Esempio n. 1
0
func TestJWTAuthenticationWrongToken(t *testing.T) {
	m := minion.Classic(minion.Options{JWTToken: "123"})

	usersHandler := func(ctx *minion.Context) {
		j := struct {
			Message string `json:"message"`
		}{
			"ok",
		}
		ctx.JSON(200, j)
	}

	m.Get("/users", usersHandler)

	ts := httptest.NewServer(m)
	defer ts.Close()

	var j, body string
	var status int

	tokenAuth := jwtauth.New("HS256", []byte("wrong"), nil)
	_, tokenString, _ := tokenAuth.Encode(nil)

	h := http.Header{}
	h.Set("Authorization", "BEARER "+tokenString)

	status, body = tst.Request(t, ts, "GET", "/users", h, nil)
	tst.AssertEqual(t, 401, status)

	j = `{"status":401,"message":"Unauthorized"}`
	tst.AssertEqual(t, j, body)
}
Esempio n. 2
0
func init() {
	TokenAuth = jwtauth.New("HS256", []byte("secret"), nil)

	// For debugging/example purposes, we generate and print
	// a sample jwt token with claims `user_id:123` here:
	_, tokenString, _ := TokenAuth.Encode(jwtauth.Claims{"user_id": 123})
	fmt.Printf("DEBUG: a sample jwt is %s\n\n", tokenString)
}
Esempio n. 3
0
// Classic returns a new Engine instance with basic middlewares
// Recovery, Logger, CORS and JWT
func Classic(opts Options) *Engine {
	engine := New(opts)
	crs := cors.New(cors.Options{
		AllowedOrigins: engine.options.Cors,
	})

	tokenAuth = jwtauth.New("HS256", []byte(opts.JWTToken), nil)
	ctx := engine.pool.Get().(*Context)

	engine.Use(Recovery)
	engine.Use(Logger)
	engine.Use(crs.Handler)
	engine.Use(tokenAuth.Verifier)
	engine.Use(ctx.Authenticator)

	return engine
}
Esempio n. 4
0
func init() {
	TokenAuth = jwtauth.New("HS256", TokenSecret, nil)
}