lsm/seaweedfs
1
0
Fork 0
mirror of https://github.com/seaweedfs/seaweedfs.git synced 2026-02-09 09:17:28 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

jwt for read access control

Browse Source
This commit is contained in:
Chris Lu
2019-06-06 00:29:02 -07:00
parent d344e0a035
commit 50aa769554
8 changed files with 69 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
weed/security/guard.go
View File

@@ -41,21 +41,29 @@ https://github.com/pkieltyka/jwtauth/blob/master/jwtauth.go
*/
type Guard struct {
whiteList []string
SigningKey SigningKey
ExpiresAfterSec int
whiteList []string
SigningKey SigningKey
ExpiresAfterSec int
ReadSigningKey SigningKey
ReadExpiresAfterSec int
isActive bool
isWriteActive bool
}
func NewGuard(whiteList []string, signingKey string, expiresAfterSec int) *Guard {
g := &Guard{whiteList: whiteList, SigningKey: SigningKey(signingKey), ExpiresAfterSec: expiresAfterSec}
g.isActive = len(g.whiteList) != 0 || len(g.SigningKey) != 0
func NewGuard(whiteList []string, signingKey string, expiresAfterSec int, readSigningKey string, readExpiresAfterSec int) *Guard {
g := &Guard{
whiteList: whiteList,
SigningKey: SigningKey(signingKey),
ExpiresAfterSec: expiresAfterSec,
ReadSigningKey: SigningKey(readSigningKey),
ReadExpiresAfterSec: readExpiresAfterSec,
}
g.isWriteActive = len(g.whiteList) != 0 || len(g.SigningKey) != 0
return g
}
func (g *Guard) WhiteList(f func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) {
if !g.isActive {
if !g.isWriteActive {
//if no security needed, just skip all checking
return f
}