Library
Module
Module type
Parameter
Class
Class type
A token is a string that has some values associated with it. Tokens are often used for authentication by associating a user_id
to a string.
sihl-token
ships with 4 backend implementations.
JSON Web Token (JWT) is a standard for client-side tokens. The associated data is stored in the actual token, which is signed and sent to the client.
JWTs are valid until they expire. If you want to invalidate them before, it is necessary to keep a blacklist on the server. This requires some persistent storage.
Use either Sihl_token.JwtPostgreSql
or Sihl_token.JwtMariaDb
.
Server-side tokens have their data persisted on the server. This is useful for sensitive information.
Use either Sihl_token.PostgreSql
or Sihl_token.MariaDb
.
First, choose a backend in service/service.ml
:
module Token = Sihl_token.JwtPostgresql
Register the service in run/run.ml
:
let services = [ Service.Token.register () ]
Run make sihl migrate
to run pending migrations.
The API is documented in Sihl.Contract.Token.Sig
.
The token middleware Sihl.Contract.Token.Sig.Web.Middleware.user
fetches the current user based on the provided Bearer Token
.
let index req =
let open Lwt.Syntax in
match Service.Token.Web.User.find_opt req with
| None -> Lwt.return @@ Sihl.Web.Response.redirect_to "/login"
| Some user -> Lwt.return @@ Sihl.Web.Response.of_html (View.Welcome.index user)
;;