Documentation
¶
Index ¶
- Variables
- func CheckWebSocketOrigin(r *http.Request) bool
- func GenerateToken(userID uint, email string, isAdmin bool, secret string, expireSeconds int) (string, error)
- func IsWebSocketOriginAllowed(r *http.Request, allowedOrigins []string) bool
- func Redact(s string) string
- func RedactEmail(email string) string
- func RedactIP(ip string) string
- func RedactJSON(jsonStr string) string
- func RedactMap(data map[string]any) map[string]any
- type Claims
- type LogSafe
- type SensitiveString
Constants ¶
This section is empty.
Variables ¶
View Source
var SensitiveKeys = []string{
"password",
"secret",
"api_key",
"apikey",
"api-key",
"token",
"access_token",
"refresh_token",
"auth_key",
"private_key",
"credential",
}
SensitiveKeys 敏感字段名列表
Functions ¶
func CheckWebSocketOrigin ¶
CheckWebSocketOrigin applies the server CORS origin allowlist to WebSocket upgrades while still allowing same-host browser upgrades and non-browser clients that do not send an Origin header.
func GenerateToken ¶
func GenerateToken(userID uint, email string, isAdmin bool, secret string, expireSeconds int) (string, error)
GenerateToken 生成JWT token
func IsWebSocketOriginAllowed ¶
IsWebSocketOriginAllowed validates a WebSocket Origin header against the request host and an explicit origin allowlist.
func RedactEmail ¶
RedactEmail 脱敏邮箱 规则:保留 @ 前2位和 @ 后完整域名 例如:admin@example.com -> ad***@example.com
Types ¶
type Claims ¶
type Claims struct {
UserID uint `json:"user_id"`
Email string `json:"email"`
IsAdmin bool `json:"is_admin"`
jwt.RegisteredClaims
}
func ParseToken ¶
ParseToken 解析JWT token (自动从配置获取secret)
type LogSafe ¶
type LogSafe struct {
// contains filtered or unexported fields
}
LogSafe 生成安全的日志字符串
type SensitiveString ¶
type SensitiveString string
SensitiveString 敏感字符串类型,打印时自动脱敏
func (SensitiveString) MarshalJSON ¶
func (s SensitiveString) MarshalJSON() ([]byte, error)
MarshalJSON 实现 JSON 序列化,返回脱敏值
Click to show internal directories.
Click to hide internal directories.