Browse Source

add middleware of auth

Paul 6 years ago
parent
commit
a2471e1d7a
3 changed files with 230 additions and 1 deletions
  1. 112
    1
      Gopkg.lock
  2. 65
    0
      middleware/auth/auth.go
  3. 53
    0
      middleware/auth/optional_auth.go

+ 112
- 1
Gopkg.lock View File

@@ -1,6 +1,30 @@
1 1
 # This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
2 2
 
3 3
 
4
+[[projects]]
5
+  branch = "master"
6
+  name = "git.links123.net/links123.com/uc"
7
+  packages = ["app"]
8
+  revision = "928bb1c9ed0d1fd2c2ea50c837d99dcbfef661e4"
9
+
10
+[[projects]]
11
+  branch = "master"
12
+  name = "github.com/Unknwon/i18n"
13
+  packages = ["."]
14
+  revision = "b64d336589669d317928070e70ba0ae558f16633"
15
+
16
+[[projects]]
17
+  name = "github.com/dgrijalva/jwt-go"
18
+  packages = ["."]
19
+  revision = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e"
20
+  version = "v3.2.0"
21
+
22
+[[projects]]
23
+  name = "github.com/fsnotify/fsnotify"
24
+  packages = ["."]
25
+  revision = "c2828203cd70a50dcccfb2761f8b1f8ceef9a8e9"
26
+  version = "v1.4.7"
27
+
4 28
 [[projects]]
5 29
   name = "github.com/gin-contrib/cors"
6 30
   packages = ["."]
@@ -30,18 +54,47 @@
30 54
   revision = "925541529c1fa6821df4e44ce2723319eb2be768"
31 55
   version = "v1.0.0"
32 56
 
57
+[[projects]]
58
+  branch = "master"
59
+  name = "github.com/hashicorp/hcl"
60
+  packages = [
61
+    ".",
62
+    "hcl/ast",
63
+    "hcl/parser",
64
+    "hcl/printer",
65
+    "hcl/scanner",
66
+    "hcl/strconv",
67
+    "hcl/token",
68
+    "json/parser",
69
+    "json/scanner",
70
+    "json/token"
71
+  ]
72
+  revision = "ef8a98b0bbce4a65b5aa4c368430a80ddc533168"
73
+
33 74
 [[projects]]
34 75
   name = "github.com/json-iterator/go"
35 76
   packages = ["."]
36 77
   revision = "ca39e5af3ece67bbcda3d0f4f56a8e24d9f2dad4"
37 78
   version = "1.1.3"
38 79
 
80
+[[projects]]
81
+  name = "github.com/magiconair/properties"
82
+  packages = ["."]
83
+  revision = "c2353362d570a7bfa228149c62842019201cfb71"
84
+  version = "v1.8.0"
85
+
39 86
 [[projects]]
40 87
   name = "github.com/mattn/go-isatty"
41 88
   packages = ["."]
42 89
   revision = "0360b2af4f38e8d38c7fce2a9f4e702702d73a39"
43 90
   version = "v0.0.3"
44 91
 
92
+[[projects]]
93
+  branch = "master"
94
+  name = "github.com/mitchellh/mapstructure"
95
+  packages = ["."]
96
+  revision = "bb74f1db0675b241733089d5a1faa5dd8b0ef57b"
97
+
45 98
 [[projects]]
46 99
   name = "github.com/modern-go/concurrent"
47 100
   packages = ["."]
@@ -54,12 +107,51 @@
54 107
   revision = "1df9eeb2bb81f327b96228865c5687bc2194af3f"
55 108
   version = "1.0.0"
56 109
 
110
+[[projects]]
111
+  name = "github.com/pelletier/go-toml"
112
+  packages = ["."]
113
+  revision = "acdc4509485b587f5e675510c4f2c63e90ff68a8"
114
+  version = "v1.1.0"
115
+
57 116
 [[projects]]
58 117
   name = "github.com/sirupsen/logrus"
59 118
   packages = ["."]
60 119
   revision = "c155da19408a8799da419ed3eeb0cb5db0ad5dbc"
61 120
   version = "v1.0.5"
62 121
 
122
+[[projects]]
123
+  name = "github.com/spf13/afero"
124
+  packages = [
125
+    ".",
126
+    "mem"
127
+  ]
128
+  revision = "63644898a8da0bc22138abf860edaf5277b6102e"
129
+  version = "v1.1.0"
130
+
131
+[[projects]]
132
+  name = "github.com/spf13/cast"
133
+  packages = ["."]
134
+  revision = "8965335b8c7107321228e3e3702cab9832751bac"
135
+  version = "v1.2.0"
136
+
137
+[[projects]]
138
+  branch = "master"
139
+  name = "github.com/spf13/jwalterweatherman"
140
+  packages = ["."]
141
+  revision = "7c0cea34c8ece3fbeb2b27ab9b59511d360fb394"
142
+
143
+[[projects]]
144
+  name = "github.com/spf13/pflag"
145
+  packages = ["."]
146
+  revision = "583c0c0531f06d5278b7d917446061adc344b5cd"
147
+  version = "v1.0.1"
148
+
149
+[[projects]]
150
+  name = "github.com/spf13/viper"
151
+  packages = ["."]
152
+  revision = "b5e8006cbee93ec955a89ab31e0e3ce3204f3736"
153
+  version = "v1.0.2"
154
+
63 155
 [[projects]]
64 156
   name = "github.com/ugorji/go"
65 157
   packages = ["codec"]
@@ -81,12 +173,31 @@
81 173
   ]
82 174
   revision = "79b0c6888797020a994db17c8510466c72fe75d9"
83 175
 
