Comments (10)
Lack of middleware is a serious bane to the development experience when utilizing Jester.
If you look at other web micro-frameworks, you'll notice a great deal of them end up having packages developed that integrate at the middleware level. This helps promote the growth of tooling around those libraries.
from jester.
I feel route matching/selective application of the middleware to desired routes is arguably the second most important feature of middleware short of its primary purpose of executing logic before the actual route's main logic.
What is the use of a login session manager/jwt middleware if even the login/register routes are protected?
I may be misunderstanding your previous comment, however, I think one potential solution would be to do it similarly to how Go's iris framework handles applying middleware to individual groups of api endpoints. Where in this example v1
has no middleware, but v2
has a jwt middleware:
func main() {
app := iris.Default()
// Simple group: v1.
v1 := app.Party("/v1")
{
v1.Post("/login", loginEndpoint)
v1.Post("/submit", submitEndpoint)
v1.Post("/read", readEndpoint)
}
// Simple group: v2.
v2 := app.Party("/v2", jwtHandler.Serve)
{
v2.Post("/login", loginEndpoint)
v2.Post("/submit", submitEndpoint)
v2.Post("/read", readEndpoint)
}
app.Run(iris.Addr(":8080"))
}
I'm not sure how we'd do it syntactically in jester but maybe something to the tune of this:
import jester
import authmiddleware
router api:
uses: authmiddleware.authenticate
get "/test":
resp "I'm authenticated!"
routes:
extend api, "/api"
from jester.
Superset of #51? Most of the required functionality should be there if #51 was fixed, then it's just a matter of piecing it together as you want to.
from jester.
After some discussion with @dom96 about the best methods of achieving packageable middleware, we are both at a loss for how it can be done currently and may need to consider adding additional functionality.
As can be seen in https://github.com/dom96/jester/blob/master/tests/alltest.nim#L165 there is the before
feature to get roughly the functionality we're looking for, however, it's not very extensible and wouldn't work well as far as packaging is concerned.
Per @dom96 https://github.com/dom96/jester/blob/master/jester.nim#L48 may be hookable to allow middleware to add it's own match procs, alongside register
to append (will need changes to prepend). How this could be optionally applied to only desired routes is yet to be seen.
from jester.
Best thing to do in these kinds of situations is to see how other frameworks do it :)
from jester.
I think you should stop thinking about how to mangle individual routes/matches. The middleware I thought would be useful would simply wrap the request at a lower level, like other implementations (cough rack cough) do it. Route matching is a different layer. IMHO, mingling the two adds confusion and needless complexity.
Apologies for pseudocode. You get the idea I hope.
proc myMiddleWare(r: Req, o: Resp, m: Next): .. =
if r.origin.wellLiked():
let before = time()
o.setCookie("hi", "there")
m.call(r, o)
let after = time()
o.setHeader("x-benchmark", after - before)
else:
info "Dropping ", r
jester.middlewareStack.insert myMiddleWare, 0
That said, I gave up on this for my previous use case so don't rush on my account.
from jester.
I'm wondering how to add JWT into Jester, I can imagine the best way is through middleware layer, or does anybody know any of nim web app server supports the feature out of box?
from jester.
You can already make use of libraries like nim-jwt fairly easily from Jester (there is at least one other library for this too). If you want middleware then you can check out @JohnAD's efforts: #227
from jester.
Thanks @dom96 !
JWT is a fairly generic tool. Is there a general purpose for JWT you would like to see supported in a middleware package? Such as user authentication? (Such as seen for Python Django with https://jpadilla.github.io/django-rest-framework-jwt/ ?) Or for access to external service by your web site (such as Zapier?)
from jester.
@JohnAD , If you look at python sanic framework, they have jwt as middleware supported very well.
from jester.
Related Issues (20)
- Can't import the newSettings function qualified HOT 1
- how to make exit procs work with --threads:on? HOT 2
- jester.nim(369, 24) Error: type mismatch: got <Request, utils.Settings> (0.5.0)
- double log output when using httpbeast HOT 7
- static files respond to non-GET http methods HOT 1
- No way to get raw query parameters
- Relative staticDir behavior changed
- Double log output on http requests HOT 1
- Jester crashes when async sleeping HOT 5
- development on windows (httpbeast) HOT 1
- finally block getting called twice? HOT 3
- Support binding on IPv6 address
- `std/cgi` will be moved to nimble packages
- Runtime SIGBUS: HOT 1
- how to use the setCookie fuction? HOT 1
- Docs: adding sections
- formData identical keys
- Bump tag to give new version through nimble HOT 2
- Revert PR #171 which auto decodes URL parameters HOT 6
- The jester.nimble file needs to be updated for v0.6.0 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jester.