Skip to content
This repository has been archived by the owner on Oct 25, 2020. It is now read-only.

Latest commit

 

History

History
18 lines (12 loc) · 845 Bytes

README.md

File metadata and controls

18 lines (12 loc) · 845 Bytes

backend-auth

Beep backend auth proxy.

Is basically tailored just for traefik's Forward Authentication system. It takes a GET, POST, PUT, PATCH or DELETE request, reads a Bearer Auth JWT token if available. Alternatively, the token can be supplied in the querystring as token. Tokens in the Authorization header override tokens in the querystring. If it is not available or invalid, request fails with 4XX and traefik rejects the request. Otherwise, a success response is returned with a X-User-Claim header containing serialised user information. OPTIONS requests are allowed to pass through wholesale.

Contents of X-User-Claim

{
  "userid": "<userid>",
  "clientid": "<clientid>"
}

Errors

auth responses with 400 if there is no token supplied, or 401 if there is an error processing the token.