Query string about go-jwt-middleware HOT 6 CLOSED

Seems like this issue can be closed since #3 was merged?

from go-jwt-middleware.

Hey,

I thought of that but didn't have time yet to implement it!

I'm up to making it configurable. Maybe 3 configurations like in angular-jwt:

type: Header || Param. Defaults to Header
fieldName: Authorization
tokenType: Bearer

What do you think about it?

Thanks for offering to do a PR. We'll gladly accept it if you can do it.

Thanks again!

from go-jwt-middleware.

I think a func req -> token , like in express-jwt will be better.

from go-jwt-middleware.

@jfromaniello Could you elaborate? It seems like what you want is essentially just a middleware interface. But we already have that (at least if you are coming from negroni or martini). The question is really what to do "in the middle". The current implementation simply validates the identify of the person making the request. That is actually all I want. What I want to make configurable is where that identity is extracted from (Authorization header, query string, ...)

express-jwt actually seems to be enforcing policies as well. I don't really want to go that far (since I have my own policy enforcement layer already).

I'll put together a PR and you guys can comment on it. I'll post here when the PR is submitted (should be this morning).

from go-jwt-middleware.

@jfromaniello Ah! OK. Now I see your point. What you are saying is that the user could provide a function that extracts the token from the request. Got it! That's a good idea. I'll try and build on that.

from go-jwt-middleware.

@jfromaniello good idea.

Thanks @mtiller for the PR ;)

from go-jwt-middleware.