Created
January 15, 2021 05:31
-
-
Save jonathanbernal25/c3c18c2589d525fdd983e79c14554e85 to your computer and use it in GitHub Desktop.
This file is for injecting custom authentication in API lifecycle, for Tyk Gateway.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "net/http" | |
| "github.com/TykTechnologies/tyk/ctx" | |
| "github.com/TykTechnologies/tyk/headers" | |
| "github.com/TykTechnologies/tyk/log" | |
| "github.com/TykTechnologies/tyk/user" | |
| ) | |
| var logger = log.Get() | |
| func getSessionByKey(key string) *user.SessionState { | |
| // here goes our logic to check if passed API key is valid and appropriate key session can be retrieved | |
| // perform auth (only one token "abc" is allowed) | |
| if key != "abc" { | |
| return nil | |
| } | |
| // return session | |
| return &user.SessionState{ | |
| OrgID: "default", | |
| Alias: "abc-session", | |
| } | |
| } | |
| func MyPluginAuthCheck(rw http.ResponseWriter, r *http.Request) { | |
| // try to get session by API key | |
| key := r.Header.Get(headers.Authorization) | |
| session := getSessionByKey(key) | |
| if session == nil { | |
| // auth failed, reply with 403 | |
| rw.WriteHeader(http.StatusForbidden) | |
| return | |
| } | |
| logger.Info("Processing HTTP request in Golang plugin!!") | |
| // auth was successful, add session and key to request's context so other middlewares can use it | |
| ctx.SetSession(r, session, key, true) | |
| } | |
| func main() {} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment