evan/next-terminal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

完善资源隔离和授权管理

Browse Source
This commit is contained in:
dushixiang
2021-01-16 17:29:20 +08:00
parent 44110722b2
commit 11c1ac23e4
16 changed files with 120 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
pkg/api/middleware.go
View File

@ -21,6 +21,9 @@ func ErrorHandler(next echo.HandlerFunc) echo.HandlerFunc {
func Auth(next echo.HandlerFunc) echo.HandlerFunc {
urls := []string{"download", "recording", "login", "static", "favicon", "logo"}
permissionUrls := H{
"/users": "admin",
}
return func(c echo.Context) error {
// 路由拦截 - 登录身份、资源权限判断等
@ -37,7 +40,15 @@ func Auth(next echo.HandlerFunc) echo.HandlerFunc {
authorization, found := global.Cache.Get(token)
if !found {
logrus.Debugf("您的登录信息已失效,请重新登录后再试。")
return Fail(c, 403, "您的登录信息已失效,请重新登录后再试。")
return Fail(c, 401, "您的登录信息已失效,请重新登录后再试。")
}
for url := range permissionUrls {
if strings.HasPrefix(c.Request().RequestURI, url) {
if authorization.(Authorization).User.Type != permissionUrls[url] {
return Fail(c, 403, "permission denied")
}
}
}
if authorization.(Authorization).Remember {