176
+[[projects]]
177
+  name = "golang.org/x/text"
178
+  packages = [
179
+    "internal/gen",
180
+    "internal/triegen",
181
+    "internal/ucd",
182
+    "transform",
183
+    "unicode/cldr",
184
+    "unicode/norm"
185
+  ]
186
+  revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0"
187
+  version = "v0.3.0"
188
+
84 189
 [[projects]]
85 190
   name = "gopkg.in/go-playground/validator.v8"
86 191
   packages = ["."]
87 192
   revision = "5f1438d3fca68893a817e4a66806cea46a9e4ebf"
88 193
   version = "v8.18.2"
89 194
 
195
+[[projects]]
196
+  name = "gopkg.in/ini.v1"
197
+  packages = ["."]
198
+  revision = "06f5f3d67269ccec1fe5fe4134ba6e982984f7f5"
199
+  version = "v1.37.0"
200
+
90 201
 [[projects]]
91 202
   name = "gopkg.in/yaml.v2"
92 203
   packages = ["."]
@@ -96,6 +207,6 @@
96 207
 [solve-meta]
97 208
   analyzer-name = "dep"
98 209
   analyzer-version = 1
99
-  inputs-digest = "97fe6c44fd65faf279ffdc31df5bafbcb85cbf2945ee4cac49217b5186d2dc1b"
210
+  inputs-digest = "80c547f8209d4ae9870858725d4476ddb7188a377993464463de3a554014cc3a"
100 211
   solver-name = "gps-cdcl"
101 212
   solver-version = 1

+ 65
- 0
middleware/auth/auth.go View File

@@ -0,0 +1,65 @@
1
+package auth
2
+
3
+import (
4
+	"fmt"
5
+	"net/http"
6
+	"time"
7
+
8
+	"git.links123.net/links123.com/uc/app"
9
+	"github.com/dgrijalva/jwt-go"
10
+	"github.com/gin-gonic/gin"
11
+)
12
+
13
+const (
14
+	CtxRequestHeaderUserId        = "user_id"
15
+	ctxRequestHeaderAuthorization = "Authorization"
16
+	ctxRequestCookieAuthorization = "ak"
17
+	ctxRequestTokenExpired        = "expired"
18
+)
19
+
20
+func Auth(ctx *gin.Context) {
21
+	var (
22
+		err error
23
+		tk  = ctx.Request.Header.Get(ctxRequestHeaderAuthorization)
24
+	)
25
+
26
+	if tk == "" {
27
+		tk, err = ctx.Cookie(ctxRequestCookieAuthorization)
28
+		if err != nil {
29
+			ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed"})
30
+			return
31
+		}
32
+
33
+		tk = "Bearer " + tk
34
+	}
35
+
36
+	if len(tk) < 8 {
37
+		ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed"})
38
+		return
39
+	}
40
+
41
+	token, err := jwt.Parse(tk[7:], func(token *jwt.Token) (interface{}, error) {
42
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
43
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
44
+		}
45
+
46
+		return []byte(app.Config.Token.AuthKey), nil
47
+	})
48
+
49
+	if err != nil || !token.Valid {
50
+		ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed"})
51
+		return
52
+	}
53
+
54
+	mapClaims := token.Claims.(jwt.MapClaims)
55
+	expired := int64(mapClaims[ctxRequestTokenExpired].(float64))
56
+	if expired < time.Now().Unix() {
57
+		// Only cookie is blank value, check token expired
58
+		if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
59
+			ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token timeout"})
60
+			return
61
+		}
62
+	}
63
+
64
+	ctx.Set(CtxRequestHeaderUserId, int(mapClaims[CtxRequestHeaderUserId].(float64)))
65
+}

+ 53
- 0
middleware/auth/optional_auth.go View File

@@ -0,0 +1,53 @@
1
+package auth
2
+
3
+import (
4
+	"fmt"
5
+	"time"
6
+
7
+	"git.links123.net/links123.com/uc/app"
8
+	"github.com/dgrijalva/jwt-go"
9
+	"github.com/gin-gonic/gin"
10
+)
11
+
12
+func OptionalAuth(ctx *gin.Context) {
13
+	var (
14
+		err error
15
+		tk  = ctx.Request.Header.Get(ctxRequestHeaderAuthorization)
16
+	)
17
+
18
+	if tk == "" {
19
+		tk, err = ctx.Cookie(ctxRequestCookieAuthorization)
20
+		if err != nil {
21
+			return
22
+		}
23
+
24
+		tk = "Bearer " + tk
25
+	}
26
+
27
+	if len(tk) < 8 {
28
+		return
29
+	}
30
+
31
+	token, err := jwt.Parse(tk[7:], func(token *jwt.Token) (interface{}, error) {
32
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
33
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
34
+		}
35
+
36
+		return []byte(app.Config.Token.AuthKey), nil
37
+	})
38
+
39
+	if err != nil || !token.Valid {
40
+		return
41
+	}
42
+
43
+	mapClaims := token.Claims.(jwt.MapClaims)
44
+	expired := int64(mapClaims[ctxRequestTokenExpired].(float64))
45
+	if expired < time.Now().Unix() {
46
+		// Only cookie is blank value, check token expired
47
+		if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
48
+			return
49
+		}
50
+	}
51
+
52
+	ctx.Set(CtxRequestHeaderUserId, int(mapClaims[CtxRequestHeaderUserId].(float64)))
53
+}