beego 实现接口认证

我这里实现的是一个简单的认证方式：使用的固定token

本次主要想记录的技术点是

• 获取用户的请求参数和请求头并在路由转发前先做权限校验
• 通过结构体构建嵌套json

服务端

首先在路由的初始化函数中

• 定义权限认证函数
• 对接口url路由转发前进行权限认证
• 从请求头中获取用户名并注册到ctx中，后端可以通过ctx获取已注册的变量

router.go

package routers

import (
    "go-common-lib/olog"
    "kafka/routers/api"
    "kafka/routers/ui"

    "github.com/astaxie/beego"
    "github.com/astaxie/beego/context"
)

// 认证通过api调用的请求用户是否有token
var ApiAuthFilter = func(ctx *context.Context) {
    if ctx.Request.RequestURI != "/auth-center/ui/auth/login" && ctx.Request.RequestURI != "/ui/platform/auth/login" {
        olog.Debug("start auth request")
        token := ctx.Request.Header.Get("Authorization")
        if token == "xxx" {
            username := ctx.Request.Header.Get("userName")
            // userId := ctx.Request.Header.Get("userId")
            olog.Debug("request is ok ,username is ", username)
            // if username != "" && userId != "" {
            if username != "" {
                ctx.Input.SetData("username", username)
                // ctx.Input.SetData("userID", userId)
            } else {
                olog.Debug("username or userId is not validate")
                ctx.Redirect(401, "/401")
            }
        } else {
            olog.Debug("request token is  not exists")
            ctx.Redirect(401, "/401")
        }
    }
}

func init() {
    //对用户提供的接口
    beego.InsertFilter("/kafka/api/v/*", beego.BeforeRouter, ApiAuthFilter)
    api2Ns := beego.NewNamespace("/kafka/api/v",
        api.DemandNs(),
    )
    beego.AddNamespace(api2Ns)
}

客户端请求

package main

import (
    "bytes"    "encoding/json"
    "fmt"
    "io/ioutil"
    "net/http"
)

var urlBase = "http://localhost:8888"
func WhiteListApply() {
    //集群变更表单信息
    type ProduceWhitelistItem struct {
        User  string `json:"user"`
        Topic string `json:"topic"`
        Bns   string `json:"bns"`
    }
    type ConsumeWhitelistItem struct {
        User  string `json:"user"`
        Topic string `json:"topic"`
        Group string `json:"group"`
        Bns   string `json:"bns"`
    }

    type WhitelistFormInfo struct {
        DepartmentId         int                    `json:"departmentID"`
        DepartmentName       string                 `json:"departmentName"`
        ClusterName          string                 `valid:"Required" json:"clusterName" description:"集群名称"`
        CausesAndNeeds       string                 `valid:"Required" json:"causesAndNeeds" description:"申请原因及需求说明"`
        Approver             string                 `json:"approver"`
        ProWhitelistType     string                 `json:"proWhitelistType" description:"生产者白名单类型,bbb或ip"`
        ConsumeWhitelistType string                 `json:"consumeWhitelistType" description:"消费者白名单类型,bbb或ip"`
        ProduceWhitelist     []ProduceWhitelistItem `json:"produceData" description:"生产者白名单新增"`
        ConsumeWhitelist     []ConsumeWhitelistItem `json:"consumeData" description:"消费者白名单新增"`
    }

    var url = fmt.Sprintf("%s/kafka/api/v/demand/whiteListApply", urlBase)
    pro := make([]ProduceWhitelistItem, 2)
    pro[0] = ProduceWhitelistItem{"user1", "topic1", "*"}
    pro[1] = ProduceWhitelistItem{"user2", "topic2", "*"}
    args := &WhitelistFormInfo{
        DepartmentId:         000,
        DepartmentName:       "xxxx",
        ClusterName:          "demo_1",
        CausesAndNeeds:       "test",
        ProWhitelistType:     "IP",
        ConsumeWhitelistType: "bbb",
        ProduceWhitelist:     pro,
        ConsumeWhitelist:     []ConsumeWhitelistItem{},
    }
    reqBody, err := json.Marshal(args)
    req, err := http.NewRequest("POST", url, bytes.NewBuffer(reqBody))
    if err != nil {
        panic(err)
    }
    req.Header.Set("userName", "xxx")
    req.Header.Set("Content-Type", "application/json")
    req.Header.Set("Authorization", "xxx")
    client := &http.Client{}
    resp, _ := client.Do(req)
    defer resp.Body.Close()
    body, err := ioutil.ReadAll(resp.Body)
    fmt.Println("Response status:", resp.Status)
    fmt.Println("body:", string(body))
}

func main() {
WhiteListApply()
}