Popularity
2.2
Growing
Activity
2.2
-
25
2
5
Programming language: Go
License: MIT License
Tags:
Server Applications
Latest version: v2.0.0
simple-jwt-provider alternatives and similar packages
Based on the "Server Applications" category.
Alternatively, view simple-jwt-provider alternatives based on common mentions on social networks and blogs.
-
-
etcd
Distributed reliable key-value store for the most critical data of a distributed system -
-
-
-
Vault
A tool for secrets management, encryption as a service, and privileged access management -
consul
Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. -
apex
Build, deploy, and manage AWS Lambda functions with ease (with Go support!). -
RoadRunner
🤯 High-performance PHP application server, process manager written in Go and powered with plugins -
Ponzu
Headless CMS with automatic JSON API. Featuring auto-HTTPS from Let's Encrypt, HTTP/2 Server Push, and flexible server framework written in Go. -
Jocko
Kafka implemented in Golang with built-in coordination (No ZK dep, single binary install, Cloud Native) -
-
SFTPGo
Fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support - S3, Google Cloud Storage, Azure Blob -
-
discovery
A registry for resilient mid-tier load balancing and failover. -
Flagr
Flagr is a feature flagging, A/B testing and dynamic configuration microservice -
algernon
:tophat: Small self-contained pure-Go web server with Lua, Markdown, HTTP/2, QUIC, Redis and PostgreSQL support -
Key Transparency
A transparent and secure way to look up public keys. -
Trickster
Open Source HTTP Reverse Proxy Cache and Time Series Dashboard Accelerator -
Rendora
dynamic server-side rendering using headless Chrome to effortlessly solve the SEO problem for modern javascript websites -
GeoDNS in Go
DNS server with per-client targeted responses -
jackal
💬 Instant messaging server for the Extensible Messaging and Presence Protocol (XMPP). -
-
Golang API Starter Kit
Go Server/API boilerplate using best practices DDD CQRS ES gRPC -
Walrus
🔥 Fast, Secure and Reliable System Backup, Set up in Minutes. -
go-feature-flag
A simple and complete feature flag solution, without any complex backend system to install, all you need is a file as your backend. 🎛️ -
Euterpe
Self-hosted music streaming server 🎶 with RESTful API and Web interface. Think of it as your very own Spotify! ☁️🎧 -
goproxy
🦁 goproxy is a proxy server which can forward http or https requests to remote servers./ goproxy 是一个反向代理服务器,支持转发 http/https 请求。 -
Aegis
Serverless Golang deploy tool and framework for AWS Lambda -
Eru
Eru, a simple, stateless, flexible, production-ready orchestrator designed to easily integrate into existing workflows. Can run any virtualization things in long or short time. -
marathon-consul
Integrates Marathon apps with Consul service discovery. -
dummy
Run mock server based off an API contract with one command -
Simple CRUD App w/ Gorilla/Mux, MariaDB
Simple CRUD Application with Go, Gorilla/mux, MariaDB, Redis. -
cortex-tenant
Prometheus remote write proxy that adds Cortex tenant ID based on metric labels -
lets-proxy2
Reverse proxy with automatically obtains TLS certificates from Let's Encrypt -
go-proxy-cache
Simple Reverse Proxy with Caching, written in Go, using Redis. -
psql-streamer
Stream database events from PostgreSQL to Kafka -
autobd
autobd is an automated, networked and containerized backup solution -
nginx-prometheus
Turn Nginx logs into Prometheus metrics -
protoxy
A proxy server than converts JSON request bodies to protocol buffers -
riemann-relay
Service for relaying Riemann events to Riemann/Carbon destinations
Less time debugging, more time building
Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
Promo
scoutapm.com
Do you think we are missing an alternative of simple-jwt-provider or a related project?
|
Clean code begins in your IDE with SonarLint
sponsored
www.sonarlint.org
|
Popular Comparisons
-
simple-jwt-providervsSFTPGo
-
traefikvsCaddy
-
traefikvsgobetween
-
traefikvsconsul
-
consulvsetcd
|
SaaSHub - Software Alternatives and Reviews
sponsored
www.saashub.com
|
README
simple-jwt-provider
Simple and lightweight JWT-Provider written in go (golang). It exhibits JWT for the in postgres or sqlite persisted user, which can be managed via api. Also, a password-reset flow via mail verification is available. User specific custom-claims also available for jwt-generation and mail rendering.
