README
¶
Httpuser Http用户库
接口
- http请求身份识别接口 Identifier
- 登录与登出接口 LoginProvider/LogoutProvider
- 用户鉴权接口 Authorizer
授权管理
授权管理定义了授权管理器接口Authorizer,以及对应使用的中间件
role实现了一个根据用户角色进行权限检测的Authorizer
//对用户进行授权的检测.第二个参数为授权失败后的动作,如传入nil则失败返回403状态
app.Use(user.AuthorizeMiddleware(Authorizer,nil))
//授权检测,失败则返回403状态
app.Use(user.AuthorizeOrForbiddenMiddleware(Authorizer))
用户识别
用户识别模块定义了基于http.Request的用户识别器 Identifier,以及响应的操作工具
Identifier 用户识别接口,识别给到的http请求对应的用户id
//登录限制中间件,第二个参数为没有用户信息时执行的动作,为nil的话返回401错误
loginrequired=user.LoginRequiredMiddleware(identifier,nil)
app.Use(loginrequired)
//登录跳转器,用于在用户需要登录时进行跳转,并记录原始信息
//第一个参数为登录Url,第二个参数为储存原始链接的cookie名
redirector=user.NewLoginRedirector("/login","login-returnurl")
//可以通过设置跳转器的Cookie属性进行cookie的调整
redirector.Cookie.Path="/app"
app.Use(redirector.Middleware(identifier))
//登录成功后获取原始信息的方式
loginsuccess=func(w http.ResponseWriter, r *http.Request){
//获取原始登录地址
url:=redirector.MustClearSource(w,r)
//判断是否为空
if url==""{
url="/home"
}
http.Redirect(w, r, url, 302)
}
登录/登出服务
用户模块定义了基本的用户登录,登出接口,及相关的快捷操作
- LoginProvider用户登录接口,将用户登录到指定的请求上
- LogoutProvider 用户登出接口,将用户从指定的请求上登出
登出中间件:
app.
Use(user.LogoutMiddleware(logoutProvider)).
HandleFunc(func(w http.ResponseWriter, r *http.Request){
w.Write([]byte("成功登出"))
})
用户限制列表中间件
//限制只有指定的用户才能访问。用户Id不在指定的列表里的话返回403错误
app.Use(user.MiddlewareForbiddenExceptForUsers(Identifier,[]string["admin1","admin2"]))
重定向器
重定向器与登录跳转器功能类似。但可以用于更详细判断用户跳转的标准。 一般用于强制用户在访问的指定动作钱必须进行额外的验证或者资料补充。
//跳转条件,返回是否需要
condition=func(w http.ResponseWriter, req *http.Request) bool{
return getUserConfrimed(w,req)
}
redirector:=user.NewRedirector("/bindemail","bindemail-returnurl",condition)
app.Use(redirector)
//操作成功后获取原始信息的方式
bindemailSuccess=func(w http.ResponseWriter, r *http.Request){
//获取原始地址
url:=redirector.MustClearSource(w,r)
//判断是否为空
if url==""{
url="/home"
}
http.Redirect(w, r, url, 302)
}
Documentation
¶
Index ¶
- func AuthorizeMiddleware(authorizer Authorizer, unauthorizedAction http.HandlerFunc) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
- func AuthorizeOrForbiddenMiddleware(authorizer Authorizer) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
- func LoginRequiredMiddleware(identifier Identifier, unauthorizedAction http.HandlerFunc) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
- func LogoutMiddleware(s LogoutProvider) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
- func MiddlewareForbiddenExceptForUsers(identifier Identifier, users []string) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
- type Authorizer
- type Identifier
- type LoginProvider
- type LoginRedirector
- func (lr *LoginRedirector) ClearSource(w http.ResponseWriter, r *http.Request) (string, error)
- func (lr *LoginRedirector) Middleware(s Identifier) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
- func (lr *LoginRedirector) MustClearSource(w http.ResponseWriter, r *http.Request) string
- func (lr *LoginRedirector) RedirectAction(w http.ResponseWriter, r *http.Request)
- type LogoutProvider
- type Redirector
- func (r *Redirector) ClearSource(w http.ResponseWriter, req *http.Request) (string, error)
- func (r *Redirector) Middleware() func(w http.ResponseWriter, req *http.Request, next http.HandlerFunc)
- func (r *Redirector) MustClearSource(w http.ResponseWriter, req *http.Request) string
- func (r *Redirector) RedirectAction(w http.ResponseWriter, req *http.Request)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuthorizeMiddleware ¶
func AuthorizeMiddleware(authorizer Authorizer, unauthorizedAction http.HandlerFunc) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
AuthorizeMiddleware middleware which authorize http request with authorizer. Params unauthorizedAction will be executed if authorize fail. If authorize fail and params unauthorizedAction is nil,http error 403 will be execute.
