Bearer Auth Middleware
The Bearer Auth Middleware provides authentication by verifying an API token in the Request header. The HTTP clients accessing the endpoint will add the Authorization
header with Bearer {token}
as the header value.
Using curl
from the terminal, it would look like this:
curl -H 'Authorization: Bearer honoiscool' http://localhost:8787/auth/page
curl -H 'Authorization: Bearer honoiscool' http://localhost:8787/auth/page
Import
ts
import { Hono } from 'hono'
import { bearerAuth } from 'hono/bearer-auth'
import { Hono } from 'hono'
import { bearerAuth } from 'hono/bearer-auth'
ts
import { Hono } from 'https://deno.land/x/hono/mod.ts'
import { bearerAuth } from 'https://deno.land/x/hono/middleware.ts'
import { Hono } from 'https://deno.land/x/hono/mod.ts'
import { bearerAuth } from 'https://deno.land/x/hono/middleware.ts'
Usage
ts
const app = new Hono()
const token = 'honoiscool'
app.use('/api/*', bearerAuth({ token }))
app.get('/api/page', (c) => {
return c.json({ message: 'You are authorized' })
})
const app = new Hono()
const token = 'honoiscool'
app.use('/api/*', bearerAuth({ token }))
app.get('/api/page', (c) => {
return c.json({ message: 'You are authorized' })
})
To restrict to a specific route + method:
ts
const app = new Hono()
const token = 'honoiscool'
app.get('/api/page', (c) => {
return c.json({ message: 'Read posts' })
})
app.post('/api/page', bearerAuth({ token }), (c) => {
return c.json({ message: 'Created post!' }, 201)
})
const app = new Hono()
const token = 'honoiscool'
app.get('/api/page', (c) => {
return c.json({ message: 'Read posts' })
})
app.post('/api/page', bearerAuth({ token }), (c) => {
return c.json({ message: 'Created post!' }, 201)
})
Options
token
: string - required- The string to validate the incoming bearer token against
realm
: string- The domain name of the realm, as part of the returned WWW-Authenticate challenge header. Default is
""
- _See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/WWW-Authenticate#directives_
- The domain name of the realm, as part of the returned WWW-Authenticate challenge header. Default is
prefix
: string- The prefix for the Authorization header value. Default is
"Bearer"
- The prefix for the Authorization header value. Default is
hashFunction
: Function- A function to handle hashing for safe comparison of authentication tokens
Recipes
Using on Fastly Compute@Edge
To use this middleware on Compute@Edge, you need to do one of two things:
- Polyfill the
crypto
module - Install the
crypto-js
package, and provide ahashFunction
to the middleware. (recommended)
Here's how to use this middleware with the crypto-js
method:
- Install
crypto-js
via npm:
npm i crypto-js
npm i crypto-js
- Provide a
hashFunction
, using the SHA-256 implementation fromcrypto-js
, to the middleware:
ts
import { SHA256 } from 'crypto-js'
app.use(
'/auth/*',
bearerAuth({
token: 'honoiscool', // Required
hashFunction: (d: string) => SHA256(d).toString(),
})
)
import { SHA256 } from 'crypto-js'
app.use(
'/auth/*',
bearerAuth({
token: 'honoiscool', // Required
hashFunction: (d: string) => SHA256(d).toString(),
})
)