Beispiel #1
0
func AuthInterceptor(c *revel.Controller) revel.Result {
	// 全部变成首字大写
	/*
		var controller = strings.Title(c.Name)
		var method = strings.Title(c.MethodName)
		// 是否需要验证?
		if !needValidate(controller, method) {
			return nil
		}
	*/

	// 验证是否已登录
	// 必须是管理员
	if username, ok := c.Session["Username"]; ok && username == configService.GetAdminUsername() {
		return nil // 已登录
	}

	// 没有登录, 判断是否是ajax操作
	if c.Request.Header.Get("X-Requested-With") == "XMLHttpRequest" {
		re := info.NewRe()
		re.Msg = "NOTLOGIN"
		return c.RenderJson(re)
	}

	return c.Redirect("/login")
}
Beispiel #2
0
/*
Filter AuthFilter is Revel Filter for JWT Auth Token verification
Register it in the revel.Filters in <APP_PATH>/app/init.go

Add jwt.AuthFilter anywhere deemed appropriate, it must be register after revel.PanicFilter

	revel.Filters = []revel.Filter{
		revel.PanicFilter,
		...
		jwt.AuthFilter,		// JWT Auth Token verification for Request Paths
		...
	}

Note: If everything looks good then Claims map made available via c.Args
and can be accessed using c.Args[jwt.TOKEN_CLAIMS_KEY]
*/
func AuthFilter(c *revel.Controller, fc []revel.Filter) {
	if !anonymousPaths.MatchString(c.Request.URL.Path) {
		token, err := ParseFromRequest(c.Request.Request)
		if err == nil && token.Valid && !IsInBlocklist(GetAuthToken(c.Request)) {
			c.Args[TOKEN_CLAIMS_KEY] = token.Claims

			fc[0](c, fc[1:]) // everything looks good, move on
		} else {
			if ve, ok := err.(*jwt.ValidationError); ok {
				if ve.Errors&jwt.ValidationErrorMalformed != 0 {
					revel.ERROR.Println("That's not even a token")
				} else if ve.Errors&(jwt.ValidationErrorExpired|jwt.ValidationErrorNotValidYet) != 0 {
					revel.ERROR.Println("Timing is everything, Token is either expired or not active yet")
				} else {
					revel.ERROR.Printf("Couldn't handle this token: %v", err)
				}
			} else {
				revel.ERROR.Printf("Couldn't handle this token: %v", err)
			}

			c.Response.Status = http.StatusUnauthorized
			c.Response.Out.Header().Add("WWW-Authenticate", Realm)
			c.Result = c.RenderJson(map[string]string{
				"id":      "unauthorized",
				"message": "Invalid or token is not provided",
			})

			return
		}
	}

	fc[0](c, fc[1:]) //not applying JWT auth filter due to anonymous path
}
func checkDataTypeParam(c *revel.Controller) revel.Result {
	dataType, ok := c.Params.Values["dataType"]
	if ok && dataType[0] != "" {
		if _, ok := database.SynchronizationTypes[dataType[0]]; !ok {
			c.Response.Status = 400
			return c.RenderJson("wrong dataType attribute")
		}
		return nil
	}
	c.Response.Status = 400
	return c.RenderJson("mandatory parameter dataType is not present")
}
Beispiel #4
0
func returnMessage(c *revel.Controller, message interface{}, err error) revel.Result {
	result := &opResult{}
	if err != nil {
		result.Result = Error
		result.Message = err.Error()
		revel.WARN.Fatalln(err)
	} else {
		result.Result = Success
		result.Message = message
	}

	return c.RenderJson(result)
}
Beispiel #5
0
// 这里得到token, 若不是login, logout等公用操作, 必须验证是否已登录
func AuthInterceptor(c *revel.Controller) revel.Result {
	// 得到token /api/user/info?userId=xxx&token=xxxxx
	token := c.Params.Values.Get("token")
	noToken := false
	if token == "" {
		// 若无, 则取sessionId
		token = c.Session.Id()
		noToken = true
	}
	c.Session["_token"] = token

	// 全部变成首字大写
	var controller = strings.Title(c.Name)
	var method = strings.Title(c.MethodName)

	// 验证是否已登录
	// 通过sessionService判断该token下是否有userId, 并返回userId
	userId := sessionService.GetUserId(token)
	if noToken && userId == "" {
		// 从session中获取, api/file/getImage, api/file/getAttach, api/file/getAllAttach
		// 客户端
		userId, _ = c.Session["UserId"]
	}
	c.Session["_userId"] = userId

	// 是否需要验证?
	if !needValidate(controller, method) {
		return nil
	}

	if userId != "" {
		return nil // 已登录
	}

	// 没有登录, 返回错误的信息, 需要登录
	re := info.NewApiRe()
	re.Msg = "NOTLOGIN"
	return c.RenderJson(re)
}
Beispiel #6
0
func GetGridJson(c *revel.Controller, count int, data interface{}) revel.Result {
	json := &GridJson{count, data}
	return c.RenderJson(json)
}