From 7905f81270a95db0f9831d7c6c4cbf81207bb4dc Mon Sep 17 00:00:00 2001 From: weloe <1345895607@qq.com> Date: Sat, 13 May 2023 15:15:55 +0800 Subject: [PATCH] Update Readme.md --- Readme.md | 90 +++++++++++++++++++++++++++++++++++++++++ examples/http-server.go | 32 +++++++++++++++ 2 files changed, 122 insertions(+) diff --git a/Readme.md b/Readme.md index 6e672b9..72263af 100644 --- a/Readme.md +++ b/Readme.md @@ -74,6 +74,12 @@ func Kickout(w http.ResponseWriter, req *http.Request) { ## Custom TokenConfig +The same user can only log in once: `IsConcurrent = false && IsShare = false` + +The same user logs in multiple times and shares a token: `IsConcurrent = true && IsShare = false` + +Multiple logins of the same user to multiple tokens: `IsConcurrent = true && IsShare = true` + ```go import ( "fmt" @@ -102,4 +108,88 @@ func main() { enforcer, err = tokenGo.NewEnforcer(adapter, tokenConfig) } ``` +You can also configure it using a yml or ini file like this +[token-go/token_conf.ini at master · weloe/token-go · GitHub](https://github.com/weloe/token-go/blob/master/examples/token_conf.ini) + +[token-go/token_conf.yaml at master · weloe/token-go · GitHub](https://github.com/weloe/token-go/blob/master/examples/token_conf.yaml) + +Then use `enforcer, err = tokenGo.NewEnforcer(adapter, filepath)` to init. + +## Authorization + +A simple permission verification method is also provided +```go +type ACL interface { + GetPermission(id string) []string +} +``` +```go +type RBAC interface { + GetRole(id string) []string +} +``` +Implement either of these two interfaces and call `enforcer.SetAuth(model)` +After that, you can use these two APIs for permission verification + +``` go +// implement RBAC +CheckRole(ctx ctx.Context, role string) error +// implement ACL +CheckPermission(ctx ctx.Context, permission string) error +``` +### example + +```go +type Auth struct { +} + +func (m *Auth) GetRole(id string) []string { + var arr = make([]string, 2) + arr[1] = "user" + return arr +} +func (m *Auth) GetPermission(id string) []string { + var arr = make([]string, 2) + arr[1] = "user::get" + return arr +} + + +func main() { + var err error + // use default adapter + adapter := tokenGo.NewDefaultAdapter() + enforcer, err = tokenGo.NewEnforcer(adapter) + // set auth + enforcer.SetAuth(&Auth{}) + // enable logger + enforcer.EnableLog() + if err != nil { + log.Fatal(err) + } + + http.HandleFunc("/user/check", CheckAuth) + + log.Fatal(http.ListenAndServe(":8081", nil)) +} + +func CheckAuth(w http.ResponseWriter, req *http.Request) { + ctx := tokenGo.NewHttpContext(req, w) + err := enforcer.CheckRole(ctx, "user") + if err != nil { + fmt.Fprintf(w, "CheckRole() error: %s\n", err) + return + } + err = enforcer.CheckPermission(ctx, "user::get") + if err != nil { + fmt.Fprintf(w, "CheckPermission() error: %s\n", err) + return + } + fmt.Fprintf(w, "you have authorization") +} +``` + +## Api + +[token_go package - github.com/weloe/token-go - Go Packages](https://pkg.go.dev/github.com/weloe/token-go#section-documentation) diff --git a/examples/http-server.go b/examples/http-server.go index 72ce801..4aac96f 100644 --- a/examples/http-server.go +++ b/examples/http-server.go @@ -9,11 +9,27 @@ import ( var enforcer *tokenGo.Enforcer +type Auth struct { +} + +func (m *Auth) GetRole(id string) []string { + var arr = make([]string, 2) + arr[1] = "user" + return arr +} +func (m *Auth) GetPermission(id string) []string { + var arr = make([]string, 2) + arr[1] = "user::get" + return arr +} + func main() { var err error // use default adapter adapter := tokenGo.NewDefaultAdapter() enforcer, err = tokenGo.NewEnforcer(adapter) + // set auth + enforcer.SetAuth(&Auth{}) // enable logger enforcer.EnableLog() if err != nil { @@ -24,10 +40,26 @@ func main() { http.HandleFunc("/user/logout", Logout) http.HandleFunc("/user/isLogin", IsLogin) http.HandleFunc("/user/kickout", Kickout) + http.HandleFunc("/user/check", CheckAuth) log.Fatal(http.ListenAndServe(":8081", nil)) } +func CheckAuth(w http.ResponseWriter, req *http.Request) { + ctx := tokenGo.NewHttpContext(req, w) + err := enforcer.CheckRole(ctx, "user") + if err != nil { + fmt.Fprintf(w, "CheckRole() error: %s\n", err) + return + } + err = enforcer.CheckPermission(ctx, "user::get") + if err != nil { + fmt.Fprintf(w, "CheckPermission() error: %s\n", err) + return + } + fmt.Fprintf(w, "you have authorization") +} + func Login(w http.ResponseWriter, req *http.Request) { token, err := enforcer.Login("1", tokenGo.NewHttpContext(req, w)) if err != nil {