JWT Middleware API Validator is a middleware plugin for Traefik which verifies a jwt token and adds the payload as injected header to the request
Meaning that if the authorization code is in the request, it will get checked, and if it does, the request will go through.
The way the request is checked is by sending a GET request to a specific endpoint that you can override with ValidateAPIUrl.
If it returns a 200 response, it will go through.
If you want to check that a request is authenticated you'll need to verify that there is a Authorization header in your request.
You can also check the header that is injected ProxyHeaderName which is injectedPayload by default.
We delete it from the incoming requests, just in case.
This plugin is heavily inspired by : https://github.com/23deg/jwt-middleware
Start with command
command:
- "--experimental.plugins.traefik-jwt-optional-api-validator.modulename=github.com/sorasful/traefik-jwt-optional-api-validator"
- "--experimental.plugins.traefik-jwt-optional-api-validator.version=v0.0.14"Activate plugin in your config
http:
middlewares:
my-jwt-middleware:
plugin:
traefik-jwt-optional-api-validator:
proxyHeaderName: injectedPayload
authHeader: Authorization
headerPrefix: Bearer
optional: true
ValidateAPIUrl: http://yourAPI/validate-tokenUse as docker-compose label
labels:
- "traefik.http.routers.my-service.middlewares=my-jwt-middleware@file"