apisix
frank_jwt
apisix | frank_jwt | |
---|---|---|
64 | 355 | |
13,689 | 250 | |
0.8% | - | |
9.6 | 3.1 | |
7 days ago | 5 months ago | |
Lua | Rust | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
apisix
-
Ask HN: Are there any open source forks of nomad smd consul?
> I think etcd is basically a k8s only project now
I hate etcd with the best of them, but etcd is used in a lot more places than just kubernetes:
https://github.com/apache/apisix/blob/master/docs/en/latest/...
https://github.com/traefik/traefik#:~:text=Etcd,
https://github.com/zalando/patroni#patroni-a-template-for-po...
https://github.com/purpleidea/mgmt/tree/0.0.26/etcd (this one shows up on HN quite a bit)
https://github.com/sorintlab/stolon#features
It's actually one of the major reasons I wouldn't touch those projects
-
Multi-layer Caching in API Gateway Tackles High Traffic Challenges
Through this intelligent caching mechanism, APISIX efficiently utilizes system resources when handling a large volume of requests, thereby improving overall system performance and stability. APISIX, with its advanced LRU cache, provides developers with a reliable and efficient API gateway solution, facilitating smooth communication with external services.
-
Apache APISIX plugin priority, a leaky abstraction?
The main issue is that priority is documented in the config-default.yaml file, while the phase is buried in the code. Worse, some plugins run across different phases. For example, let's check the proxy proxy-rewrite plugin and, more precisely, the functions defined there:
-
A "Tiny" APISIX Plugin
// references: // https://github.com/tetratelabs/proxy-wasm-go-sdk/tree/main/examples // https://github.com/apache/apisix/blob/master/t/wasm/ package main import ( "github.com/tetratelabs/proxy-wasm-go-sdk/proxywasm" "github.com/tetratelabs/proxy-wasm-go-sdk/proxywasm/types" "github.com/valyala/fastjson" ) func main() { proxywasm.SetVMContext(&vmContext{}) } // each plugin has its own VMContext. // it is responsible for creating multiple PluginContexts for each route. type vmContext struct { types.DefaultVMContext } // each route has its own PluginContext. // it corresponds to one instance of the plugin. func (*vmContext) NewPluginContext(contextID uint32) types.PluginContext { return &pluginContext{} } type header struct { Name string Value string } type pluginContext struct { types.DefaultPluginContext Headers []header } func (ctx *pluginContext) OnPluginStart(pluginConfigurationSize int) types.OnPluginStartStatus { data, err := proxywasm.GetPluginConfiguration() if err != nil { proxywasm.LogErrorf("error reading plugin configuration: %v", err) return types.OnPluginStartStatusFailed } var p fastjson.Parser v, err := p.ParseBytes(data) if err != nil { proxywasm.LogErrorf("error decoding plugin configuration: %v", err) return types.OnPluginStartStatusFailed } headers := v.GetArray("headers") ctx.Headers = make([]header, len(headers)) for i, hdr := range headers { ctx.Headers[i] = header{ Name: string(hdr.GetStringBytes("name")), Value: string(hdr.GetStringBytes("value")), } } return types.OnPluginStartStatusOK } // each HTTP request to a route has its own HTTPContext func (ctx *pluginContext) NewHttpContext(contextID uint32) types.HttpContext { return &httpContext{parent: ctx} } type httpContext struct { types.DefaultHttpContext parent *pluginContext } func (ctx *httpContext) OnHttpResponseHeaders(numHeaders int, endOfStream bool) types.Action { plugin := ctx.parent for _, hdr := range plugin.Headers { proxywasm.ReplaceHttpResponseHeader(hdr.Name, hdr.Value) } return types.ActionContinue }
-
10 Reasons for Choosing API7
API7 takes Apache APISIX as its robust foundation, which is open-source and has an active community with over 600 contributors all over the world. The nature of open source allows users to examine the source code, which promotes transparency. This transparency helps users understand how APISIX works, verify its security, and identify and fix any potential vulnerabilities or bugs.
-
How is Apache APISIX Fast?
But the best part is that the libraries mentioned here and Apache APISIX are entirely open source, meaning you can look under the hood and modify things yourself.
