go项目脚手架
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
sorbet/internal/middleware/key_auth.go

75 lines
2.8 KiB

package middleware
import (
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v4/middleware"
)
// KeyAuthValidator defines a function to validate KeyAuth credentials.
type KeyAuthValidator = middleware.KeyAuthValidator
// KeyAuthErrorHandler defines a function which is executed for an invalid key.
type KeyAuthErrorHandler = middleware.KeyAuthErrorHandler
// KeyAuthConfig defines the config for KeyAuth middleware.
type KeyAuthConfig struct {
Skipper Skipper
// KeyLookup is a string in the form of "<source>:<name>" or "<source>:<name>,<source>:<name>" that is used
// to extract key from the request.
// Optional. Default value "header:Authorization".
// Possible values:
// - "header:<name>" or "header:<name>:<cut-prefix>"
// `<cut-prefix>` is argument value to cut/trim prefix of the extracted value. This is useful if header
// value has static prefix like `Authorization: <auth-scheme> <authorisation-parameters>` where part that we
// want to cut is `<auth-scheme> ` note the space at the end.
// In case of basic authentication `Authorization: Basic <credentials>` prefix we want to remove is `Basic `.
// - "query:<name>"
// - "form:<name>"
// - "cookie:<name>"
// Multiple sources example:
// - "header:Authorization,header:X-Api-Key"
KeyLookup string
// AuthScheme to be used in the Authorization header.
// Optional. Default value "Bearer".
AuthScheme string
// Validator is a function to validate key.
// Required.
Validator KeyAuthValidator
// ErrorHandler defines a function which is executed for an invalid key.
// It may be used to define a custom error.
ErrorHandler KeyAuthErrorHandler
// ContinueOnIgnoredError allows the next middleware/handler to be called when ErrorHandler decides to
// ignore the error (by returning `nil`).
// This is useful when parts of your site/api allow public access and some authorized routes provide extra functionality.
// In that case you can use ErrorHandler to set a default public key auth value in the request context
// and continue. Some logic down the remaining execution chain needs to check that (public) key auth value then.
ContinueOnIgnoredError bool
}
// DefaultKeyAuthConfig is the default KeyAuth middleware config.
var DefaultKeyAuthConfig = KeyAuthConfig{
Skipper: DefaultSkipper,
KeyLookup: "header:" + echo.HeaderAuthorization,
AuthScheme: "Bearer",
}
func (a *KeyAuthConfig) ToMiddleware() echo.MiddlewareFunc {
return middleware.KeyAuthWithConfig(middleware.KeyAuthConfig{
Skipper: a.Skipper,
KeyLookup: a.KeyLookup,
AuthScheme: a.AuthScheme,
Validator: a.Validator,
ErrorHandler: a.ErrorHandler,
ContinueOnIgnoredError: a.ContinueOnIgnoredError,
})
}
func KeyAuth() echo.MiddlewareFunc {
return DefaultKeyAuthConfig.ToMiddleware()
}