func AuthorizeOrForbiddenMiddleware ¶
func AuthorizeOrForbiddenMiddleware(authorizer Authorizer) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
AuthorizeOrForbiddenMiddleware middleware which authorize http request with authorizer. http error 403 will be executed if authorize fail.
func LoginRequiredMiddleware ¶
func LoginRequiredMiddleware(identifier Identifier, unauthorizedAction http.HandlerFunc) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
LoginRequiredMiddleware middleware which indentify user with identifier. If indentify fail param unauthorizedAction will be executed.
func LogoutMiddleware ¶
func LogoutMiddleware(s LogoutProvider) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
LogoutMiddleware middleware which will logout user.
func MiddlewareForbiddenExceptForUsers ¶
func MiddlewareForbiddenExceptForUsers(identifier Identifier, users []string) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
MiddlewareForbiddenExceptForUsers middleware which identify user with identifier,and return http 403 error if user is not in users list.
Types ¶
type Authorizer ¶
type Authorizer interface {
//Authorize authorize http request.
//Return authorize result and any error raised.
Authorize(*http.Request) (bool, error)
}
Authorizer user role authorizer interface
type Identifier ¶
type Identifier interface {
//IdentifyRequest identify http request
//return identification and any error if rasied.
IdentifyRequest(r *http.Request) (string, error)
}
Identifier http request identifier
type LoginProvider ¶
LoginProvider Login provider interface
type LoginRedirector ¶
type LoginRedirector struct {
//LoginURL redirector will redirect user to this url if user didnot log in.
LoginURL string
//Cookie cookie settings.
Cookie *http.Cookie
}
LoginRedirector login redirector struct
func NewLoginRedirector ¶
func NewLoginRedirector(loginurl string, cookiename string) *LoginRedirector
NewLoginRedirector create new login redirector with given login url and cookie name.
func (*LoginRedirector) ClearSource ¶
func (lr *LoginRedirector) ClearSource(w http.ResponseWriter, r *http.Request) (string, error)
ClearSource return and clear the url before redirect. Return url and any error if raised.
func (*LoginRedirector) Middleware ¶
func (lr *LoginRedirector) Middleware(s Identifier) func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
Middleware redirector middleware
func (*LoginRedirector) MustClearSource ¶
func (lr *LoginRedirector) MustClearSource(w http.ResponseWriter, r *http.Request) string
MustClearSource return and clear the url before redirect.
func (*LoginRedirector) RedirectAction ¶
func (lr *LoginRedirector) RedirectAction(w http.ResponseWriter, r *http.Request)
RedirectAction action which set cookie and redirect user.
type LogoutProvider ¶
type LogoutProvider interface {
Logout(w http.ResponseWriter, r *http.Request) error
}
LogoutProvider Logout provider interface
type Redirector ¶
type Redirector struct {
TargetURL string
Cookie *http.Cookie
Condition func(w http.ResponseWriter, req *http.Request) bool
}
Redirector redirector request when condition is true.
func NewRedirector ¶
func NewRedirector(url string, cookiename string, condition func(w http.ResponseWriter, req *http.Request) bool) *Redirector
NewRedirector create new redirector wotj govem cookie name and condition
func (*Redirector) ClearSource ¶
func (r *Redirector) ClearSource(w http.ResponseWriter, req *http.Request) (string, error)
ClearSource return and clear the url before redirect. Return url and any error if raised.
func (*Redirector) Middleware ¶
func (r *Redirector) Middleware() func(w http.ResponseWriter, req *http.Request, next http.HandlerFunc)
Middleware redirector middleware
func (*Redirector) MustClearSource ¶
func (r *Redirector) MustClearSource(w http.ResponseWriter, req *http.Request) string
MustClearSource return and clear the url before redirect.
func (*Redirector) RedirectAction ¶
func (r *Redirector) RedirectAction(w http.ResponseWriter, req *http.Request)
RedirectAction redirect action of redirector
Source Files