瀏覽代碼

auth key from param

Paul 6 年之前
父節點
當前提交
84adc1ba2f
共有 3 個文件被更改,包括 70 次插入173 次删除
  1. 1
    106
      Gopkg.lock
  2. 36
    35
      middleware/auth/auth.go
  3. 33
    32
      middleware/auth/optional_auth.go

+ 1
- 106
Gopkg.lock 查看文件

@@ -1,30 +1,12 @@
1 1
 # This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
2 2
 
3 3
 
4
-[[projects]]
5
-  branch = "master"
6
-  name = "git.links123.net/links123.com/uc"
7
-  packages = ["app"]
8
-  revision = "928bb1c9ed0d1fd2c2ea50c837d99dcbfef661e4"
9
-
10
-[[projects]]
11
-  branch = "master"
12
-  name = "github.com/Unknwon/i18n"
13
-  packages = ["."]
14
-  revision = "b64d336589669d317928070e70ba0ae558f16633"
15
-
16 4
 [[projects]]
17 5
   name = "github.com/dgrijalva/jwt-go"
18 6
   packages = ["."]
19 7
   revision = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e"
20 8
   version = "v3.2.0"
21 9
 
22
-[[projects]]
23
-  name = "github.com/fsnotify/fsnotify"
24
-  packages = ["."]
25
-  revision = "c2828203cd70a50dcccfb2761f8b1f8ceef9a8e9"
26
-  version = "v1.4.7"
27
-
28 10
 [[projects]]
29 11
   name = "github.com/gin-contrib/cors"
30 12
   packages = ["."]
@@ -54,47 +36,18 @@
54 36
   revision = "925541529c1fa6821df4e44ce2723319eb2be768"
55 37
   version = "v1.0.0"
56 38
 
57
-[[projects]]
58
-  branch = "master"
59
-  name = "github.com/hashicorp/hcl"
60
-  packages = [
61
-    ".",
62
-    "hcl/ast",
63
-    "hcl/parser",
64
-    "hcl/printer",
65
-    "hcl/scanner",
66
-    "hcl/strconv",
67
-    "hcl/token",
68
-    "json/parser",
69
-    "json/scanner",
70
-    "json/token"
71
-  ]
72
-  revision = "ef8a98b0bbce4a65b5aa4c368430a80ddc533168"
73
-
74 39
 [[projects]]
75 40
   name = "github.com/json-iterator/go"
76 41
   packages = ["."]
77 42
   revision = "ca39e5af3ece67bbcda3d0f4f56a8e24d9f2dad4"
78 43
   version = "1.1.3"
79 44
 
80
-[[projects]]
81
-  name = "github.com/magiconair/properties"
82
-  packages = ["."]
83
-  revision = "c2353362d570a7bfa228149c62842019201cfb71"
84
-  version = "v1.8.0"
85
-
86 45
 [[projects]]
87 46
   name = "github.com/mattn/go-isatty"
88 47
   packages = ["."]
89 48
   revision = "0360b2af4f38e8d38c7fce2a9f4e702702d73a39"
90 49
   version = "v0.0.3"
91 50
 
92
-[[projects]]
93
-  branch = "master"
94
-  name = "github.com/mitchellh/mapstructure"
95
-  packages = ["."]
96
-  revision = "bb74f1db0675b241733089d5a1faa5dd8b0ef57b"
97
-
98 51
 [[projects]]
99 52
   name = "github.com/modern-go/concurrent"
100 53
   packages = ["."]
@@ -107,51 +60,12 @@
107 60
   revision = "1df9eeb2bb81f327b96228865c5687bc2194af3f"
108 61
   version = "1.0.0"
109 62
 
110
-[[projects]]
111
-  name = "github.com/pelletier/go-toml"
112
-  packages = ["."]
113
-  revision = "acdc4509485b587f5e675510c4f2c63e90ff68a8"
114
-  version = "v1.1.0"
115
-
116 63
 [[projects]]
117 64
   name = "github.com/sirupsen/logrus"
118 65
   packages = ["."]
119 66
   revision = "c155da19408a8799da419ed3eeb0cb5db0ad5dbc"
120 67
   version = "v1.0.5"
121 68
 
