Skip to content
On this page

Bearer Auth Middleware

The Bearer Auth Middleware provides authentication by verifying an API token in the Request header. The HTTP clients accessing the endpoint will add the Authorization header with Bearer {token} as the header value.

Using curl from the terminal, it would look like this:

curl -H 'Authorization: Bearer honoiscool' http://localhost:8787/auth/page
curl -H 'Authorization: Bearer honoiscool' http://localhost:8787/auth/page

Import

ts
import { Hono } from 'hono'
import { bearerAuth } from 'hono/bearer-auth'
import { Hono } from 'hono'
import { bearerAuth } from 'hono/bearer-auth'
ts
import { Hono } from 'https://deno.land/x/hono/mod.ts'
import { bearerAuth } from 'https://deno.land/x/hono/middleware.ts'
import { Hono } from 'https://deno.land/x/hono/mod.ts'
import { bearerAuth } from 'https://deno.land/x/hono/middleware.ts'

Usage

ts
const app = new Hono()

const token = 'honoiscool'

app.use('/api/*', bearerAuth({ token }))

app.get('/api/page', (c) => {
  return c.json({ message: 'You are authorized' })
})
const app = new Hono()

const token = 'honoiscool'

app.use('/api/*', bearerAuth({ token }))

app.get('/api/page', (c) => {
  return c.json({ message: 'You are authorized' })
})

To restrict to a specific route + method:

ts
const app = new Hono()

const token = 'honoiscool'

app.get('/api/page', (c) => {
  return c.json({ message: 'Read posts' })
})

app.post('/api/page', bearerAuth({ token }), (c) => {
  return c.json({ message: 'Created post!' }, 201)
})
const app = new Hono()

const token = 'honoiscool'

app.get('/api/page', (c) => {
  return c.json({ message: 'Read posts' })
})

app.post('/api/page', bearerAuth({ token }), (c) => {
  return c.json({ message: 'Created post!' }, 201)
})

Options

  • token: string - required
    • The string to validate the incoming bearer token against
  • realm: string
  • prefix: string
    • The prefix for the Authorization header value. Default is "Bearer"
  • hashFunction: Function
    • A function to handle hashing for safe comparison of authentication tokens

Recipes

Using on Fastly Compute@Edge

To use this middleware on Compute@Edge, you need to do one of two things:

  1. Polyfill the crypto module
  2. Install the crypto-js package, and provide a hashFunction to the middleware. (recommended)

Here's how to use this middleware with the crypto-js method:

  1. Install crypto-js via npm:
npm i crypto-js
npm i crypto-js
  1. Provide a hashFunction, using the SHA-256 implementation from crypto-js, to the middleware:
ts
import { SHA256 } from 'crypto-js'

app.use(
  '/auth/*',
  bearerAuth({
    token: 'honoiscool', // Required
    hashFunction: (d: string) => SHA256(d).toString(),
  })
)
import { SHA256 } from 'crypto-js'

app.use(
  '/auth/*',
  bearerAuth({
    token: 'honoiscool', // Required
    hashFunction: (d: string) => SHA256(d).toString(),
  })
)

Released under the MIT License.