beep
/
backend-auth
7
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Beep backend auth proxy
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11 Commits
1 Branch
0 Tags
34 KiB
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
 ZIP  TAR.GZ
Daniel Lim 78cd136987
Use RSA instead of HMAC. Fixes #1 		4 years ago
.env Use RSA instead of HMAC. Fixes #1 4 years ago
.gitignore Rewrite in Go with querystring support 4 years ago
Dockerfile Rewrite in Go with querystring support 4 years ago
README.md Rewrite in Go with querystring support 4 years ago
go.mod Rewrite in Go with querystring support 4 years ago
go.sum Rewrite in Go with querystring support 4 years ago
main.go Use RSA instead of HMAC. Fixes #1 4 years ago

README.md

backend-auth

Beep backend auth proxy.

Is basically tailored just for traefik's Forward Authentication system. It takes a GET, POST, PUT, PATCH or DELETE request, reads a Bearer Auth JWT token if available. Alternatively, the token can be supplied in the querystring as token. Tokens in the Authorization header override tokens in the querystring. If it is not available or invalid, request fails with 4XX and traefik rejects the request. Otherwise, a success response is returned with a X-User-Claim header containing serialised user information. OPTIONS requests are allowed to pass through wholesale.

Contents of X-User-Claim

{
  "userid": "<userid>",
  "clientid": "<clientid>"
}

Errors

auth responses with 400 if there is no token supplied, or 401 if there is an error processing the token.