122
-[[projects]]
123
-  name = "github.com/spf13/afero"
124
-  packages = [
125
-    ".",
126
-    "mem"
127
-  ]
128
-  revision = "63644898a8da0bc22138abf860edaf5277b6102e"
129
-  version = "v1.1.0"
130
-
131
-[[projects]]
132
-  name = "github.com/spf13/cast"
133
-  packages = ["."]
134
-  revision = "8965335b8c7107321228e3e3702cab9832751bac"
135
-  version = "v1.2.0"
136
-
137
-[[projects]]
138
-  branch = "master"
139
-  name = "github.com/spf13/jwalterweatherman"
140
-  packages = ["."]
141
-  revision = "7c0cea34c8ece3fbeb2b27ab9b59511d360fb394"
142
-
143
-[[projects]]
144
-  name = "github.com/spf13/pflag"
145
-  packages = ["."]
146
-  revision = "583c0c0531f06d5278b7d917446061adc344b5cd"
147
-  version = "v1.0.1"
148
-
149
-[[projects]]
150
-  name = "github.com/spf13/viper"
151
-  packages = ["."]
152
-  revision = "b5e8006cbee93ec955a89ab31e0e3ce3204f3736"
153
-  version = "v1.0.2"
154
-
155 69
 [[projects]]
156 70
   name = "github.com/ugorji/go"
157 71
   packages = ["codec"]
@@ -173,31 +87,12 @@
173 87
   ]
174 88
   revision = "79b0c6888797020a994db17c8510466c72fe75d9"
175 89
 
176
-[[projects]]
177
-  name = "golang.org/x/text"
178
-  packages = [
179
-    "internal/gen",
180
-    "internal/triegen",
181
-    "internal/ucd",
182
-    "transform",
183
-    "unicode/cldr",
184
-    "unicode/norm"
185
-  ]
186
-  revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0"
187
-  version = "v0.3.0"
188
-
189 90
 [[projects]]
190 91
   name = "gopkg.in/go-playground/validator.v8"
191 92
   packages = ["."]
192 93
   revision = "5f1438d3fca68893a817e4a66806cea46a9e4ebf"
193 94
   version = "v8.18.2"
194 95
 
195
-[[projects]]
196
-  name = "gopkg.in/ini.v1"
197
-  packages = ["."]
198
-  revision = "06f5f3d67269ccec1fe5fe4134ba6e982984f7f5"
199
-  version = "v1.37.0"
200
-
201 96
 [[projects]]
202 97
   name = "gopkg.in/yaml.v2"
203 98
   packages = ["."]
@@ -207,6 +102,6 @@
207 102
 [solve-meta]
208 103
   analyzer-name = "dep"
209 104
   analyzer-version = 1
210
-  inputs-digest = "80c547f8209d4ae9870858725d4476ddb7188a377993464463de3a554014cc3a"
105
+  inputs-digest = "7fe5f8b83f3a0556f7574a9334d97c080f888f616754772851ed06f70be00a37"
211 106
   solver-name = "gps-cdcl"
212 107
   solver-version = 1

+ 36
- 35
middleware/auth/auth.go 查看文件

@@ -5,7 +5,6 @@ import (
5 5
 	"net/http"
6 6
 	"time"
7 7
 
8
-	"git.links123.net/links123.com/uc/app"
9 8
 	"github.com/dgrijalva/jwt-go"
10 9
 	"github.com/gin-gonic/gin"
11 10
 )
@@ -17,49 +16,51 @@ const (
17 16
 	ctxRequestTokenExpired        = "expired"
18 17
 )
19 18
 
20
-func Auth(ctx *gin.Context) {
21
-	var (
22
-		err error
23
-		tk  = ctx.Request.Header.Get(ctxRequestHeaderAuthorization)
24
-	)
19
+func Auth(authKey string) gin.HandlerFunc {
20
+	return func(ctx *gin.Context) {
21
+		var (
22
+			err error
23
+			tk  = ctx.Request.Header.Get(ctxRequestHeaderAuthorization)
24
+		)
25 25
 
26
-	if tk == "" {
27
-		tk, err = ctx.Cookie(ctxRequestCookieAuthorization)
28
-		if err != nil {
26
+		if tk == "" {
27
+			tk, err = ctx.Cookie(ctxRequestCookieAuthorization)
28
+			if err != nil {
29
+				ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed"})
30
+				return
31
+			}
32
+
33
+			tk = "Bearer " + tk
34
+		}
35
+
36
+		if len(tk) < 8 {
29 37
 			ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed"})
30 38
 			return
31 39
 		}
32 40
 
33
-		tk = "Bearer " + tk
34
-	}
41
+		token, err := jwt.Parse(tk[7:], func(token *jwt.Token) (interface{}, error) {
42
+			if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
43
+				return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
44
+			}
35 45
 
36
-	if len(tk) < 8 {
37
-		ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed"})
38
-		return
39
-	}
46
+			return []byte(authKey), nil
47
+		})
40 48
 
