https://github.com/rgglez/gofiber-roles-middleware
Middleware to validate if the user has certain roles in the claims
https://github.com/rgglez/gofiber-roles-middleware
go gofiber jwt middleware roles roles-permissions zitadel
Last synced: about 1 month ago
JSON representation
Middleware to validate if the user has certain roles in the claims
- Host: GitHub
- URL: https://github.com/rgglez/gofiber-roles-middleware
- Owner: rgglez
- License: apache-2.0
- Created: 2024-11-06T04:42:09.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2024-11-08T02:41:27.000Z (6 months ago)
- Last Synced: 2025-01-28T01:44:30.764Z (3 months ago)
- Topics: go, gofiber, jwt, middleware, roles, roles-permissions, zitadel
- Language: Go
- Homepage:
- Size: 18.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://opensource.org/licenses/Apache-2.0)
[](https://goreportcard.com/report/github.com/rgglez/gofiber-roles-middleware)
[](https://github.com/rgglez/gofiber-roles-middleware/releases/)
**gofiber-roles-middleware** is a [gofiber](https://gofiber.io/) [middleware](https://docs.gofiber.io/category/-middleware/) which verifies if the specified role(s) are present in a customizable key in the custom claims part of a given [JWT token](https://jwt.io/).
## Installation
```bash
go get github.com/rgglez/gofiber-roles-middleware
```
## Usage
```go
import gofiberroles "github.com/rgglez/gofiber-roles-middleware/gofiberroles"
// Initialize Fiber app and middleware
app := fiber.New()
app.Use(gofiberroles.New(gofiberroles.Config{RequiredRoles: []string{"admin", "user"}, RequireAll: true}))
```
## Configuration
There are some configuration options available in the ```Config``` struct:
* **```Next```** defines a function to skip this middleware when returned true. Optional. Default: nil
* **```RequiredRoles```** an array of strings which defines the required roles which the user must have (in the claims). Required.
* **```RequireAll```** a boolean which defines if all the required roles must be present in the claims. Optional. Default: true.
* **```ClaimsKey```** a string which will be used as the key to search for the roles in the claims. Optional. Default: "urn:zitadel:iam:org:project:roles". Notice that this is the default used by [Zitadel](https://zitadel.io).
## Notes
* This middleware **does not verify the signature of the token**. It assumes that your program does that verification with some other middleware.
* The middleware was written with [Zitadel](https://zitadel.io) in mind. You might need to make some adjustments so it works with other claims structure. The token is assumed to be encoded with Base64 and just signed, not encrypted.
## Example
An example is provided in the [example/](example/) directory.
### Run it
```bash
cd example
go run main.go
```
### Try it
Then, if it started correctly, assuming that you filled the enviroment variables in ```test_data.sh``` . Or, just set the same variables explained in the Testing section.
```bash
# first step is optional
source /path/to/test_data.sh
```
You will need [pytest](https://en.wikipedia.org/wiki/Pytest) tu run the test:
```bash
cd tests
pytest
```
## Testing
A test is included. To run the test you must:
1. Get a valid JWT token, maybe from your Zitadel instance.
1. Set the test data in the enviroment. An example bash script is provided in [```test_data.sh```](test_data.sh) as a guide. You must fill in the values with your own data accordingly:
```bash
# A token got from a valid login
export ZITADEL_TOKEN=
# A string of comma-separated role names
export ZITADEL_ROLES=
```
If you use this script, you should need to [source](https://www.geeksforgeeks.org/source-command-in-linux-with-examples/) it.
1. Run
```bash
go test
```
inside the [```gofiberroles/```](gofiberroles/) directory.
## Dependencies
* [github.com/gofiber/fiber/v2](https://github.com/gofiber/fiber/v2)
## License
Copyright (c) 2024 Rodolfo González González
Licensed under the [Apache 2.0](LICENSE) license. Read the [LICENSE](LICENSE) file.