gin-simple-token-middleware 🔑

A purposely simple middleware for securing access in the Gin framework with a statically-issued token. Tokens are provided once at creation and are not meant to be changed. They may be provided via either GET (?access_token=<token>) or the HTTP ‘Authorization’ header by using the ‘Token’ type (Authorization: Token <token>).

Usage

You may secure particular routes or complete groups — depending on where you will fit the middleware handler. The following example illustrates how to use the middleware for securing a group on a default Gin instance:

router := gin.Default()
group := router.Group("/", tokenmiddleware.NewHandler("some_token"))
group.POST("/graphql", graphQLHandler)

Access then is granted if requests either provide the respective token via GET (/graphql?access_token=some_token) or the HTTP header (Authentication: Token some_token). If not, access is denied with an HTTP 401.