Skip to content
This repository has been archived by the owner on Feb 8, 2023. It is now read-only.

alibaba-archive/gear-auth

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Gear-Auth

Auth library base on JWT.

Build Status Coverage Status License GoDoc

Crypto Library

https://github.com/teambition/crypto-go

Demo

Create a token and verify it

auther := auth.New([]byte("key1"))
token, _ := auther.JWT().Sign(jwt.Claims{"test": "OK"})
claims, _ := auther.JWT().Verify(token)
fmt.Println(claims.Get("test"))
// Output: "OK"

jwt with ED25519 and HS256 Alg backup

package main

import (
	"fmt"

	josecrypto "github.com/SermoDigital/jose/crypto"
	josejws "github.com/SermoDigital/jose/jws"
	"github.com/teambition/gear-auth/jwt"
	"github.com/teambition/gear-auth/jwt/ed25519"
)

func main() {
	publicKey, privateKey := ed25519.GenerateKey()
	fmt.Println("publicKey:", publicKey)
	fmt.Println("privateKey:", privateKey)

	keyPair, err := ed25519.KeyPairFrom(publicKey, privateKey)
	if err != nil {
		panic(err)
	}

	jwter := jwt.New()
	jwter.SetSigning(ed25519.SigningMethodED25519, keyPair)
	jwter.SetBackupSigning(josecrypto.SigningMethodHS256, []byte("old key 1"), []byte("old key 2"))

	token, err := jwter.Sign(josejws.Claims{"test": "OK"})
	fmt.Println(err, token)

	claims, err := jwter.Verify(token)
	fmt.Println(err, claims)

	// claims, err = jwter.Verify(some_old_HS256_token)
}

Use with Gear

package main

import (
  "fmt"
  "io/ioutil"
  "net/http"

  "github.com/SermoDigital/jose/jwt"
  "github.com/mozillazg/request"
  "github.com/teambition/gear"
  "github.com/teambition/gear-auth"
)

func NewRequst() *request.Request {
  c := &http.Client{}
  return request.NewRequest(c)
}

func main() {
  auther := auth.New([]byte("some_key"))
  auther.JWT().SetIssuer("Gear")
  // auther.JWT().SetExpiration(time.Hour * 24)

  app := gear.New()

  // use auther as middleware, if authentication failure, next middleware will not run.
  app.UseHandler(auther)

  app.Use(func(ctx *gear.Context) error {
    claims, err := auther.FromCtx(ctx)
    if err != nil {
      return err // means Authentication failure.
    }
    return ctx.JSON(200, claims)
  })
  srv := app.Start()
  defer srv.Close()

  req := NewRequst()
  host := "http://" + srv.Addr().String()

  // create a token
  claims := jwt.Claims{}
  claims.Set("Hello", "world")
  token, _ := auther.JWT().Sign(claims)
  req.Headers["Authorization"] = "Bearer " + token
  res, _ := req.Get(host)
  defer res.Body.Close()

  body, _ := ioutil.ReadAll(res.Body)
  fmt.Println(string(body))
  // Output: {"Hello":"world","iss":"Gear"}
}

Documentation

https://godoc.org/github.com/teambition/gear-auth

License

Gear-Auth is licensed under the MIT license. Copyright © 2016-2018 Teambition.

About

Auth library with some useful JWT and Crypto methods.

Resources

License

Stars

Watchers

Forks

Packages

No packages published