You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Yann Esposito (Yogsototh) cd5d9bbf4d
better wrap-fn
2 years ago
doc Initial commit 2 years ago
src/ring_api_key_middleware better wrap-fn 2 years ago
test/ring_api_key_middleware Initial commit 2 years ago
.gitignore Initial commit 2 years ago
CHANGELOG.md Initial commit 2 years ago
LICENSE Initial commit 2 years ago
README.org better wrap-fn 2 years ago
project.clj better wrap-fn 2 years ago

README.org

https://travis-ci.org/threatgrid/ring-api-key-middleware.png?branch=master

ring-api-key-middleware

A simple middleware to authenticate users using API Key

Features

  • the function to check the validity of API Key should be provided and not part
  • of this middleware.

Usage

Middleware & options

Use wrap-api-key-auth-fn to create an instance of the middleware, wrap your routes with it:


(defn get-auth-from-api-key [token]
    (when (= token "secret-api-key")
      {:user {:id "user-01" :name "username"}
       :groups #{{:id "cisco" :name "Cisco"}}
       :roles #{:admin :user}
       :auth-type :api-key}))

(def app
     ((wrap-api-key-auth-fn get-auth-from-api-key) handler))

When configured like this all requests with the header:


Authorization: apiKey secret-api-key

will be modified to be passed to the handler with the new key `:api-key-info` containing:


{:user {:id "user-01" :name "username"}
 :groups #{{:id "cisco" :name "Cisco"}}
 :roles #{:admin :user}
 :auth-type :api-key}

If the header contain an Authorization header with an unknown `api-key` the request will be rejected with a 403.


Authorization: apiKey unknown-api-key

If the header contain something with another authorization kind or no authorization header like:


Authorization: Bearer something-else

Then the request will be passed to the handler without any `api-key-info`. This provide the ability for other authentication middleware to be used. Deciding what to do about authenticated or non-authenticated user is left for another middleware or to be handled by the app handler.

License

Copyright © 2015-2017 Cisco Systems Eclipse Public License v1.0