Chris Lu
10 years ago
21 changed files with 269 additions and 135 deletions
-
1go/operation/data_struts.go
-
5go/operation/delete_content.go
-
32go/operation/submit.go
-
10go/operation/upload_content.go
-
77go/security/guard.go
-
72go/security/jwt.go
-
14go/storage/store.go
-
26go/topology/store_replicate.go
-
7go/util/http_util.go
-
10go/weed/benchmark.go
-
4go/weed/filer.go
-
2go/weed/master.go
-
5go/weed/server.go
-
12go/weed/upload.go
-
4go/weed/weed_server/common.go
-
7go/weed/weed_server/filer_server.go
-
6go/weed/weed_server/filer_server_handlers.go
-
29go/weed/weed_server/master_server.go
-
5go/weed/weed_server/master_server_handlers_admin.go
-
29go/weed/weed_server/volume_server.go
-
3go/weed/weed_server/volume_server_handlers.go
@ -0,0 +1,72 @@ |
|||
package security |
|||
|
|||
import ( |
|||
"net/http" |
|||
"strings" |
|||
|
|||
"time" |
|||
|
|||
"github.com/chrislusf/weed-fs/go/glog" |
|||
jwt "github.com/dgrijalva/jwt-go" |
|||
) |
|||
|
|||
type EncodedJwt string |
|||
type Secret string |
|||
|
|||
func GenJwt(secret Secret, fileId string) EncodedJwt { |
|||
if secret == "" { |
|||
return "" |
|||
} |
|||
|
|||
t := jwt.New(jwt.GetSigningMethod("HS256")) |
|||
t.Claims["exp"] = time.Now().Unix() + 10 |
|||
t.Claims["sub"] = fileId |
|||
encoded, e := t.SignedString(secret) |
|||
if e != nil { |
|||
glog.V(0).Infof("Failed to sign claims: %v", t.Claims) |
|||
return "" |
|||
} |
|||
return EncodedJwt(encoded) |
|||
} |
|||
|
|||
func GetJwt(r *http.Request) EncodedJwt { |
|||
|
|||
// Get token from query params
|
|||
tokenStr := r.URL.Query().Get("jwt") |
|||
|
|||
// Get token from authorization header
|
|||
if tokenStr == "" { |
|||
bearer := r.Header.Get("Authorization") |
|||
if len(bearer) > 7 && strings.ToUpper(bearer[0:6]) == "BEARER" { |
|||
tokenStr = bearer[7:] |
|||
} |
|||
} |
|||
|
|||
// Get token from cookie
|
|||
if tokenStr == "" { |
|||
cookie, err := r.Cookie("jwt") |
|||
if err == nil { |
|||
tokenStr = cookie.Value |
|||
} |
|||
} |
|||
|
|||
return EncodedJwt(tokenStr) |
|||
} |
|||
|
|||
func EncodeJwt(secret Secret, claims map[string]interface{}) (EncodedJwt, error) { |
|||
if secret == "" { |
|||
return "", nil |
|||
} |
|||
|
|||
t := jwt.New(jwt.GetSigningMethod("HS256")) |
|||
t.Claims = claims |
|||
encoded, e := t.SignedString(secret) |
|||
return EncodedJwt(encoded), e |
|||
} |
|||
|
|||
func DecodeJwt(secret Secret, tokenString EncodedJwt) (token *jwt.Token, err error) { |
|||
// check exp, nbf
|
|||
return jwt.Parse(string(tokenString), func(token *jwt.Token) (interface{}, error) { |
|||
return secret, nil |
|||
}) |
|||
} |
Write
Preview
Loading…
Cancel
Save
Reference in new issue