-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f2256be
commit d59d86a
Showing
5 changed files
with
122 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,117 @@ | ||
# Ktor Plugins | ||
|
||
Collection of Ktor plugins, all plugins have the same version that should correspond with the version of Ktor they're | ||
using. | ||
![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/LukasForst/ktor-plugins?style=flat-square) | ||
|
||
Collection of useful Ktor plugins. All plugins are hosted on Maven central and can be added to your project as easy as: | ||
|
||
```kotlin | ||
implementation("dev.forst", "ktor-<plugin>", "<latest version>") | ||
``` | ||
|
||
* [ktor-api-key](ktor-api-key) | ||
* Simple authentication provider for Ktor that verifies presence of the API key in the header. | ||
* simple authentication provider for Ktor that verifies presence of the API key in the header | ||
* [ktor-content-security-policy](ktor-content-security-policy) | ||
* plugin that allows setting [Content-Security-Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) | ||
headers | ||
* [ktor-openapi-generator](https://github.com/LukasForst/ktor-openapi-generator/) | ||
* generates OpenAPI definitions from your server with support for Ktor `>= 2.0.0` | ||
* developed in [separate repository](https://github.com/LukasForst/ktor-openapi-generator/) because it is a fork of | ||
existing project | ||
* [ktor-rate-limiting](ktor-rate-limiting) | ||
* plugin that enables rate limiting in Ktor | ||
* plugin that enables rate limiting in Ktor | ||
|
||
## Ktor API Key Authentication Provider | ||
|
||
Simple authentication provider for Ktor that verifies presence of the API key in the header. Useful if you want to | ||
use `X-Api-Key` or similar approaches for request authentication. | ||
|
||
```kotlin | ||
/** | ||
* Minimal Ktor application with API Key authentication. | ||
*/ | ||
fun Application.minimalExample() { | ||
// key that will be used to authenticate requests | ||
val expectedApiKey = "this-is-expected-key" | ||
|
||
// principal for the app | ||
data class AppPrincipal(val key: String) : Principal | ||
// now we install authentication feature | ||
install(Authentication) { | ||
// and then api key provider | ||
apiKey { | ||
// set function that is used to verify request | ||
validate { keyFromHeader -> | ||
keyFromHeader | ||
.takeIf { it == expectedApiKey } | ||
?.let { AppPrincipal(it) } | ||
} | ||
} | ||
} | ||
|
||
routing { | ||
authenticate { | ||
get { | ||
val p = call.principal<AppPrincipal>()!! | ||
call.respondText("Key: ${p.key}") | ||
} | ||
} | ||
} | ||
} | ||
``` | ||
|
||
## Ktor Content Security Policy | ||
|
||
Plugin that allows setting [Content-Security-Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) headers. | ||
|
||
```kotlin | ||
/** | ||
* Minimal Ktor application using Content Security Policy. | ||
*/ | ||
fun Application.minimalExample() { | ||
install(ContentSecurityPolicy) { | ||
skipWhen { call -> | ||
call.request.path().startsWith("/some-ignored-route") | ||
} | ||
policy( | ||
"default-src" to "'none'" | ||
) | ||
} | ||
} | ||
``` | ||
|
||
## Ktor Rate Limiting | ||
|
||
A simple library that enables Rate Limiting in Ktor. | ||
|
||
```kotlin | ||
/** | ||
* Minimal Ktor application with Rate Limiting enabled. | ||
*/ | ||
fun Application.minimalExample() { | ||
// install feature | ||
install(RateLimiting) { | ||
registerLimit( | ||
// allow 10 requests | ||
limit = 10, | ||
// each 1 minute | ||
window = Duration.ofMinutes(1) | ||
) { | ||
// use host as a key to determine who is who | ||
call.request.origin.host | ||
} | ||
// and exclude path which ends with "excluded" | ||
excludeRequestWhen { | ||
call.request.path().endsWith("excluded") | ||
} | ||
} | ||
// now add some routes | ||
routing { | ||
get { | ||
call.respondText("Hello ${call.request.origin.host}") | ||
} | ||
get("excluded") { | ||
call.respondText("Hello ${call.request.origin.host}") | ||
} | ||
} | ||
} | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# Ktor OpenAPI Generator | ||
|
||
Hosted on different repository: https://github.com/LukasForst/ktor-openapi-generator/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters