Comments (9)
The idea for Vapor 4 is to create a vapor/jwt
package that integrates JWTKit
with Vapor
. This hasn't been done yet, but should be fairly trivial. I'll leave this issue open to track that.
from jwt.
These are the pieces that @anthonycastelli shared with me (reposted here with his permission):
JWTMiddleware
import Foundation
import Vapor
import JWT
final class JWTMiddleware: Middleware, Service {
func respond(to request: Request, chainingTo next: Responder) throws -> Future<Response> {
guard let authorization = request.http.headers["Authorization"].first,
let bearer = authorization.split(separator: " ").first,
let token = authorization.split(separator: " ").last, bearer == "Bearer"
else { throw Abort(.unauthorized, reason: "No Authorization Header") }
let jwt: JWTService = try request.make()
let payload = try JWT<JWTAuthPayload>(from: String(token), verifiedUsing: jwt.signer).payload
guard let userId = UUID(uuidString: payload.userId) else { throw Abort(.unauthorized, reason: "Invalid User") }
return request.newConnection(to: .psql)
.flatMap(to: User?.self) { con in
return try User.find(userId, on: con)
}.flatMap(to: Response.self) {
if let u = $0 {
try request.authenticate(u)
}
_ = try request.requireAuthenticated(User.self)
return try next.respond(to: request)
}
}
}
JWTService
final class JWTService: Service {
var signer: JWTSigner
init(secret: String) throws {
self.signer = JWTSigner.hs512(key: Data(secret.utf8))
}
func signUser<T: CanteenModel>(_ user: T, type: JWTAuthPayload.UserType) throws -> String {
let expiration = ExpirationClaim(value: Date(timeIntervalSinceNow:(60 * 60 * 1))) // 60 minutes x 1 hour
var jwt = JWT(payload:
JWTAuthPayload(
exp: expiration,
userId: user.id?.uuidString ?? ""
)
)
let data = try self.signer.sign(&jwt)
return String(data: data, encoding: .utf8) ?? ""
}
}
JWTAuthPayload
struct JWTAuthPayload: JWTPayload {
enum CodingKeys: String, CodingKey {
case exp
case userId = "user_id"
}
var exp: ExpirationClaim
var userId: String
func verify() throws {
try self.exp.verify()
}
}
I think the forthcoming JWTAuthenticationMiddleware
should leverage TokenAuthenticationMiddleware
(which in turn leverages BearerAuthenticationMiddleware
).
from jwt.
Another popular solution that could prove useful as a reference is @calebkleveter's JWTMiddleware.
from jwt.
This is related to my issue here: vapor/auth#53
from jwt.
This provides a similar functionality to the old vapor-community/jwt-provider
: https://github.com/asensei/vapor-auth-jwt
from jwt.
Is here any progress to make it work?
from jwt.
Not that I'm aware of. @tanner0101 should we just close this out?
from jwt.
I like this idea to make it core feature
from jwt.
This package is now a JWTKit + Vapor integration.
from jwt.
Related Issues (20)
- ES256 implementation is incorrect HOT 1
- Sporadic failure of ES256 HOT 2
- Error when creating a public signer for certificates HOT 5
- Allow JWT to be extended by user HOT 3
- Documentation request. HOT 2
- Allow configuration of URIs in JWT helpers HOT 6
- Multiple JWT signers not working as expected HOT 1
- `bioConversionFailure` in `ECDSAKey` when using `P384` HOT 7
- This framework doesn't consider someone may use it in macOS? HOT 8
- Support for Swift 2.1 HOT 1
- Carthage support HOT 2
- Is this library can be installed using pods? HOT 4
- Missing RSA Encryption Algorithms HOT 3
- JWK Verification HOT 2
- Broken link to documentation HOT 1
- Library not working with Swift 3 HOT 1
- Missing ECDSASigner to support ES256 … HOT 4
- '&' used with non-inout argument of type 'JWT<_>' HOT 1
- [Question] - Encode with RS256 using string data of a private key HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwt.