dartapi_auth is a lightweight authentication and authorization package designed for the DartAPI ecosystem. It provides JWT-based authentication utilities, middleware for request protection, and token lifecycle management.
It is fully compatible with projects generated using the DartAPI CLI, and integrates seamlessly with ApiRoute<ApiInput, ApiOutput>.
- 🔐 JWT Access & Refresh Token generation
- 🧾 Token verification with expiration, type, and issuer checks
- 🛡️ Plug-and-play authentication middleware for protected routes
- 🧠 Helpers to extract tokens from headers or cookies
- ✅ Works perfectly with
dartapi_coreanddartapi
dependencies:
dartapi_auth: ^0.0.4final jwtService = JwtService(
accessTokenSecret: 'my-secret',
refreshTokenSecret: 'my-refresh-secret',
issuer: 'dartapi',
audience: 'api-clients',
);final accessToken = jwtService.generateAccessToken(claims: {
'sub': 'user-123',
'username': 'akash',
});
final refreshToken = jwtService.generateRefreshToken(accessToken: accessToken);final accessPayload = jwtService.verifyAccessToken(accessToken);
final refreshPayload = jwtService.verifyRefreshToken(refreshToken);import 'package:dartapi_auth/dartapi_auth.dart';ApiRoute<void, List<UserDTO>>(
method: ApiMethod.get,
path: '/users',
typedHandler: getUsers,
middlewares: [authMiddleware(jwtService)],
);bin/main.dart
final jwtService = JwtService(...);
final app = DartAPI();
app.addControllers([
UserController(jwtService),
AuthController(jwtService),
]);UserController
ApiRoute<void, List<UserDTO>>(
method: ApiMethod.get,
path: '/users',
typedHandler: getAllUsers,
middlewares: [authMiddleware(jwtService)],
);JwtServiceauthMiddleware()utils.dart
BSD 3-Clause License © 2025 Akash G Krishnan
LICENSE
- dartapi - CLI to generate projects using this
- dartapi_core - Type-safe API routing & controller logic
- dartapi_db - DB abstraction layer