Swift package for adding API Key requirement to vapor backends.

Last update: Dec 9, 2021

Related tags

Overview

APIKeyMiddleware

Swift package for adding API Key requirement to vapor backends.

Features

✅ Supports an array of keys
✅ Supports overriding thrown errors
✅ 100% Test Coverage

Usage

Requests are expected to have the header api-key.

Simple

public func configure(_ app: Application) throws {
    app.middleware.use(APIKeyMiddleware(keys: ["123"]))
}

See Vapor Docs if wanting to add to individual routes.

Override Errors

The following errors are used by default:

Missing API key: Abort(.badRequest, reason: "Missing api-key.")
Unauthorized API Key: Abort(.unauthorized, reason: "Unauthorized api-key.")

To override these errors, assign a delegate to the APIKeyMiddleware. Returning nil uses defaults.

class Delegate: APIKeyMiddlewareDelegate {

    static let shared = Delegate()

    init() {}

    func errorForMissingKey(in middleware: APIKeyMiddleware) -> Error? {
        Abort(.imATeapot, reason: "Missing api-key was found by teapot.")
    }

    func errorForUnauthorizedKey(in middleware: APIKeyMiddleware) -> Error? {
        Abort(.imATeapot, reason: "Unauthorized api-key was found by teapot.")
    }
}

public func configure(_ app: Application) throws {
    let middleware = APIKeyMiddleware(keys: ["123"], delegate: Delegate.shared)
    app.middleware.use(middleware)
}

Installation

SPM

Add the following to your project:

https://github.com/ptrkstr/APIKeyMiddleware

Possible Future Features

Raise an issue if you need these

Allow overriding API-Key header name

You might also like...

Server-side Swift. The Perfect core toolset and framework for Swift Developers. (For mobile back-end development, website and API development, and more…)

Perfect: Server-Side Swift 简体中文 Perfect: Server-Side Swift Perfect is a complete and powerful toolbox, framework, and application server for Linux, iO

13.9k Jan 6, 2023

Quickstart-ios-swift-grpc - Quickstart for integrating Approov with iOS apps in Swift that make API requests you wish to protect using GRPC

Approov Quickstart: iOS Swift GRPC (Google Remote Procedure Call) This quickstar

0 Jan 26, 2022

Access Xcode Server API with native Swift objects.

Xcode Server SDK Use Xcode Server's API with native Swift objects. First brought to you in Buildasaur, now in an independent project. This is an unoff

401 Dec 29, 2022

A WIP Swift wrapper for Discord's Bot API.

Quickcord Quickcord is a WIP Swift wrapper for Discord's Bot API. Features (As of right now) Connecting the the gateway and identifying. Literally eve

4 Aug 7, 2021

An unofficial supported Swift client library for accessing News API.

9 Oct 1, 2022

A modern Swift wrapper for Instagram Private API.

Swiftagram is a wrapper for Instagram Private API, written entirely in (modern) Swift. Instagram's official APIs, both the Instagram Basic Display API

217 Dec 27, 2022

A lightweight generic networking API written purely in Swift

SwiftyNetworking SwiftyNetworking library is a generic networking library writte

0 Dec 24, 2021

A web API client in Swift built using Async/Await

Get A modern web API client in Swift built using Async/Await and Actors. let cli

745 Jan 3, 2023

Elegant API Abstraction for Swift

Endpoint (Deprecated) ⚠️ This project has been deprecated. Consider using Moya and MoyaSugar instead. 🚀 Elegant API Abstraction for Swift. At a Glanc

35 Mar 29, 2019

Comments

Feature Request: Store API Key in DB and validate in middleware

It would be great if we can store an API Key in the db (with a migration using bcrypt) and then check if the api-key header is valid against multiple api-keys stored in the DB. Maybe do something like what Fluent has in ModelAuthenticatable or in ModelTokenAuthenticatable.

Having multiple api-key allows controlling which client can access the data.
enhancement

opened by Axort 3