Request Plugins

There are 4 different phases in the request lifecycle you can inject custom plugins, including Authentication plugins. There are performance advantages to picking the correct phase, and of course that depends on your use case and what functionality you need.

Hook Capabilities

[1] A Session object contains allowances and identity information that is unique to each requestor

[2] You can modify the session by using your programming language’s SDK for Redis. Here is an example of doing that in Golang.

[3] For select hook locations, you can add more than one plugin. For example, in the same API request, you can have 3 Pre, 1 auth, 5 post-auth, and 2 post plugins.

Return Overrides / ReturnOverrides

You can have your plugin finish the request lifecycle and return a response with custom payload & headers to the requestor.

Read more here

Python Example

from tyk.decorators import *

@Hook
def MyCustomMiddleware(request, session, spec):
    print("my_middleware: MyCustomMiddleware")
    request.object.return_overrides.headers['content-type'] = 'application/json'
    request.object.return_overrides.response_code = 200
    request.object.return_overrides.response_error = "{\"key\": \"value\"}\n"
    return request, session

JavaScript Example

var testJSVMData = new TykJS.TykMiddleware.NewMiddleware({});

testJSVMData.NewProcessRequest(function(request, session, config) {
	request.ReturnOverrides.ResponseError = "Foobarbaz"
    request.ReturnOverrides.ResponseBody = "Foobar"
	request.ReturnOverrides.ResponseCode = 200
	request.ReturnOverrides.ResponseHeaders = {
		"X-Foo": "Bar",
		"X-Baz": "Qux"
	}
	return testJSVMData.ReturnData(request, {});
});