test3k
/
auth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Добавил чтение токена

Browse Source
main
slaventius 2 years ago
parent 452b35466f
commit 5d4b4f1439
6 changed files with 100 additions and 27 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      .vscode/launch.json
  2. 1
      go.mod
  3. 4
      go.sum
  4. 107
      internal/auth.go
  5. 5
      internal/config/config.go
  6. 9
      internal/transport/prometheus/prometheus.go

1
.vscode/launch.json vendored
Unescape View File

@ -15,6 +15,7 @@
"DB_PORT": "9995",
"APP_PORT": "9994",
// "SENTRY_DSN": "https://3f4b31dbbd9a4a6b8a71f9881d962f25@o4504654569799680.ingest.sentry.io/4504654572683264"
"SECRET_KEY":"T7vnDGlNwjc7pxY5agvksbj0adpKYfnbsbvqsnozA6YZWzohhJO1Dl95HTgMt1cN",
},
"args": []
}

1
go.mod
Unescape View File

@ -5,6 +5,7 @@ go 1.19
require (
git.slaventius.ru/test3k/umate v0.0.0-20230228085343-523fb50446c9
github.com/go-chi/chi/v5 v5.0.8
github.com/golang-jwt/jwt v3.2.2+incompatible
github.com/kelseyhightower/envconfig v1.4.0
github.com/prometheus/client_golang v1.14.0
google.golang.org/grpc v1.52.3

4
go.sum
Unescape View File

@ -31,8 +31,6 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
git.slaventius.ru/test3k/umate v0.0.0-20230224071336-c256dd02b0f7 h1:Eo+tW2vVUvhz3mMR04QCzxTx51M0rQfQKV4M6Y/3dBM=
git.slaventius.ru/test3k/umate v0.0.0-20230224071336-c256dd02b0f7/go.mod h1:xE7ik2EnLB+CNDJA5+HbRIwAk+V7sgUjS0HPeXS5Ka0=
git.slaventius.ru/test3k/umate v0.0.0-20230228085343-523fb50446c9 h1:OJryx+ovm7tjWGxq/E/u6jX9HSDr2PCBuEuCkVz+WWk=
git.slaventius.ru/test3k/umate v0.0.0-20230228085343-523fb50446c9/go.mod h1:xE7ik2EnLB+CNDJA5+HbRIwAk+V7sgUjS0HPeXS5Ka0=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
@ -83,6 +81,8 @@ github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG
github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=