dockerized: https://hub.docker.com/r/leberkleber/simple-jwt-provider
build it yourself:
```shell script
as docker-image
docker build . -t leberkleber/simple-jwt-provider
as binary
go build -o simple-jwt-provider ./cmd/provider/
# Table of contents
- [Try it](#try-it)
- [Getting started](#getting-started)
- [Generate ECDSA-512 key pair](#generate-ecdsa-512-key-pair)
- [Configuration](#configuration)
- [API](#api)
- [POST `/v1/auth/login`](#post-v1authlogin)
- [POST `/v1/auth/refresh`](#post-v1authrefresh)
- [POST `/v1/auth/password-reset-request`](#post-v1authpassword-reset-request)
- [POST `/v1/auth/password-reset`](#post-v1authpassword-reset)
- [POST `/v1/admin/users`](#post-v1adminusers)
- [PUT `/v1/admin/users/{email}`](#put-v1adminusersemail)
- [DELETE `/v1/admin/users/{email}`](#delete-v1adminusersemail)
- [Mail](#mail)
- [Password reset request](#password-reset-request)
- [Development](#development)
- [mocks](#mocks)
- [component tests](#component-tests)
## Try it
```shell script
git clone [email protected]:leberKleber/simple-jwt-provider.git
docker-compose -f example/docker-compose.yml up
# create user via admin-api
./example/create-user.sh [email protected] password {}
# login with created user
./example/login.sh [email protected] password
# reset password
# 1) create password reset request
# - mail with reset token would be send
# 2) reset password with received token
# 3) do crud operations on user
# 1) create password reset request
./example/create-password-reset-request.sh [email protected]
# 1.1) open browser at http://127.0.0.1:8025/ and copy reset token (token only not the url)
# 2) reset password with received token
./example/reset-password.sh [email protected] newPassword {reset-token}
# verify new password
./example/login.sh [email protected] newPassword
# 3) do crud operations on user
# see ./example/*.sh
Getting started
Generate ECDSA-512 key pair
# private key
openssl ecparam -genkey -name secp521r1 -noout -out ecdsa-p521-private.pem
# public key
openssl ec -in ecdsa-p521-private.pem -pubout -out ecdsa-p521-public.pem
Configuration
| Environment variable | Description | Required | Default |
|---|---|---|---|
| SJP_LOG_LEVEL | Log-Level can be TRACE DEBUG INFO WARN ERROR FATAL or PANIC | no | INFO |
| SJP_SERVER_ADDRESS | Server-address network-interface to bind on e.g.: '127.0.0.1:8080' | no | 0.0.0.0:80 |
| SJP_JWT_LIFETIME | Lifetime of JWT | no | 4h |
| SJP_JWT_PRIVATE_KEY | JWT PrivateKey ECDSA512 | yes | - |
| SJP_JWT_AUDIENCE | Audience private claim which will be applied in each JWT | no | - |
| SJP_JWT_ISSUER | Issuer private claim which will be applied in each JWT | no | - |
| SJP_JWT_SUBJECT | Subject private claim which will be applied in each JWT | no | - |
| SJP_DATABASE_TYPE | Database type. Currently supported postgres and sqlite | yes | - |
| SJP_DATABASE_TYPE | Data Source Name for persistence | yes | - |
| SJP_ADMIN_API_ENABLE | Enable admin API to manage stored users (true / false) | no | false |
| SJP_ADMIN_API_USERNAME | Basic Auth Username if enable-admin-api = true | yes, when enable-admin-api = true | - |
| SJP_ADMIN_API_PASSWORD | Basic Auth Password if enable-admin-api = true when is bcrypted prefix with 'bcrypt:' | yes, when enable-admin-api = true | - |
| SJP_MAIL_TEMPLATES_FOLDER_PATH | Path to mail-templates folder | no | /mail-templates |
| SJP_MAIL_SMTP_HOST | SMTP host to connect to | yes | - |
| SJP_MAIL_SMTP_PORT | SMTP port to connect to | no | 587 |
| SJP_MAIL_SMTP_USERNAME | SMTP username to authorize with | yes | - |
| SJP_MAIL_SMTP_PASSWORD | SMTP password to authorize with | yes | - |
| SJP_MAIL_TLS_INSECURE_SKIP_VERIFY | true if certificates should not be verified | no | false |
| SJP_MAIL_TLS_SERVER_NAME | name of the server who expose the certificate | no | - |
API
POST /v1/auth/login
This endpoint will check the email/password combination and will set the respond with an jwtauthToken if correct:
Request body:
{
"email": "[email protected]",
"password": "s3cr3t"
}
Response body (200 - OK):
{
"access_token": "<access-jwt>",
"refresh_token": "<refresh-jwt>"
}
POST /v1/auth/refresh
This endpoint will return a new access and refresh token. The submitted refresh-token will no longer be valid.
