uuid used
This commit is contained in:
+7
-12
@@ -17,6 +17,7 @@ import (
|
||||
"mstore/app/router"
|
||||
"mstore/pkg/auxhttp"
|
||||
"mstore/pkg/auxpwd"
|
||||
"mstore/pkg/auxuuid"
|
||||
"mstore/pkg/terms"
|
||||
)
|
||||
|
||||
@@ -29,40 +30,35 @@ func (hand *Handler) AuthMiddleware(next router.Handler) router.Handler {
|
||||
var handlerFunc router.HandlerFunc
|
||||
|
||||
handlerFunc = func(rctx *router.Context) {
|
||||
//hand.logg.Debugf("Call authorization middleware")
|
||||
success, accountID, err := hand.CheckAccess(rctx)
|
||||
if success {
|
||||
rctx.SetBool(authTag, true)
|
||||
rctx.SetString(userTag, accountID)
|
||||
//hand.logg.Debugf("Authorization for accountID [%s]", rctx.Strings[userTag])
|
||||
rctx.SetString(userTag, string(accountID))
|
||||
}
|
||||
if err != nil {
|
||||
hand.logg.Errorf("Authorization middleware error: %v", err)
|
||||
}
|
||||
next.ServeHTTP(rctx)
|
||||
|
||||
}
|
||||
return handlerFunc
|
||||
}
|
||||
|
||||
// Authentification
|
||||
func (hand *Handler) CheckAccess(rctx *router.Context) (bool, string, error) {
|
||||
func (hand *Handler) CheckAccess(rctx *router.Context) (bool, auxuuid.UUID, error) {
|
||||
var err error
|
||||
var success bool
|
||||
var username string
|
||||
var password string
|
||||
var accountID string
|
||||
var accountID auxuuid.UUID
|
||||
|
||||
accountID = terms.AnonymousID
|
||||
|
||||
authHeader := rctx.GetHeader("Authorization")
|
||||
if authHeader != "" {
|
||||
//hand.logg.Debugf("Authorization header is %s", authHeader)
|
||||
username, password, err = auxhttp.ParseBasicAuth(authHeader)
|
||||
if err != nil {
|
||||
return success, accountID, err
|
||||
}
|
||||
//hand.logg.Debugf("Authorization pair is %s:%s", username, password)
|
||||
if username == "" || password == "" {
|
||||
goto anonymous
|
||||
}
|
||||
@@ -84,9 +80,9 @@ anonymous:
|
||||
return success, accountID, err
|
||||
}
|
||||
|
||||
func (hand *Handler) ValidatePassword(ctx context.Context, username, password string) (bool, string, error) {
|
||||
func (hand *Handler) ValidatePassword(ctx context.Context, username, password string) (bool, auxuuid.UUID, error) {
|
||||
var err error
|
||||
var accountID string
|
||||
var accountID auxuuid.UUID
|
||||
valid := false
|
||||
|
||||
accountExists, accountDescr, err := hand.mdb.GetAccountByUsername(ctx, username)
|
||||
@@ -106,7 +102,7 @@ func (hand *Handler) ValidatePassword(ctx context.Context, username, password st
|
||||
|
||||
// Authorization
|
||||
|
||||
func (hand *Handler) CheckRight(ctx context.Context, accountID, reqRight, subject string) (bool, error) {
|
||||
func (hand *Handler) CheckRight(ctx context.Context, accountID auxuuid.UUID, reqRight, subject string) (bool, error) {
|
||||
var err error
|
||||
var res bool
|
||||
//hand.logg.Debugf("Cop check your right %s: %s %s", accountID, reqRight, subject)
|
||||
@@ -142,6 +138,5 @@ func (hand *Handler) CheckRight(ctx context.Context, accountID, reqRight, subjec
|
||||
// NOP
|
||||
}
|
||||
res = true
|
||||
//hand.logg.Debugf("Result of checking right %s for %s: %v", reqRight, accountID, res)
|
||||
return res, err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user