107
internal/auth.go
Unescape View File

@ -2,8 +2,11 @@ package auth
import (
"context"
"errors"
"fmt"
"net/http"
"strings"
"time"
"git.slaventius.ru/test3k/auth/internal/config"
db "git.slaventius.ru/test3k/auth/internal/transport/grpc"
@ -11,9 +14,19 @@ import (
"git.slaventius.ru/test3k/umate/pkg/logger"
mux "github.com/go-chi/chi/v5"
"github.com/golang-jwt/jwt"
"github.com/prometheus/client_golang/prometheus/promhttp"
"google.golang.org/grpc/status"
)
const (
HeaderAuthDevice string = "X-Device" // Заголовок типа устройства
HeaderAuthChecksum string = "X-Checksum" // Заголовок ключа "антиспам"
HeaderAuthToken string = "Authorization" //
)
type ContextKey string
// ...
type AuthServer struct {
db *db.AuthDBClient
@ -29,20 +42,23 @@ func NewServer(ctx context.Context, config *config.Config) *AuthServer {
alogger := logger.NewLogger("test3k:authService", config.Sentry.DSN)
server := &AuthServer{
db: db.NewDBClient(ctx, config),
prometheus: prometheus.NewService(arouter, "/metrics"),
prometheus: prometheus.NewService(),
Router: arouter,
config: config,
logger: alogger,
ctx: ctx,
}
//
server.Router.Get("/api/v1/healthz", healthz(server))
// эндпоинты требующие авторизации
arouter.Get("/api/v1/healthz", server.requireAuth(healthz(server)))
//
server.Router.Post("/api/v1/login", login(server))
server.Router.Post("/api/v1/registration", registration(server))
server.Router.Post("/api/v1/confirmation", confirmation(server))
arouter.Post("/api/v1/login", login(server))
arouter.Post("/api/v1/registration", registration(server))
arouter.Post("/api/v1/confirmation", confirmation(server))
// middleware?
arouter.Handle("/metrics", promhttp.Handler())
return server
}
@ -51,20 +67,77 @@ func (s *AuthServer) GracefulStop() error {
return s.db.Close()
}
func healthz(s *AuthServer) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
// err := s.db.Check()
// if err != nil {
// status := status.Convert(err)
func (s *AuthServer) requireAuth(next http.Handler) http.HandlerFunc {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
// Получим и проверим идентификатор сессии
authorizationHeader := r.Header.Get(HeaderAuthToken)
authorizationHeaderAttributes := strings.Split(authorizationHeader, " ")
if authorizationHeader == "" || len(authorizationHeaderAttributes) < 2 {
err := errors.New("token is empty")
// //
// s.logger.Error(status.Message())
//
s.logger.Error(err.Error())
//
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(err.Error()))
return
} else {
token := authorizationHeaderAttributes[1]
tokenParsed, err := jwt.Parse(token, func(atoken *jwt.Token) (interface{}, error) {
if _, ok := atoken.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, errors.New("there was an error in parsing")
}
return []byte(s.config.Auth.SecretKey), nil
})
if err != nil {
s.logger.Error(err.Error())
// //
// w.Write([]byte(status.Message()))
//
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(err.Error()))
// return
// }
return
}
//
now := float64(time.Now().Unix())
expiration := tokenParsed.Claims.(jwt.MapClaims)["exp"].(float64)
if expiration < now {
erf := errors.New("the token has expired")
//
s.logger.Error(erf.Error())
//
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(erf.Error()))
return
}
//
ctx = context.WithValue(ctx, ContextKey("email"), tokenParsed.Claims.(jwt.MapClaims)["email"])
ctx = context.WithValue(ctx, ContextKey(HeaderAuthToken), token)
//
next.ServeHTTP(w, r.WithContext(ctx))
}
})
}
func healthz(s *AuthServer) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
//
s.logger.Info(ctx.Value(ContextKey(HeaderAuthToken)))
s.logger.Info(ctx.Value(ContextKey("email")))
w.WriteHeader(http.StatusOK)
w.Write([]byte("ok"))

5
internal/config/config.go
Unescape View File

@ -15,6 +15,10 @@ type appConfig struct {
Port int `envconfig:"APP_PORT"`
}
type authConfig struct {
SecretKey string `envconfig:"SECRET_KEY"`
}
type sentryConfig struct {
DSN string `envconfig:"SENTRY_DSN"`
}
@ -23,6 +27,7 @@ type sentryConfig struct {
type Config struct {
Db dbConfig
App appConfig
Auth authConfig
Sentry sentryConfig
}

9
internal/transport/prometheus/prometheus.go
Unescape View File

@ -1,18 +1,15 @@
package pro
import (
mux "github.com/go-chi/chi/v5"
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/promhttp"
)
type Prometheus struct {
router *mux.Mux
usersConfirmed prometheus.Counter // Количество пользователей подтвердивших регистрацию
usersRegistered prometheus.Counter // Количество зарегистрировавшихся пользователей
}
func NewService(router *mux.Mux, pattern string) *Prometheus {
func NewService() *Prometheus {
// Количество пользователей подтвердивших регистрацию
usersConfirmed := prometheus.NewCounter(
prometheus.CounterOpts{
@ -27,11 +24,7 @@ func NewService(router *mux.Mux, pattern string) *Prometheus {
})
prometheus.MustRegister(usersRegistered)
// middleware?
router.Handle(pattern, promhttp.Handler())
return &Prometheus{
router: router,
usersConfirmed: usersConfirmed,
usersRegistered: usersRegistered,
}

Write Preview
Loading…
Cancel
Save