Prism offers multiple authentication approaches: bearer token middleware for APIs, session-based auth for web apps, and the flexibility to build custom strategies.
let authMiddleware = PrismAuthMiddleware { token in // Return true if token is valid return token == "my-secret-token"}await server.group("/api", middlewares: [authMiddleware]) { api in api.get("/protected") { _ in .json(["message": "You're in!"]) }}
let auth = PrismAuthMiddleware { token in let row = try? db.queryFirst( "SELECT id FROM api_tokens WHERE token = ? AND expires_at > datetime('now')", parameters: [.text(token)] ) return row != nil}