Support Wildcard Auth Excludes (#1357)

Co-authored-by: Ben Toogood <ben@micro.mu>
This commit is contained in:
ben-toogood 2020-03-17 16:03:49 +00:00 committed by GitHub
parent ab73127063
commit b3c631dd38
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -7,6 +7,11 @@ import (
"github.com/micro/go-micro/v2/auth"
)
var (
// DefaultExcludes is the paths which are allowed by default
DefaultExcludes = []string{"/favicon.ico"}
)
// CombinedAuthHandler wraps a server and authenticates requests
func CombinedAuthHandler(h http.Handler) http.Handler {
return authHandler{
@ -30,14 +35,24 @@ func (h authHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
// Return if the user disabled auth on this endpoint
excludes := h.auth.Options().Exclude
excludes = append(excludes, DefaultExcludes...)
if len(loginURL) > 0 {
excludes = append(excludes, loginURL)
}
for _, e := range excludes {
// is a standard exclude, e.g. /rpc
if e == req.URL.Path {
h.handler.ServeHTTP(w, req)
return
}
// is a wildcard exclude, e.g. /services/*
wildcard := strings.Replace(e, "*", "", 1)
if strings.HasSuffix(e, "*") && strings.HasPrefix(req.URL.Path, wildcard) {
h.handler.ServeHTTP(w, req)
return
}
}
var token string