Description Usage Arguments Value Examples
is_authed_jwt
checks whether a JWT passed as part of the HTTP request is valid.
The function can be passed to authenticate
's is_authed_fun
argument or it can be used standalone in any plumber endpoint.
is_authed_jwt
extracts the token from the HTTP Authorization header with the scheme 'bearer'.
1 2 | is_authed_jwt(req, res, token_location, secret = NULL, pubkey = NULL,
claims = NULL)
|
req |
Request object. |
res |
Response object. |
token_location |
character. Location of JWT. Either "header" or "cookie".
See |
secret |
character. The secret that was used to sign your JWT. The secret is converted to raw bytes in the function. Default NULL. |
pubkey |
character. Public RSA or ECDSA key that was used to generate the JWT. Default NULL. |
claims |
named list. Claims that should be checked in the JWT. Default NULL. |
list with the following elements:
is_authed: TRUE or FALSE. Result of the check whether the JWT is valid.
status: character. Optional. Short description of HTTP status code.
code: integer. Optional. HTTP status code.
message: character. Optional. Longer description.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | ## Not run:
pr$filter("sealr-jwt-filter", function(req, res){ # usage in a filter
sealr::authenticate(req = req, res = res, sealr::is_authed_jwt, secret = "averylongsupersecretsecret")
})
## End(Not run)
## Not run:
pr$handle("GET", "/somedata", function(req, res){ # usage in an endpoint
is_authed_list <- sealr::is_authed_jwt(req, res, secret = "averylongsupersecretsecret",
claims = list(iss = "myplumberapi"))
if (is_authed_list$is_authed){
return("somedata")
} else {
# return error or do something else
is_authed_list$is_authed <- NULL
return(is_authed_list)
}
})
## End(Not run)
|
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.