accesscontrol

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 20, 2020 License: MIT Imports: 7 Imported by: 0

README

accesscontrol 访问控制中间件

访问控制,检查用户是否拥有访问接口的资源

安装

go get github.com/hanguangbaihuo/sparrow_cloud_go

配置前提

需要先配置JWT中间件,详见github.com/hanguangbaihuo/sparrow_cloud_go/middleware/jwt
接口添加auth认证,详见github.com/hanguangbaihuo/sparrow_cloud_go/middleware/auth

使用前注意

1. 必需提前配置jwt中间件
2. 必需初始化访问控制中间件的配置
3. 如果接口需要访问控制,则接口前必需先添加auth认证中间件,否则接口不通过
4. 如果配置跳过访问控制,仍然需要添加auth认证,因为之后变为不跳过访问控制后,必需用到user_id,该数据只能从auth中间件获得

初始化访问控制中间件配置

func InitACConf(acAddr string, api string, serviceName string, skipAC bool)
参数含义:
acAddr: 访问控制服务的服务地址,例如:sparrow-access-control-svc:8001
api: 访问控制服务的api,例如:/api/ac_i/verify/
serviceName: 你的服务的名字,例如:SparrowPromotion
skipAC: 是否跳过访问控制,设置为true则跳过访问控制,但是仍然需要认证;设置为false,则不跳过访问控制

使用方法

import (
	...
	"github.com/hanguangbaihuo/sparrow_cloud_go/middleware/jwt"
    "github.com/hanguangbaihuo/sparrow_cloud_go/middleware/auth"
	ac "github.com/hanguangbaihuo/sparrow_cloud_go/middleware/accesscontrol"
)

func main() {
    // 初始化iris app
    app := iris.New()
    // 配置jwt中间件
    jwtMiddleware := jwt.DefaultJwtMiddleware("your_jwt_secret")
	app.Use(jwtMiddleware.Serve)
    ...
    // 初始化访问控制中间件配置
    ac.InitACConf("sparrow-access-control-svc:8001", "/api/ac_i/verify/", "SparrowPromotion", false)

    // /test 接口需要用户认证并拥有admin资源才可以访问
    app.Get("/test", auth.IsAuthenticated, ac.RequestSrc("admin"), processRequest)
    app.Listen("8081")
}

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrResrouceMissing 未提供资源
	ErrResrouceMissing = errors.New("required resource not found")
	// ErrAuthMissing no auth
	ErrAuthMissing = errors.New("api needs authentication, ask developer to add auth middleware for this api")
	// ErrNoPermission user don't have resource
	ErrNoPermission = errors.New("you don't have permission to access the api")
)

Functions

func ErrorHandler added in v0.3.3

func ErrorHandler(ctx context.Context, err error)

ErrorHandler is the default error handler. Use it to change the behavior for each error.

func InitACConf added in v0.3.3

func InitACConf(acAddr string, api string, serviceName string, skipAC bool)

InitACConf constructs a new global access control configuration.

func RequestSrc added in v0.3.3

func RequestSrc(resourceName string) func(context.Context)

RequestSrc is access control middleware auth middleware must be configured before this middleware

Types

type ACResponse added in v0.3.3

type ACResponse struct {
	HasPerm bool `json:"has_perm"`
}

ACResponse is access control response when reqeust ac service

type Config

type Config struct {
	// AccessControlService is access control service address:port
	AccessControlService string
	// APIPath
	APIPath string
	// ServiceName is the service name, used for app_name
	ServiceName string
	// SkipAccessContorl, true: skip the access control; false: check user's resource
	SkipAccessContorl bool
}

Config is a struct for specifying configuration options for the accesscontrol middleware.

var AccessControllConf Config

AccessControllConf is accesscontrol middleware configuration.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL