Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
B
beego
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
go
beego
Commits
50a21d60
Commit
50a21d60
authored
Aug 28, 2014
by
astaxie
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
apiauth add more comments & improve
parent
5a087b28
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
29 additions
and
9 deletions
+29
-9
apiauth.go
plugins/apiauth/apiauth.go
+28
-9
basic.go
plugins/auth/basic.go
+1
-0
No files found.
plugins/apiauth/apiauth.go
View file @
50a21d60
...
@@ -21,10 +21,35 @@
...
@@ -21,10 +21,35 @@
//
//
// func main(){
// func main(){
// // apiauth every request
// // apiauth every request
// beego.InsertFilter("*", beego.BeforeRouter,a
uth.API
Auth("appid","appkey"))
// beego.InsertFilter("*", beego.BeforeRouter,a
piauth.APIBaisc
Auth("appid","appkey"))
// beego.Run()
// beego.Run()
// }
// }
//
//
// Advanced Usage:
//
// func getAppSecret(appid string) string {
// // get appsecret by appid
// // maybe store in configure, maybe in database
// }
//
// beego.InsertFilter("*", beego.BeforeRouter,apiauth.APIAuthWithFunc(getAppSecret, 360))
//
// in the request user should include these params in the query
//
// 1. appid
//
// appid is asigned to the application
//
// 2. signature
//
// get the signature use apiauth.Signature()
//
// >>> should use url.QueryEscape()
//
// 3. timestamp:
//
// send the request time, the format is yyyy-mm-dd HH:ii:ss
//
package
apiauth
package
apiauth
import
(
import
(
...
@@ -34,7 +59,6 @@ import (
...
@@ -34,7 +59,6 @@ import (
"fmt"
"fmt"
"net/url"
"net/url"
"sort"
"sort"
"strings"
"time"
"time"
"github.com/astaxie/beego"
"github.com/astaxie/beego"
...
@@ -83,7 +107,7 @@ func APIAuthWithFunc(f AppIdToAppSecret, timeout int) beego.FilterFunc {
...
@@ -83,7 +107,7 @@ func APIAuthWithFunc(f AppIdToAppSecret, timeout int) beego.FilterFunc {
return
return
}
}
t
:=
time
.
Now
()
t
:=
time
.
Now
()
if
(
t
.
Second
()
-
u
.
Second
())
>
timeout
{
if
t
.
Sub
(
u
)
.
Seconds
()
>
float64
(
timeout
)
{
ctx
.
Output
.
SetStatus
(
403
)
ctx
.
Output
.
SetStatus
(
403
)
ctx
.
WriteString
(
"timeout! the request time is long ago, please try again"
)
ctx
.
WriteString
(
"timeout! the request time is long ago, please try again"
)
return
return
...
@@ -117,12 +141,7 @@ func Signature(appsecret, method string, params url.Values, RequestURI string) (
...
@@ -117,12 +141,7 @@ func Signature(appsecret, method string, params url.Values, RequestURI string) (
sha256
:=
sha256
.
New
sha256
:=
sha256
.
New
hash
:=
hmac
.
New
(
sha256
,
[]
byte
(
appsecret
))
hash
:=
hmac
.
New
(
sha256
,
[]
byte
(
appsecret
))
hash
.
Write
([]
byte
(
string_to_sign
))
hash
.
Write
([]
byte
(
string_to_sign
))
sha
:=
base64
.
StdEncoding
.
EncodeToString
(
hash
.
Sum
(
nil
))
return
base64
.
StdEncoding
.
EncodeToString
(
hash
.
Sum
(
nil
))
sha
=
url
.
QueryEscape
(
sha
)
sha
=
strings
.
Replace
(
sha
,
"+"
,
"%20"
,
-
1
)
sha
=
strings
.
Replace
(
sha
,
"*"
,
"%2A"
,
-
1
)
sha
=
strings
.
Replace
(
sha
,
"%7E"
,
"~"
,
-
1
)
return
sha
}
}
type
valSorter
struct
{
type
valSorter
struct
{
...
...
plugins/auth/basic.go
View file @
50a21d60
...
@@ -27,6 +27,7 @@
...
@@ -27,6 +27,7 @@
//
//
//
//
// Advanced Usage:
// Advanced Usage:
//
// func SecretAuth(username, password string) bool {
// func SecretAuth(username, password string) bool {
// return username == "astaxie" && password == "helloBeego"
// return username == "astaxie" && password == "helloBeego"
// }
// }
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment