Swiftpack.co - hummingbird-project/hummingbird-auth as Swift Package

Swiftpack.co is a collection of thousands of indexed Swift packages. Search packages.
See all packages published by hummingbird-project.
hummingbird-project/hummingbird-auth 0.8.0
Authentication framework and extensions for Hummingbird
⭐️ 5
🕓 2 weeks ago
iOS macOS tvOS linux macOS iOS
.package(url: "https://github.com/hummingbird-project/hummingbird-auth.git", from: "0.8.0")

Hummingbird Auth

Authentication framework and extensions for Hummingbird server framework.

Includes Authenticator middleware setup, bearer, basic authentication extraction from your Request headers, Bcrypt encryption for passwords.


Authenticators are middleware that are used to check if a request is authenticated and then augment the request with the authentication data. Authenticators should conform to protocol HBAuthenticator. This requires you implement the function authenticate(request: HBRequest) -> EventLoopFuture<Value?> where Value is an object conforming to the protocol HBAuthenticatable.

A simple username, password authenticator could be implemented as follows. If the authenticator is successful it returns a User struct, otherwise it returns nil.

struct BasicAuthenticator: HBAuthenticator {
    func authenticate(request: HBRequest) -> EventLoopFuture<User?> {
        // Basic authentication info in the "Authorization" header, is accessible
        // via request.auth.basic
        guard let basic = request.auth.basic else { return request.success(nil) }

        // check if user exists in the database and then verify the entered password
        // against the one stored in the database. If it is correct then login in user
        return database.getUserWithUsername(basic.username).map { user -> User? in
            // did we find a user
            guard let user = user else { return nil }
            // verify password against password hash stored in database. If valid
            // return the user. HummingbirdAuth provides an implementation of Bcrypt
            if Bcrypt.verify(basic.password, hash: user.passwordHash) {
                return user
            return nil
        // hop back to request eventloop
        .hop(to: request.eventLoop)

Then in your request handler you can access your authentication data with request.auth.get.

/// Get current logged in user
func current(_ request: HBRequest) throws -> User {
    // get authentication data for user. If it doesnt exist then throw unauthorized error
    guard let user = request.auth.get(User.self) else { throw HBHTTPError(.unauthorized) }
    return user


You can find reference documentation for HummingbirdAuth here. The hummingbird-examples repository has a number of examples of different uses of the library.


Stars: 5
Last commit: 2 weeks ago
jonrohan Something's broken? Yell at me @ptrpavlik. Praise and feedback (and money) is also welcome.

Release Notes

2 weeks ago
  • Added IsAuthenticatedMiddleware
  • Ensure Bcrypt hashes have null at end of string during construction

Swiftpack is being maintained by Petr Pavlik | @ptrpavlik | @swiftpackco | API | Analytics