diff --git a/README.md b/README.md index 94597a7..0c47afb 100644 --- a/README.md +++ b/README.md @@ -38,8 +38,10 @@ all unverified tokens, see jwtauth.Authenticator. # Usage +See the full [example](https://github.com/goware/jwtauth/blob/master/_example/main.go). + ```go -package myservice +package main import ( "fmt" @@ -75,14 +77,14 @@ func router() http.Handler { ctx := r.Context() token := ctx.Value("jwt").(*jwt.Token) claims := token.Claims - w.Write([]byte(fmt.Printf("protected area. hi %v", claims["user_id"]))) + w.Write([]byte(fmt.Sprintf("protected area. hi %v", claims["user_id"]))) }) }) // Public routes r.Group(func(r chi.Router) { r.Get("/", func(w http.ResponseWriter, r *http.Request) { - w.Write([]byte("welcome")) + w.Write([]byte("welcome anonymous")) }) }) diff --git a/_example/main.go b/_example/main.go new file mode 100644 index 0000000..e39bdd9 --- /dev/null +++ b/_example/main.go @@ -0,0 +1,117 @@ +// +// jwtauth example +// +// Sample output: +// +// [peter@pak ~]$ curl -v http://localhost:3333/ +// * Trying ::1... +// * Connected to localhost (::1) port 3333 (#0) +// > GET / HTTP/1.1 +// > Host: localhost:3333 +// > User-Agent: curl/7.49.1 +// > Accept: */* +// > +// < HTTP/1.1 200 OK +// < Date: Tue, 13 Sep 2016 15:53:17 GMT +// < Content-Length: 17 +// < Content-Type: text/plain; charset=utf-8 +// < +// * Connection #0 to host localhost left intact +// welcome anonymous% +// +// +// [peter@pak ~]$ curl -v http://localhost:3333/admin +// * Trying ::1... +// * Connected to localhost (::1) port 3333 (#0) +// > GET /admin HTTP/1.1 +// > Host: localhost:3333 +// > User-Agent: curl/7.49.1 +// > Accept: */* +// > +// < HTTP/1.1 401 Unauthorized +// < Content-Type: text/plain; charset=utf-8 +// < X-Content-Type-Options: nosniff +// < Date: Tue, 13 Sep 2016 15:53:19 GMT +// < Content-Length: 13 +// < +// Unauthorized +// * Connection #0 to host localhost left intact +// +// +// [peter@pak ~]$ curl -H"Authorization: BEARER eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxMjN9.PZLMJBT9OIVG2qgp9hQr685oVYFgRgWpcSPmNcw6y7M" -v http://localhost:3333/admin +// * Trying ::1... +// * Connected to localhost (::1) port 3333 (#0) +// > GET /admin HTTP/1.1 +// > Host: localhost:3333 +// > User-Agent: curl/7.49.1 +// > Accept: */* +// > Authorization: BEARER eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxMjN9.PZLMJBT9OIVG2qgp9hQr685oVYFgRgWpcSPmNcw6y7M +// > +// < HTTP/1.1 200 OK +// < Date: Tue, 13 Sep 2016 15:54:26 GMT +// < Content-Length: 22 +// < Content-Type: text/plain; charset=utf-8 +// < +// * Connection #0 to host localhost left intact +// protected area. hi 123% +// + +package main + +import ( + "fmt" + "net/http" + + "github.com/dgrijalva/jwt-go" + "github.com/goware/jwtauth" + "github.com/pressly/chi" +) + +var TokenAuth *jwtauth.JwtAuth + +func init() { + TokenAuth = jwtauth.New("HS256", []byte("secret"), nil) + + // For debugging/example purposes, we generate and print + // a sample jwt token with claims `user_id:123` here: + _, tokenString, _ := TokenAuth.Encode(jwtauth.Claims{"user_id": 123}) + fmt.Printf("DEBUG: a sample jwt is %s\n\n", tokenString) +} + +func main() { + addr := ":3333" + fmt.Printf("Starting server on %v\n", addr) + http.ListenAndServe(addr, router()) +} + +func router() http.Handler { + r := chi.NewRouter() + + // Protected routes + r.Group(func(r chi.Router) { + // Seek, verify and validate JWT tokens + r.Use(TokenAuth.Verifier) + + // Handle valid / invalid tokens. In this example, we use + // the provided authenticator middleware, but you can write your + // own very easily, look at the Authenticator method in jwtauth.go + // and tweak it, its not scary. + r.Use(jwtauth.Authenticator) + + r.Get("/admin", func(w http.ResponseWriter, r *http.Request) { + ctx := r.Context() + token := ctx.Value("jwt").(*jwt.Token) + claims := token.Claims + w.Write([]byte(fmt.Sprintf("protected area. hi %v", claims["user_id"]))) + }) + }) + + // Public routes + r.Group(func(r chi.Router) { + r.Get("/", func(w http.ResponseWriter, r *http.Request) { + w.Write([]byte("welcome anonymous")) + }) + }) + + return r +}