string, userKey string) (*types.User, error)Parameters:
url: Base URL of your authentication servicehttpClient: Optional custom HTTP client (uses default if nil)serverKey: Server-side key for authentication serviceuserKey: User's API key to validate
Authentication Endpoint:
The authenticator makes POST requests to {url}/api/auth/mcp/session with the user's API key.
Fiber middleware for seamless integration with web applications.
func FiberApikeyMiddleware(
auth *authenticator.ApikeyAuthenticator,
serverKey string,
onAuthenticationSuccess OnAuthenticationSuccess
) fiber.HandlerParameters:
auth: Authenticator instanceserverKey: Server key for authenticationonAuthenticationSuccess: Callback function executed when authentication succeeds
Callback Function:
type OnAuthenticationSuccess func(c *fiber.Ctx, user *types.User) errorUse this callback to store the authenticated user in the Fiber context or perform other post-authentication actions.
// Retrieve user from Fiber context
func GetUserFromContext(c *fiber.Ctx) *types.UserData structures for users and authentication.
type User struct {
ID string `json:"id"`
Name string `json:"name"`
Email string `json:"email"`
Role string `json:"role"`
EmailVerified bool `json:"emailVerified"`
}type ApikeyAuthenticationRequest struct {
UserKey string `json:"userKey"`
}
type ApikeyAuthenticationResult struct {
User User `json:"user"`
}- Client Request: Client sends request with
x-api-keyheader - Middleware Validation: Fiber middleware extracts and validates the API key
- Remote Authentication: Authenticator sends POST request to authentication service
- User Retrieval: On success, user information is returned and stored in context
- Request Processing: Request continues to your application handlers
The middleware returns appropriate HTTP status codes:
- 401 Unauthorized: Missing or invalid API key
- 401 Unauthorized: Authentication service error or rejection
Error responses are in JSON format:
{
"error": "Missing x-api-key header"
}or
{
"error": "Authentication failed"
}You can provide a custom HTTP client for the authenticator:
import (
"net/http"
"time"
)
client := &http.Client{
Timeout: 10 * time.Second,
Transport: &http.Transport{
MaxIdleConns: 100,
},
}
auth := authenticator.NewApikeyAuthenticator("https://auth-server.com", client)Apply middleware to specific route groups:
app := fiber.New()
// Public routes
app.Get("/health", healthHandler)
// Protected routes
api := app.Group("/api")
api.Use(middleware.FiberApikeyMiddleware(auth, serverKey, addUserToContext))
api.Get("/users", getUsersHandler)
api.Post("/users", createUserHandler)func customAuthHandler(c *fiber.Ctx, user *types.User) error {
// Log authentication
log.Printf("User %s (%s) authenticated", user.Name, user.ID)
// Store in context
c.Locals("user", user)
c.Locals("user_role", user.Role)
// Add custom headers
c.Set("X-User-ID", user.ID)
return nil
}
middleware := middleware.FiberApikeyMiddleware(auth, serverKey, customAuthHandler)The package includes comprehensive tests. Run them with:
go test ./...For verbose output:
go test -v ./...- Go 1.25.0 or later
- Fiber v2.52.9 or compatible version
github.com/gofiber/fiber/v2: Web framework- Standard library packages for HTTP and JSON handling
This package is part of the RXTech Lab ecosystem. Please refer to your organization's licensing terms.
When contributing to this package:
- Ensure all tests pass
- Add tests for new functionality
- Follow Go coding standards
- Update documentation as needed
For issues and questions related to this package, please contact the RXTech Lab development team.