Bearer auth middleware
The bearer auth middleware is a generic bearer token authentication solution for webtasks. A request to a webtask configured with this middleware will be rejected with a 401
response if it lacks the correct bearer token.
Usage
To use the bearer auth middleware requires encoding a shared secret in the wt-auth-secret
secret that must be specified in Authentication: Bearer <SHARED_SECRET>
headers.
-
Set the wt-node-dependencies
metadata property to the stringified JSON of an object having @webtask/middleware-compiler
and @webtask/bearer-auth-middleware
properties whose values are the latest version of the @webtask/middleware-compiler module and this module, respectively.
{"@webtask/middleware-compiler":"1.1.0","@webtas/bearer-auth-middleware":"1.1.0"}
-
Set the wt-compiler
metadata property on your webtask to @webtask/middleware-compiler
.
-
Set (or add to) the wt-middleware
metadata property of your webtask to contain a comma-separated list containing @webtask/bearer-auth-middleware
.
-
Set the wt-auth-secret
secret to a shared secret.
-
Issue requests to your webtask, making sure that you add an Authorization
header having the value: Bearer <SHARED_SECRET>
.