41
-	token, err := jwt.Parse(tk[7:], func(token *jwt.Token) (interface{}, error) {
42
-		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
43
-			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
49
+		if err != nil || !token.Valid {
50
+			ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed"})
51
+			return
44 52
 		}
45 53
 
46
-		return []byte(app.Config.Token.AuthKey), nil
47
-	})
48
-
49
-	if err != nil || !token.Valid {
50
-		ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed"})
51
-		return
52
-	}
53
-
54
-	mapClaims := token.Claims.(jwt.MapClaims)
55
-	expired := int64(mapClaims[ctxRequestTokenExpired].(float64))
56
-	if expired < time.Now().Unix() {
57
-		// Only cookie is blank value, check token expired
58
-		if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
59
-			ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token timeout"})
60
-			return
54
+		mapClaims := token.Claims.(jwt.MapClaims)
55
+		expired := int64(mapClaims[ctxRequestTokenExpired].(float64))
56
+		if expired < time.Now().Unix() {
57
+			// Only cookie is blank value, check token expired
58
+			if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
59
+				ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token timeout"})
60
+				return
61
+			}
61 62
 		}
62
-	}
63 63
 
64
-	ctx.Set(CtxRequestHeaderUserId, int(mapClaims[CtxRequestHeaderUserId].(float64)))
64
+		ctx.Set(CtxRequestHeaderUserId, int(mapClaims[CtxRequestHeaderUserId].(float64)))
65
+	}
65 66
 }

+ 33
- 32
middleware/auth/optional_auth.go 查看文件

@@ -4,50 +4,51 @@ import (
4 4
 	"fmt"
5 5
 	"time"
6 6
 
7
-	"git.links123.net/links123.com/uc/app"
8 7
 	"github.com/dgrijalva/jwt-go"
9 8
 	"github.com/gin-gonic/gin"
10 9
 )
11 10
 
12
-func OptionalAuth(ctx *gin.Context) {
13
-	var (
14
-		err error
15
-		tk  = ctx.Request.Header.Get(ctxRequestHeaderAuthorization)
16
-	)
11
+func OptionalAuth(authKey string) gin.HandlerFunc {
12
+	return func(ctx *gin.Context) {
13
+		var (
14
+			err error
15
+			tk  = ctx.Request.Header.Get(ctxRequestHeaderAuthorization)
16
+		)
17 17
 
18
-	if tk == "" {
19
-		tk, err = ctx.Cookie(ctxRequestCookieAuthorization)
20
-		if err != nil {
21
-			return
22
-		}
23
-
24
-		tk = "Bearer " + tk
25
-	}
18
+		if tk == "" {
19
+			tk, err = ctx.Cookie(ctxRequestCookieAuthorization)
20
+			if err != nil {
21
+				return
22
+			}
26 23
 
27
-	if len(tk) < 8 {
28
-		return
29
-	}
24
+			tk = "Bearer " + tk
25
+		}
30 26
 
31
-	token, err := jwt.Parse(tk[7:], func(token *jwt.Token) (interface{}, error) {
32
-		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
33
-			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
27
+		if len(tk) < 8 {
28
+			return
34 29
 		}
35 30
 
36
-		return []byte(app.Config.Token.AuthKey), nil
37
-	})
31
+		token, err := jwt.Parse(tk[7:], func(token *jwt.Token) (interface{}, error) {
32
+			if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
33
+				return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
34
+			}
38 35
 
39
-	if err != nil || !token.Valid {
40
-		return
41
-	}
36
+			return []byte(authKey), nil
37
+		})
42 38
 
43
-	mapClaims := token.Claims.(jwt.MapClaims)
44
-	expired := int64(mapClaims[ctxRequestTokenExpired].(float64))
45
-	if expired < time.Now().Unix() {
46
-		// Only cookie is blank value, check token expired
47
-		if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
39
+		if err != nil || !token.Valid {
48 40
 			return
49 41
 		}
50
-	}
51 42
 
52
-	ctx.Set(CtxRequestHeaderUserId, int(mapClaims[CtxRequestHeaderUserId].(float64)))
43
+		mapClaims := token.Claims.(jwt.MapClaims)
44
+		expired := int64(mapClaims[ctxRequestTokenExpired].(float64))
45
+		if expired < time.Now().Unix() {
46
+			// Only cookie is blank value, check token expired
47
+			if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
48
+				return
49
+			}
50
+		}
51
+
52
+		ctx.Set(CtxRequestHeaderUserId, int(mapClaims[CtxRequestHeaderUserId].(float64)))
53
+	}
53 54
 }