Skip to content

Commit

Permalink
set request user cache
Browse files Browse the repository at this point in the history 
Signed-off-by: Toby Yan <me@tobyan.com>
  • Loading branch information
@toby1991
toby1991 committed Jul 5, 2019
1 parent 8f682f3 commit 356e55b
Show file tree
Hide file tree
Showing 5 changed files with 33 additions and 19 deletions.
24 changes: 19 additions & 5 deletions auth/user.go → auth/request_user.go
View file
Expand Up @@ -11,6 +11,8 @@ import (
"github.com/totoval/framework/model"
)

const CONTEXT_REQUEST_USER_KEY = "TOTOVAL_CONTEXT_REQUEST_USER"

func newUser() interface{} {
typeof := reflect.TypeOf(config.GetInterface("auth.model_ptr"))
ptr := reflect.New(typeof).Elem()
Expand All @@ -31,15 +33,24 @@ func (e UserNotExistError) Error() string {
return "user not exist"
}

type AuthUser struct {
type RequestUser struct {
user model.IUser
}

func (au *AuthUser) Scan(c *gin.Context) (isAbort bool) {
func (au *RequestUser) Scan(c *gin.Context) (isAbort bool) {
// if already scanned
if au.user != nil {
return false
}

// get cached user
if _requestUser, exists := c.Get(CONTEXT_REQUEST_USER_KEY); exists {
if requestUser, ok := _requestUser.(model.IUser); ok {
au.user = requestUser
return false
}
}

user := newUser().(model.IUser)
userId, exist := middleware.AuthClaimID(c)
if !exist {
Expand All @@ -50,17 +61,20 @@ func (au *AuthUser) Scan(c *gin.Context) (isAbort bool) {
c.JSON(http.StatusUnprocessableEntity, gin.H{"error": UserNotExistError{}.Error()})
return true
}

au.user = user

// set cache
c.Set(CONTEXT_REQUEST_USER_KEY, user)

return false
}

func (au *AuthUser) User() model.IUser {
func (au *RequestUser) User() model.IUser {
return au.user
}

func (au *AuthUser) UserId(c *gin.Context) (userId uint, isAbort bool) {
func (au *RequestUser) UserId(c *gin.Context) (userId uint, isAbort bool) {
exist := false
userId, exist = middleware.AuthClaimID(c)
if !exist {
Expand Down
2 changes: 1 addition & 1 deletion http/controller/base_controller.go
View file
Expand Up @@ -21,6 +21,6 @@ type Controller interface {

type BaseController struct {
policy.Authorization
auth.AuthUser
auth.RequestUser
validator.Validation
}
14 changes: 7 additions & 7 deletions http/middleware/auth.go
View file
Expand Up @@ -12,8 +12,8 @@ import (
)

const (
CLAIM_KEY = "CLAIM"
TOKEN_KEY = "TOKEN"
CONTEXT_CLAIM_KEY = "TOTOVAL_CONTEXT_CLAIM"
CONTEXT_TOKEN_KEY = "TOTOVAL_CONTEXT_TOKEN"
)

type TokenRevokeError struct{}
Expand All @@ -33,15 +33,15 @@ func AuthRequired() gin.HandlerFunc {
}

// set token
c.Set(TOKEN_KEY, token)
c.Set(CONTEXT_TOKEN_KEY, token)

j := jwt.NewJWT(config.GetString("auth.sign_key"))
claims, err := j.ParseToken(token)
if err != nil {
if err == jwt.TokenExpired {
if token, _err := j.RefreshTokenUnverified(token); _err == nil {
if claims, err := j.ParseToken(token); err == nil {
c.Set(CLAIM_KEY, claims)
c.Set(CONTEXT_CLAIM_KEY, claims)
c.Header("Authorization", "Bear "+token)
//c.JSON(http.StatusOK, gin.H{"data": gin.H{"token": token}})
return
Expand All @@ -51,12 +51,12 @@ func AuthRequired() gin.HandlerFunc {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
return
}
c.Set(CLAIM_KEY, claims)
c.Set(CONTEXT_CLAIM_KEY, claims)
}
}

func AuthClaimID(c *gin.Context) (ID uint, exist bool) {
claims, exist := c.Get(CLAIM_KEY)
claims, exist := c.Get(CONTEXT_CLAIM_KEY)
if !exist {
return 0, false
}
Expand All @@ -66,7 +66,7 @@ func AuthClaimID(c *gin.Context) (ID uint, exist bool) {

func Revoke(c *gin.Context) error {
j := jwt.NewJWT(config.GetString("auth.sign_key"))
if tokenString, exist := c.Get(TOKEN_KEY); exist {
if tokenString, exist := c.Get(CONTEXT_TOKEN_KEY); exist {
if token, ok := tokenString.(string); ok {
if err := j.RevokeToken(token); err == nil {
c.Header("Authorization", "")
Expand Down
6 changes: 3 additions & 3 deletions policy/policy.go
View file
Expand Up @@ -31,14 +31,14 @@ const (
)

type Authorization struct {
auth.AuthUser
auth.RequestUser
}

func (a *Authorization) Authorize(c *gin.Context, policies Policier, action Action) (permit bool, user model.IUser) {
if a.AuthUser.Scan(c) {
if a.RequestUser.Scan(c) {
return false, nil
}
user = a.AuthUser.User()
user = a.RequestUser.User()

rpm := make(map[key]value)
return policyValidate(user, policies, action, rpm), user
Expand Down
6 changes: 3 additions & 3 deletions policy/policy_middleware.go
View file
Expand Up @@ -24,14 +24,14 @@ func Middleware(policy Policier, action Action) gin.HandlerFunc {
}

// get user
authUser := &auth.AuthUser{}
if authUser.Scan(c) {
requestUser := &auth.RequestUser{}
if requestUser.Scan(c) {
c.Abort()
return
}

// validate policy
if !policyValidate(authUser.User(), policy, action, routeParamMap) {
if !policyValidate(requestUser.User(), policy, action, routeParamMap) {
forbid(c)
c.Abort()
return
Expand Down

0 comments on commit 356e55b

Please sign in to comment.