1
0
mirror of https://github.com/astaxie/beego.git synced 2024-11-22 12:20:54 +00:00

apiauth add more comments & improve

This commit is contained in:
astaxie 2014-08-28 10:05:02 +08:00
parent 5a087b28d2
commit 50a21d60c1
2 changed files with 29 additions and 9 deletions

View File

@ -21,10 +21,35 @@
// //
// func main(){ // func main(){
// // apiauth every request // // apiauth every request
// beego.InsertFilter("*", beego.BeforeRouter,auth.APIAuth("appid","appkey")) // beego.InsertFilter("*", beego.BeforeRouter,apiauth.APIBaiscAuth("appid","appkey"))
// beego.Run() // beego.Run()
// } // }
// //
// Advanced Usage:
//
// func getAppSecret(appid string) string {
// // get appsecret by appid
// // maybe store in configure, maybe in database
// }
//
// beego.InsertFilter("*", beego.BeforeRouter,apiauth.APIAuthWithFunc(getAppSecret, 360))
//
// in the request user should include these params in the query
//
// 1. appid
//
// appid is asigned to the application
//
// 2. signature
//
// get the signature use apiauth.Signature()
//
// >>> should use url.QueryEscape()
//
// 3. timestamp:
//
// send the request time, the format is yyyy-mm-dd HH:ii:ss
//
package apiauth package apiauth
import ( import (
@ -34,7 +59,6 @@ import (
"fmt" "fmt"
"net/url" "net/url"
"sort" "sort"
"strings"
"time" "time"
"github.com/astaxie/beego" "github.com/astaxie/beego"
@ -83,7 +107,7 @@ func APIAuthWithFunc(f AppIdToAppSecret, timeout int) beego.FilterFunc {
return return
} }
t := time.Now() t := time.Now()
if (t.Second() - u.Second()) > timeout { if t.Sub(u).Seconds() > float64(timeout) {
ctx.Output.SetStatus(403) ctx.Output.SetStatus(403)
ctx.WriteString("timeout! the request time is long ago, please try again") ctx.WriteString("timeout! the request time is long ago, please try again")
return return
@ -117,12 +141,7 @@ func Signature(appsecret, method string, params url.Values, RequestURI string) (
sha256 := sha256.New sha256 := sha256.New
hash := hmac.New(sha256, []byte(appsecret)) hash := hmac.New(sha256, []byte(appsecret))
hash.Write([]byte(string_to_sign)) hash.Write([]byte(string_to_sign))
sha := base64.StdEncoding.EncodeToString(hash.Sum(nil)) return base64.StdEncoding.EncodeToString(hash.Sum(nil))
sha = url.QueryEscape(sha)
sha = strings.Replace(sha, "+", "%20", -1)
sha = strings.Replace(sha, "*", "%2A", -1)
sha = strings.Replace(sha, "%7E", "~", -1)
return sha
} }
type valSorter struct { type valSorter struct {

View File

@ -27,6 +27,7 @@
// //
// //
// Advanced Usage: // Advanced Usage:
//
// func SecretAuth(username, password string) bool { // func SecretAuth(username, password string) bool {
// return username == "astaxie" && password == "helloBeego" // return username == "astaxie" && password == "helloBeego"
// } // }