AuthMiddleware class
Enhanced Authentication Middleware for protecting routes
This middleware provides comprehensive authentication support with:
- Multiple token types (Bearer, Basic, API Key)
- Configurable error handling
- User data caching
- Role-based access control
- Flexible guard selection
Features:
- Bearer token extraction and validation
- Basic authentication support
- API key authentication
- Automatic user data attachment
- Comprehensive error handling
- Configurable through builder pattern
Example usage:
// Bearer token authentication
final authMiddleware = AuthMiddleware.bearer();
// API key authentication
final apiMiddleware = AuthMiddleware.apiKey('X-API-Key');
// Basic auth with custom realm
final basicMiddleware = AuthMiddleware.basic(realm: 'MyApp');
// With role checking
final adminMiddleware = AuthMiddleware.bearer()
.withRoles(['admin'])
.withPermissions(['user.manage']);
// In routes configuration
router.get('/protected', handler, middleware: [authMiddleware]);
- Inheritance
-
- Object
- Middleware
- AuthMiddleware
Constructors
-
AuthMiddleware.apiKey(String headerName, {AuthManager? authManager, String guard = 'api', List<
String> roles = const [], List<String> permissions = const [], bool cacheUser = false, MiddlewarePriority priority = MiddlewarePriority.auth, String? name}) -
Creates an API key authentication middleware
factory
-
AuthMiddleware.basic({AuthManager? authManager, String guard = 'api', String realm = 'Protected Area', List<
String> roles = const [], List<String> permissions = const [], bool cacheUser = false, MiddlewarePriority priority = MiddlewarePriority.auth, String name = 'auth-basic'}) -
Creates a Basic authentication middleware
factory
-
AuthMiddleware.bearer({AuthManager? authManager, String guard = 'api', List<
String> roles = const [], List<String> permissions = const [], bool cacheUser = false, MiddlewarePriority priority = MiddlewarePriority.auth, String name = 'auth-bearer'}) -
Creates a Bearer token authentication middleware
factory
-
AuthMiddleware.custom(AuthType authType, {required Future<
Authenticatable?> authenticator(Request), AuthManager? authManager, String guard = 'api', List<String> roles = const [], List<String> permissions = const [], bool cacheUser = false, MiddlewarePriority priority = MiddlewarePriority.auth, String name = 'auth-custom'}) -
Creates a custom authentication middleware
factory
Properties
- handler → MiddlewareHandler
-
no setterinherited
- hashCode → int
-
The hash code for this object.
no setterinherited
- name → String
-
no setterinherited
- priority → MiddlewarePriority
-
no setterinherited
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
Methods
-
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
toString(
) → String -
A string representation of this object.
inherited
-
withCaching(
[bool enabled = true]) → AuthMiddleware - Enables user caching
-
withGuard(
String guard) → AuthMiddleware - Sets custom guard
-
withPermissions(
List< String> permissions) → AuthMiddleware - Adds required permissions
-
withRoles(
List< String> roles) → AuthMiddleware - Builder methods for fluent configuration Adds required roles
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited