beep
/
backend-auth
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Beep backend auth proxy
8 Commits
1 Branch
0 Tags
34 KiB
Go 91.6%
Dockerfile 8.4%
 
 
Go to file
Sudharshan S. 98566ca24f
chore: adding back Dockerfile 		2019-03-23 22:47:40 +08:00
src Get token from forwarded querystring 2019-03-23 21:35:13 +08:00
.env Initial commit 2019-02-22 23:08:10 +08:00
.gitignore Initial commit 2019-02-22 23:08:10 +08:00
Cargo.toml Get token from forwarded querystring 2019-03-23 21:35:13 +08:00
Dockerfile chore: adding back Dockerfile 2019-03-23 22:47:40 +08:00
README.md Added capability for auth to read tokens from querystring. 2019-03-23 19:42:16 +08:00

README.md

backend-auth

Beep backend auth proxy. At long last, something done properly in Rust. My ancestors are smiling at me, Imperial, can you say the same?

Is basically tailored just for traefik's Forward Authentication system. It takes a GET, POST, PUT, PATCH or DELETE request, reads a Bearer Auth JWT token if available. Alternatively, the token can be supplied in the querystring as token. Tokens in the Authorization header override tokens in the querystring. If it is not available or invalid, request fails with 4XX and traefik rejects the request. Otherwise, a success response is returned with a X-User-Claim header containing serialised user information. OPTIONS requests are allowed to pass through wholesale.

Contents of X-User-Claim

{
  "userid": "<userid>",
  "clientid": "<clientid>"
}

Errors

auth responses with 400 if there is no token supplied, or 401 if there is an error processing the token.