Key Auth (密钥认证) 中间件
Key Auth 中间件提供了一个基于密钥的验证方式。
- 对于有效密钥,它将调用下一个处理程序。
- 对于无效密钥,它会发送 “401 - Unauthorized” 响应。
- 对于丢失密钥,它发送 “400 - Bad Request” 响应。
用法
e.Use(middleware.KeyAuth(func(key string) bool {
return key == "valid-key"
}))
自定义配置
用法
e := echo.New()
e.Use(middleware.KeyAuthWithConfig(middleware.KeyAuthConfig{
KeyLookup: "query:api-key",
}))
配置
// KeyAuthConfig defines the config for KeyAuth middleware.
KeyAuthConfig struct {
// Skipper defines a function to skip middleware.
Skipper Skipper
// KeyLookup is a string in the form of "<source>:<name>" that is used
// to extract key from the request.
// Optional. Default value "header:Authorization".
// Possible values:
// - "header:<name>"
// - "query:<name>"
KeyLookup string `json:"key_lookup"`
// AuthScheme to be used in the Authorization header.
// Optional. Default value "Bearer".
AuthScheme string
// Validator is a function to validate key.
// Required.
Validator KeyAuthValidator
}
默认配置
DefaultKeyAuthConfig = KeyAuthConfig{
Skipper: defaultSkipper,
KeyLookup: "header:" + echo.HeaderAuthorization,
AuthScheme: "Bearer",
}