Request body:
{
"refresh_token": "<refresh_jwt>"
}
Response body (200 - OK):
{
"access_token": "<new-access-jwt>",
"refresh_token": "<new-refresh-jwt>"
}
POST /v1/auth/password-reset-request
This endpoint will trigger a password reset request. The user gets a token per mail. With this token, the password can
be reset via [email protected]/v1/auth/password-reset.
Request body:
{
"email": "[email protected]"
}
Response (201 - CREATED)
POST /v1/auth/password-reset
This endpoint will reset the password of the given user if the reset-token is valid and matches to the given email.
Request body:
{
"email": "[email protected]",
"reset_token": "rAnDoMsHiT456",
"password": "SeCReT"
}
Response (204 - NO CONTENT)
POST /v1/admin/users
This endpoint will create a new user if admin api auth was successfully:
Request body:
{
"email": "[email protected]",
"password": "s3cr3t",
"claims": {
"myCustomClaim": "custom claims for jwt and mail templates"
}
}
Response body (201 - CREATED)
PUT /v1/admin/users/{email}
This endpoint will update the given properties (excluding email) of the user with the given email when the admin api auth was successfully:
Request body:
{
"password": "n3wS3cr3t",
"claims": {
"updatedClaim": "now updated"
}
}
Response body (200 - NO CONTENT)
{
"email": "[email protected]",
"password": "**********",
"claims": {
"updatedClaim": "now updated"
}
}
DELETE /v1/admin/users/{email}
This endpoint will delete the user with the given email when there are no tokens which referred to this user, and the admin api auth was successfully:
Response body (201 - NO CONTENT)
Mails will be generated based on a set of templates which should be prepared for productive usage.
<mailType>.htmlrepresents the html body of the mail and can be templated withhtml.templatesyntax (https://golang.org/pkg/html/template/). Available templating arguments listed in detailed template type description.<mailType>.txtrepresents the text body of the mail and can be templated withtext.templatesyntax (https://golang.org/pkg/text/template/). Available templating arguments listed in detailed template type description.<mailType>.ymlrepresents the header of the mail. In this template headers e.g.From,ToorSubjectcan be settext.templatesyntax (https://golang.org/pkg/text/template/). Available templating arguments listed in detailed template type description.
Password reset request
An example of this mail type can be found in /mail-templates/password-reset-request.*. Available template arguments:
| Argument | Content | Example usage |
|---|---|---|
| Recipient | Users email address | {{.Recipient}} |
| PasswordResetToken | The token which is required to reset the password | {{.PasswordResetToken}} |
| Claims | All custom-claims which stored in relation to the user | {{if index .Claims "first_name"}} |
Development
mocks
Mocks will be generated with github.com/matryer/moq. Execute the following for generation:
```shell script go get github.com/matryer/moq go generate ./...
### component tests
Component tests can be executed locally with:
```shell script
# build simple-jwt-provider from source code
# setup infrastructure
# run all test file with build-tag component in /cmd/provider
./component-tests.sh