search

gofiber / keyauth

🧬 Key Authentication for Fiber
https://github.com/gofiber/fiber
MIT License
76 stars 12 forks source link

Support skipping this middleware if key is not submitted #57

Closed ansidev closed 1 year ago

ansidev commented 2 years ago

Currently, if the key is missing, the ErrorHandler will be called.

In some cases, I want to apply this middleware globally, so with this behaviour, some public endpoint that does not need authentication will be failed.

I think it would be better if we can skip this middleware if the client does not submit the key (only call error handler if the key is malformed).

leonklingele commented 1 year ago

I think it's best to only apply this middleware to certain endpoints then, like this:

app.Use("/api/v1/protected", keyauth.New(keyauth.Config{
    KeyLookup: "cookie:access_token",
    ContextKey: "my_token",
}))

Or define a custom ErrorHandler and handle ErrMissingOrMalformedAPIKey by yourself.

gaby commented 1 year ago

@ansidev Does the suggestion from @leonklingele fixes your issue?

leonklingele commented 1 year ago

You can also skip the middleware by defining a custom Filter func, which when returning true, will not call the middleware: https://github.com/gofiber/keyauth/blob/725ab4a5e604a1f637c2c80583eb792f5d7c7694/main.go#L21-L23