unistack-org/micro
4
0
Fork 2
Code Issues 18 Pull Requests Actions Packages Projects Releases 331 Wiki Activity

Auth Improvements (#1195)

Browse Source 
* Exclude Stats & Trace from Auth

* Update Excluded Endpoints Format

* Tweak Implementation
This commit is contained in:
ben-toogood
2020-02-13 14:07:14 +00:00
committed by GitHub
parent ea70711dd3
commit e080ecb43a
2 changed files with 7 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/cmd/cmd.go
View File

@@ -257,7 +257,7 @@ var (
&cli.StringSliceFlag{ &cli.StringSliceFlag{
Name: "auth_exclude", Name: "auth_exclude",
EnvVars: []string{"MICRO_AUTH_EXCLUDE"}, EnvVars: []string{"MICRO_AUTH_EXCLUDE"},
Usage: "Comma-separated list of endpoints excluded from authentication", Usage: "Comma-separated list of endpoints excluded from authentication, e.g. Users.ListUsers",
}, },
} }

16
util/wrapper/wrapper.go
View File

@@ -145,18 +145,14 @@ func AuthHandler(fn func() auth.Auth) server.HandlerWrapper {
// get the auth.Auth interface // get the auth.Auth interface
a := fn() a := fn()
// Extract endpoint and remove service name prefix // Check for debug endpoints which should be excluded from auth
// (e.g. Platform.ListServices => ListServices) if strings.HasPrefix(req.Endpoint(), "Debug.") {
var endpoint string return h(ctx, req, rsp)
if ec := strings.Split(req.Endpoint(), "."); len(ec) == 2 {
endpoint = ec[1]
} }
// Check for endpoints excluded from auth. If the endpoint // Exclude any user excluded endpoints
// matches, execute the handler and return for _, e := range a.Options().Excludes {
excludes := append(a.Options().Excludes, "Stats", "Trace") if e == req.Endpoint() {
for _, e := range excludes {
if e == endpoint {
return h(ctx, req, rsp) return h(ctx, req, rsp)
} }
} }