A token is a string that has some values associated with it. Tokens are often used for authentication by associating a
user_id to a string.
sihl-token ships with 4 backend implementations.
JSON Web Token (JWT) is a standard for client-side tokens. The associated data is stored in the actual token, which is signed and sent to the client.
JWTs are valid until they expire. If you want to invalidate them before, it is necessary to keep a blacklist on the server. This requires some persistent storage.
Server-side tokens have their data persisted on the server. This is useful for sensitive information.
First, choose a backend in
module Token = Sihl_token.JwtPostgresql
Register the service in
let services = [ Service.Token.register () ]
make sihl migrate to run pending migrations.
The API is documented in
The token middleware
Sihl.Contract.Token.Sig.Web.Middleware.user fetches the current user based on the provided
let index req = match Service.Token.Web.User.find_opt req with | None -> Lwt.return @@ Sihl.Web.Response.redirect_to "/login" | Some user -> Lwt.return @@ Sihl.Web.Response.of_html (View.Welcome.index user) ;;