Swiftpack.co - hummingbird-project/hummingbird-auth as Swift Package

Swiftpack.co is a collection of thousands of indexed Swift packages. Search packages.
Authentication framework and extensions for Hummingbird
.package(url: "https://github.com/hummingbird-project/hummingbird-auth.git", from: "0.7.1")

Hummingbird Auth

Authentication framework and extensions for Hummingbird server framework.

Includes Authenticator middleware setup, bearer, basic authentication extraction from your Request headers, Bcrypt encryption for passwords.


Authenticators are middleware that are used to check if a request is authenticated and then augment the request with the authentication data. Authenticators should conform to protocol HBAuthenticator. This requires you implement the function authenticate(request: HBRequest) -> EventLoopFuture<Value?> where Value is an object conforming to the protocol HBAuthenticatable.

A simple username, password authenticator could be implemented as follows. If the authenticator is successful it returns a User struct, otherwise it returns nil.

struct BasicAuthenticator: HBAuthenticator {
    func authenticate(request: HBRequest) -> EventLoopFuture<User?> {
        // Basic authentication info in the "Authorization" header, is accessible
        // via request.auth.basic
        guard let basic = request.auth.basic else { return request.success(nil) }

        // check if user exists in the database and then verify the entered password
        // against the one stored in the database. If it is correct then login in user
        return database.getUserWithUsername(basic.username).map { user -> User? in
            // did we find a user
            guard let user = user else { return nil }
            // verify password against password hash stored in database. If valid
            // return the user. HummingbirdAuth provides an implementation of Bcrypt
            if Bcrypt.verify(basic.password, hash: user.passwordHash) {
                return user
            return nil
        // hop back to request eventloop
        .hop(to: request.eventLoop)

Then in your request handler you can access your authentication data with request.auth.get.

/// Get current logged in user
func current(_ request: HBRequest) throws -> User {
    // get authentication data for user. If it doesnt exist then throw unauthorized error
    guard let user = request.auth.get(User.self) else { throw HBHTTPError(.unauthorized) }
    return user


You can find reference documentation for HummingbirdAuth here. The hummingbird-examples repository has a number of examples of different uses of the library.


Stars: 4
Last commit: 3 days ago

Ad: Job Offers

iOS Software Engineer @ Perry Street Software
Perry Street Software is Jack’d and SCRUFF. We are two of the world’s largest gay, bi, trans and queer social dating apps on iOS and Android. Our brands reach more than 20 million members worldwide so members can connect, meet and express themselves on a platform that prioritizes privacy and security. We invest heavily into SwiftUI and using Swift Packages to modularize the codebase.

Submit a free job ad (while I'm testing this). The analytics numbers for this website are here.

Release Notes

3 days ago

Patch release changes

  • Ensure concurrency code is only compiled when _Concurrency framework is available
  • Remove _NIOConcurrency imports as NIO functions have been moved into NIOCore
  • Increase swift-crypto version range to 1.0.0..<3.0.0

Other changes

  • Use swift:5.5 docker images in CI

Swiftpack is being maintained by Petr Pavlik | @ptrpavlik | @swiftpackco | API | Analytics