Rene Nochebuena
b9a5cc2f92
Rename package from jwtauth to httpauthjwt to follow ecosystem convention (repo name = package name, hyphens removed). Bump httpauth dependency from v0.1.0 to v1.0.0 and rbac indirect dependency from v0.9.0 to v1.0.0. BREAKING CHANGE: import path unchanged (code.nochebuena.dev/go/httpauth-jwt) but package identifier changes from jwtauth to httpauthjwt — update all usages accordingly.
27 lines
1.0 KiB
Go
27 lines
1.0 KiB
Go
// Package httpauthjwt provides self-issued JWT authentication middleware and token
|
|
// management for HTTP services.
|
|
//
|
|
// It integrates with code.nochebuena.dev/go/httpauth: AuthMiddleware verifies
|
|
// Bearer tokens and calls httpauth.SetTokenData, making uid and claims available
|
|
// to EnrichmentMiddleware, AuthzMiddleware, and ClaimsPermissionProvider.
|
|
//
|
|
// Typical flow:
|
|
//
|
|
// 1. Issue a token pair on login:
|
|
//
|
|
// signer := httpauthjwt.NewHMACSigner([]byte(os.Getenv("JWT_SECRET")))
|
|
// pair, err := httpauthjwt.IssueTokenPair(signer, uid, customClaims, cfg)
|
|
//
|
|
// 2. Protect routes:
|
|
//
|
|
// r.Use(httpauthjwt.AuthMiddleware(signer, publicPaths))
|
|
// r.Use(httpauth.EnrichmentMiddleware(myEnricher))
|
|
//
|
|
// 3. Rotate tokens on refresh:
|
|
//
|
|
// newPair, err := httpauthjwt.RefreshTokenPair(ctx, signer, refreshToken, blacklist, cfg, freshClaims)
|
|
//
|
|
// For microservices that only verify tokens (not issue them), use NewRSAPublicKeyVerifier
|
|
// or NewRSAPublicKeyVerifierFromPEM with the public key only.
|
|
package httpauthjwt
|