zishuo/golib
1
0
Fork 0
mirror of https://github.com/nabbar/golib.git synced 2025-10-14 03:53:48 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
c86e1dc1b51c935dffb459f5f29f5bf065c2b585
golib/router/auth.go
nabbar e3239db998 Rework Monitoring, Prometheus, Status system 
Package Monitoring :
- use packag dedicated to monitor component
- each monitor work as standalone server to monitor health
- collect metrics to export them to prometheus exporter

Package Prometheus :
- review to simplify use for API and not API metrics
- optimize code

Package Status :
- Rework to use Monitor package
- Rework to use native json / text Marshaller interface

Context :
- rework context config (context var) to use sync map and sync RWMutex (WORM)
- move gin context to dedicated sub package (dependancies of logger make circular dependencies)
- optimize code

Config :
- rework to optimize sync / collect of component
- rework status to monitor
- remove monitor managment from config to each component
- add a func to set default logger to implement inherit default logger options
- optimize code

IOUtils :
- isolate logger / closer interface as a usable & public interface & instance
- this interface / instance allow to collect io.closer over a context to close all if context is done

Logger :
- rework to use context.config map
- rework to use ioutils closer
- rework to allow options to inherit a default options, or the last version of options
- optimize code

Size :
- Add package Size to calculate and manipulate size Byte or bit
- Add encoding : Text/JSON/Yaml/Toml...
- Add option to défine default unit : Byte or bit

Other :
- adjust following code
- optimize code
- limit use of atomic value
- rework to use RWMutex instead of sync.Mutex to maximize capabilities of read instead of write
- remove 32bit build for CI/CD
- add darwin/arm64 build for CI/CD

Bump Dependencies
2023-02-21 16:30:40 +01:00

145 lines
4.0 KiB
Go
Raw Blame History

/*
* MIT License
*
* Copyright (c) 2019 Nicolas JUHEL
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*
*/
package router
import (
"net/http"
"strings"
ginsdk "github.com/gin-gonic/gin"
liberr "github.com/nabbar/golib/errors"
liblog "github.com/nabbar/golib/logger"
)
type AuthCode uint8
const (
AUTH_CODE_SUCCESS = iota
AUTH_CODE_REQUIRE
AUTH_CODE_FORBIDDEN
)
const (
HEAD_AUTH_REQR = "WWW-Authenticate"
HEAD_AUTH_SEND = "Authorization"
HEAD_AUTH_REAL = "Basic realm=LDAP Authorization Required"
)
func AuthRequire(c *ginsdk.Context, err error) {
if err != nil {
c.Errors = append(c.Errors, &ginsdk.Error{
Err: err,
Type: ginsdk.ErrorTypePrivate,
})
}
// Credentials doesn't match, we return 401 and abort handlers chain.
c.Header(HEAD_AUTH_REQR, HEAD_AUTH_REAL)
c.AbortWithStatus(http.StatusUnauthorized)
}
func AuthForbidden(c *ginsdk.Context, err error) {
if err != nil {
c.Errors = append(c.Errors, &ginsdk.Error{
Err: err,
Type: ginsdk.ErrorTypePrivate,
})
}
c.AbortWithStatus(http.StatusForbidden)
}
type authorization struct {
check func(AuthHeader string) (AuthCode, liberr.Error)
router []ginsdk.HandlerFunc
authType string
}
type Authorization interface {
Handler(c *ginsdk.Context)
Register(router ...ginsdk.HandlerFunc) ginsdk.HandlerFunc
Append(router ...ginsdk.HandlerFunc)
}
func NewAuthorization(HeadAuthType string, authCheckFunc func(AuthHeader string) (AuthCode, liberr.Error)) Authorization {
return &authorization{
check: authCheckFunc,
authType: HeadAuthType,
router: make([]ginsdk.HandlerFunc, 0),
}
}
func (a *authorization) Register(router ...ginsdk.HandlerFunc) ginsdk.HandlerFunc {
a.router = router
return a.Handler
}
func (a *authorization) Append(router ...ginsdk.HandlerFunc) {
a.router = append(a.router, router...)
}
func (a authorization) Handler(c *ginsdk.Context) {
// Search user in the slice of allowed credentials
auth := c.Request.Header.Get(HEAD_AUTH_SEND)
if auth == "" {
AuthRequire(c, ErrorHeaderAuthMissing.Error(nil).GetErrorFull(""))
return
}
authValue := ""
if strings.ContainsAny(auth, " ") {
sAuth := strings.SplitN(auth, " ", 2)
if len(sAuth) == 2 && strings.ToUpper(sAuth[0]) == a.authType {
authValue = sAuth[1]
}
}
if authValue == "" {
AuthRequire(c, ErrorHeaderAuthEmpty.Error(nil).GetErrorFull(""))
return
} else {
code, err := a.check(authValue)
switch code {
case AUTH_CODE_SUCCESS:
for _, r := range a.router {
liblog.DebugLevel.Logf("Calling router '%s=%s'", c.Request.Method, c.Request.URL.RawPath)
r(c)
}
case AUTH_CODE_REQUIRE:
AuthRequire(c, ErrorHeaderAuthRequire.Error(err).GetErrorFull(""))
case AUTH_CODE_FORBIDDEN:
AuthForbidden(c, ErrorHeaderAuthForbidden.Error(err).GetErrorFull(""))
default:
c.Errors = append(c.Errors, &ginsdk.Error{
Err: ErrorHeaderAuth.Error(err).GetErrorFull(""),
Type: ginsdk.ErrorTypePrivate,
})
c.AbortWithStatus(http.StatusInternalServerError)
}
}
}
Reference in New Issue View Git Blame Copy Permalink