apache · spacewander · Apr 9, 2021 · Apr 9, 2021
diff --git a/apisix/plugins/key-auth.lua b/apisix/plugins/key-auth.lua
@@ -27,7 +27,12 @@ local lrucache = core.lrucache.new({
 local schema = {
     type = "object",
     additionalProperties = false,
-    properties = {},
+    properties = {
+        header = {
+            type = "string",
+            default = "apikey",
+        },
+    },
 }
 
 local consumer_schema = {
@@ -78,7 +83,7 @@ end
 
 
 function _M.rewrite(conf, ctx)
-    local key = core.request.header(ctx, "apikey")
+    local key = core.request.header(ctx, conf.header)
     if not key then
         return 401, {message = "Missing API key found in request"}
     end

diff --git a/docs/en/latest/plugins/key-auth.md b/docs/en/latest/plugins/key-auth.md
@@ -37,10 +37,18 @@ Add Key Authentication (also sometimes referred to as an API key) to a Service o
 
 ## Attributes
 
+For consumer side:
+
 | Name | Type   | Requirement | Default | Valid | Description                                                                  |
 | ---- | ------ | ----------- | ------- | ----- | ---------------------------------------------------------------------------- |
 | key  | string | required    |         |       | different consumer objects should use different values, it should be unique. |
 
+For route side:
+
+| Name | Type   | Requirement | Default | Valid | Description                                                                  |
+| ---- | ------ | ----------- | ------- | ----- | ---------------------------------------------------------------------------- |
+| header  | string | optional    | apikey        |       | the header we get the key from |
+
 ## How To Enable
 
 Two steps are required:
@@ -85,6 +93,16 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f13
 }'
 ```
 
+If you don't want to fetch key from the default `apikey` header, you can customize the header:
+
+```json
+{
+    "key-auth": {
+        "header": "Authorization"
+    }
+}
+```
+
 ## Test Plugin
 
 Here is a correct test example:

diff --git a/docs/zh/latest/plugins/key-auth.md b/docs/zh/latest/plugins/key-auth.md
@@ -37,9 +37,17 @@ title: key-auth
 
 ## 属性
 
+consumer 端配置：
+
+| 名称 | 类型   | 必选项 | 默认值 | 有效值 | 描述                                                                                                          |
+| ---- | ------ | ------ | ------ | ------ | ------------------------------------------------------------------------------------------------------------- |
+| key  | string | 必需   |        |        | 不同的 `consumer` 对象应有不同的值，它应当是唯一的。不同 consumer 使用了相同的 `key` ，将会出现请求匹配异常。 |
+
+router 端配置：
+
 | 名称 | 类型   | 必选项 | 默认值 | 有效值 | 描述                                                                                                          |
 | ---- | ------ | ------ | ------ | ------ | ------------------------------------------------------------------------------------------------------------- |
-| key  | string | 可选   |        |        | 不同的 `consumer` 对象应有不同的值，它应当是唯一的。不同 consumer 使用了相同的 `key` ，将会出现请求匹配异常。 |
+| header  | string | 可选| apikey |        | 设置我们从哪个 header 获取 key。 |
 
 ## 如何启用
 
@@ -83,6 +91,16 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f13
 }'
 ```
 
+如果不想从默认的 `apikey` header 获取 key，可以自定义 header：
+
+```json
+{
+    "key-auth": {
+        "header": "Authorization"
+    }
+}
+```
+
 ## 测试插件
 
 下面是一个正常通过 `key-auth` 验证的请求:

diff --git a/t/plugin/key-auth.t b/t/plugin/key-auth.t
@@ -259,3 +259,53 @@ GET /t
 {"error_msg":"invalid plugins configuration: failed to check the configuration of plugin key-auth err: property \"key\" is required"}
 --- no_error_log
 [error]
+
+
+
+=== TEST 10: customize header
+--- config
+    location /t {
+        content_by_lua_block {
+            local t = require("lib.test_admin").test
+            local code, body = t('/apisix/admin/routes/1',
+                ngx.HTTP_PUT,
+                [[{
+                    "plugins": {
+                        "key-auth": {
+                            "header": "Authorization"
+                        }
+                    },
+                    "upstream": {
+                        "nodes": {
+                            "127.0.0.1:1980": 1
+                        },
+                        "type": "roundrobin"
+                    },
+                    "uri": "/hello"
+                }]]
+                )
+
+            if code >= 300 then
+                ngx.status = code
+            end
+            ngx.say(body)
+        }
+    }
+--- request
+GET /t
+--- response_body
+passed
+--- no_error_log
+[error]
+
+
+
+=== TEST 11: valid consumer
+--- request
+GET /hello
+--- more_headers
+Authorization: auth-one
+--- response_body
+hello world
+--- no_error_log
+[error]