-
Notifications
You must be signed in to change notification settings - Fork 91
/
Copy pathmain.go
71 lines (57 loc) · 2.08 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
package main
import (
"github.com/kataras/iris/v12"
"github.com/kataras/iris/v12/middleware/basicauth"
"github.com/iris-contrib/middleware/casbin"
)
// $ go get github.com/casbin/casbin/v2@v2.65.1
// $ go run main.go
func newApp() *iris.Application {
app := iris.New()
casbinMiddleware, err := casbin.NewEnforcer("casbinmodel.conf", "casbinpolicy.csv")
if err != nil {
panic(err)
}
/* The Casbin authorization determines a request based on `{subject, object, action}`.
Please refer to: https://github.com/casbin/casbin to understand how it works first.
The object is the current request's path and the action is the current request's method.
The subject is extracted by the current request's ctx.User().GetUsername(),
you can customize it by:
1. casbinMiddleware.SubjectExtractor = func(ctx iris.Context) string {
// [...custom logic]
return "bob"
}
2. by SetSubject package-level function:
func auth(ctx iris.Context) {
casbin.SetSubject(ctx, "bob")
ctx.Next()
}
*/
app.UseRouter(basicauth.Default(map[string]string{
"bob": "bobpass",
"alice": "alicepass",
}))
// Note that by registering with UseRouter instead of Use,
// and becauese the middleware stops the execution with 403 (Forbidden) by default,
// if the authentication and roles match failed,
// unregistered route paths will fire 403 instead of 404 (Not Found).
app.UseRouter(casbinMiddleware.ServeHTTP)
app.Get("/", hi)
app.Any("/dataset1/{p:path}", hi) // p, dataset1_admin, /dataset1/*, * && p, alice, /dataset1/*, GET
app.Post("/dataset1/resource1", hi)
app.Get("/dataset2/resource2", hi)
app.Post("/dataset2/folder1/{p:path}", hi)
app.Any("/dataset2/resource1", hi)
return app
}
func main() {
app := newApp()
app.Listen(":8080")
}
func hi(ctx iris.Context) {
ctx.Writef("Hello %s", casbin.Subject(ctx))
// Note that, by default, the username is extracted by ctx.User().GetUsername()
// to change that behavior modify the `casbin.SubjectExtractor` or
// use the `casbin.SetSubject` to set a custom subject for the current request
// before the casbin middleware's execution.
}