Secure your fiber endpoints using API keys.
Report Bug · Request Feature

On deployment inject API keys authorized to use your service. Every call to a private endpoint of your service has to include a header['x-api-key'] attribute that is validated against the API keys (starting with: API_KEY_) in your environment. If it is present, a request is authorized. If it is not fiber returns 401 Unauthorized. Use this either as a middleware the usage.

• fiber

go get github.com/iwpnd/fiber-key-auth

As Middleware:

package main

import (
	"os"

	"github.com/iwpnd/fiber-key-auth"
	"github.com/gofiber/fiber/v2"
	)

os.Setenv("API_KEY_TEST", "valid")

func main() {
    app := fiber.New()

    app.Use(keyauth.New())

    app.Get("/", func(c *fiber.Ctx) error {
        return c.SendString("Hello, World 👋!")
    })

    app.Listen(":3000")
}

Now try to access your / route.

curl localhost:3000

>> "no api key"

curl localhost:3000 -H "x-api-key: invalid"

>> "invalid api key"

curl localhost:3000 -H "x-api-key: valid"

>> Hello, World 👋!

Distributed under the MIT License. See LICENSE for more information.

Benjamin Ramser - @imwithpanda - [email protected]
Project Link: https://github.com/iwpnd/fiber-key-auth