Support Wildcard Auth Excludes (#1357)

Co-authored-by: Ben Toogood <ben@micro.mu>
This commit is contained in:
ben-toogood 2020-03-17 16:03:49 +00:00 committed by GitHub
parent ab73127063
commit b3c631dd38
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -7,6 +7,11 @@ import (
"github.com/micro/go-micro/v2/auth" "github.com/micro/go-micro/v2/auth"
) )
var (
// DefaultExcludes is the paths which are allowed by default
DefaultExcludes = []string{"/favicon.ico"}
)
// CombinedAuthHandler wraps a server and authenticates requests // CombinedAuthHandler wraps a server and authenticates requests
func CombinedAuthHandler(h http.Handler) http.Handler { func CombinedAuthHandler(h http.Handler) http.Handler {
return authHandler{ return authHandler{
@ -30,14 +35,24 @@ func (h authHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
// Return if the user disabled auth on this endpoint // Return if the user disabled auth on this endpoint
excludes := h.auth.Options().Exclude excludes := h.auth.Options().Exclude
excludes = append(excludes, DefaultExcludes...)
if len(loginURL) > 0 { if len(loginURL) > 0 {
excludes = append(excludes, loginURL) excludes = append(excludes, loginURL)
} }
for _, e := range excludes { for _, e := range excludes {
// is a standard exclude, e.g. /rpc
if e == req.URL.Path { if e == req.URL.Path {
h.handler.ServeHTTP(w, req) h.handler.ServeHTTP(w, req)
return return
} }
// is a wildcard exclude, e.g. /services/*
wildcard := strings.Replace(e, "*", "", 1)
if strings.HasSuffix(e, "*") && strings.HasPrefix(req.URL.Path, wildcard) {
h.handler.ServeHTTP(w, req)
return
}
} }
var token string var token string