-
Ops friendly Apache APISIX
Default configuration
-
Custom Plugin Development For APISIX With Lua And ChatGPT
4. Plugin definition: It is a really important part of plugin implementation that we define as a table with properties for the version, priority, name, and schema. The name and schema are the plugin's name and schema defined earlier. The version and priority are used by APISIX to manage the plugin. The version typically refers to the version that is currently in use like API versioning. If you publish and update your plugin logic, it is going to be 1.1 (You can set any version you wish). But you need to be very careful in choosing priority. The priority field defines in which order and phase your plugin should be executed. For example, the 'ip-restriction' plugin, with a priority of 3000, will be executed before the 'example-plugin', which has a priority of 0. This is due to the higher priority value of the 'ip-restriction' plugin. If you're developing your own plugin, make sure that you followed the order of plugins not to mess up the order of existing plugins. You can check the order of existing plugins in the config-default.yaml file and open the Apache APISIX Plugin Development Guide to determine.
-
Your opinion on Kong
Their use of etcd was a hard pass for me; I don't need more etcd in my life
-
The Ultimate Beginner’s Guide to Open Source Contribution
Apache APISIX Apache APISIX is an open source, dynamic, real-time, high-performance cloud native API gateway. APISIX provides rich traffic management features such as load balancing, dynamic upstream, canary release, circuit breaking, authentication, observability, and more. Official website https://apisix.apache.org/ GitHub projects APISIX (the core): https://github.com/apache/apisix GitHub - apache/apisix: The Cloud-Native API Gateway GitHub - apache/apisix-dashboard: Dashboard for Apache APISIX GitHub - apache/apisix-website: Apache APISIX Website GitHub - apache/apisix-docker: the docker for Apache APISIX GitHub - apache/apisix-go-plugin-runner: Go Plugin Runner for APISIX GitHub - apache/apisix-java-plugin-runner: APISIX Plugin Runner in Java GitHub - apache/apisix-python-plugin-runner: Apache APISIX Python plugin runner GitHub - apache/apisix-helm-chart: Apache APISIX Helm Chart GitHub - apache/apisix-ingress-controller: ingress controller for K8s
frank_jwt
- Show HN: Storing Private Keys in the Browser Securely
-
Authentication using JSON Web Tokens.
NOTE: Never store sensitive information about a client in the payload as the JWT is just encoded and not encrypted. You can paste the JWT I gave as an example above in this cool site which basically allows you to see in decoded. JSON Web Tokens - jwt.io
-
Building Llama as a Service (LaaS)
Although they did not make it into production, I experimented with the RabbitMQ message broker, Python (Django, Flask), Kubernetes + minikube, JWT, and NGINX. This was a hobby project, but I intended to learn about microservices along the way.
-
Rethinking password security: say goodbye to plaintext passwords
JSON Web Token (JWT) creation to extend user authentication to server-side functions
-
JWT, JWS, JWE and how to cook them
The (probably) most famous web resource about JWT - https://jwt.io - provides such a definition of JSON Web Tokens:
-
JWT Authentication in NodeJS
If you want to play with JWT and put these concepts into practice, you can use jwt.ioDebugger to decode, verify, and generate JWTs.
-
Microservices Authentication and Authorization Using API Gateway
In this context, JSON Web Tokens (JWTs) play a crucial role.
- I turned my open-source project into a full-time business
-
FullStack Next.js & Django Authentication: Django REST, TypeScript, JWT, Wretch & Djoser
Json Web Token (JWT): Even though it is more like an industry standard, we will use JWTs for stateless authentication in this article. If you want to learn more, you can refer to the official documentation.
-
Autenticação com Golang e AWS Cognito
Se pegar o token jwt podemos ver o que tem dentro, usando o site jwt.io.
What are some alternatives?
Kong - 🦍 The Cloud-Native API Gateway and AI Gateway.
shc-covid19-decoder - Very simple app to decode your Vaccination Proof QR Code (such as the one provided by government of Quebec) - Compatible with SHC (Smart Health Card standard)
haproxy-lua-http - Simple Lua HTTP helper && client for use with HAProxy.
Ory Kratos - Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!
emissary - open source Kubernetes-native API gateway for microservices built on the Envoy Proxy
auth - A JWT based API for managing users and issuing JWT tokens
envoy - Cloud-native high-performance edge/middle/service proxy
actix-web - Actix Web is a powerful, pragmatic, and extremely fast web framework for Rust.
lua-resty-auto-ssl - On the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let's Encrypt.
async-storage - An asynchronous, persistent, key-value storage system for React Native.
tyk-operator - Tyk Operator for Kubernetes
supabase - The open source Firebase alternative.