api/handlers/v1/auth.go

@@ -18,7 +18,7 @@ type JwtToken struct {
 	jwt.RegisteredClaims
 }
 
-func generateJwt() (string, error) {
+func generateJwt(username string) (string, error) {
 	//TODO use env here
 	secret := []byte("ThisIsABadSecretDontReallyUseThis")
 
@@ -26,7 +26,7 @@ func generateJwt() (string, error) {
 	claims := token.Claims.(jwt.MapClaims)
 	claims["exp"] = time.Now().Add(10 * time.Minute)
 	claims["authorized"] = true
-	claims["username"] = "someone"
+	claims["username"] = username
 
 	tokenString, err := token.SignedString(secret)
 	if err != nil {
@@ -86,7 +86,7 @@ func (h *Handler) AuthLogin(c echo.Context) error {
 		return c.JSON(http.StatusInternalServerError, err)
 	}
 
-	token, err := generateJwt()
+	token, err := generateJwt(username)
 	if err != nil {
 		return c.JSON(http.StatusInternalServerError, err)
 	}

api/handlers/v1/demo.go

@@ -38,17 +38,16 @@ func (h *Handler) HelloBody(c echo.Context) error {
 	if err != nil {
 		return c.JSON(http.StatusBadRequest, HelloWhoResponse{
 			Success: false,
-			Error: err.Error(),
+			Error:   err.Error(),
 		})
 	}
-	
+
 	return c.JSON(http.StatusOK, HelloWhoResponse{
 		Success: true,
 		Message: fmt.Sprintf("Hello, %s", request.Name),
 	})
 }
 
-
-func (h *Handler) ProtectedRoute(c echo.Context)error {
-	return nil
-}
+func (h *Handler) ProtectedRoute(c echo.Context) error {
+	return c.JSON(http.StatusOK, "You have a good bearer token!")
+}

api/handlers/v1/handler.go

@@ -43,7 +43,8 @@ func (h *Handler) Register(v1 *echo.Group) {
 	demo.GET("/hello/body", h.HelloBody)
 
 	protected := v1.Group("/demo/protected")
-	protected.GET("/", h.ProtectedRoute)
+	protected.Use(echojwt.WithConfig(jwtConfig))
+	protected.GET("", h.ProtectedRoute)
 
 	//recipes := v1.Group("/recipe")
 

rest.http

@@ -18,4 +18,5 @@ Content-Type: application/json
 POST http://localhost:1323/api/v1/login?username=test
 
 ###
-GET http://localhost:1323/api/v1/demo/protected
+GET http://localhost:1323/api/v1/demo/protected
+Authorization: Bearer