Documentation
¶
Index ¶
- Constants
- Variables
- func CasbinMiddleware(enforcer *casbin.Enforcer) echo.MiddlewareFunc
- func Check(content, encrypted string) bool
- func CheckAccessToken(next echo.HandlerFunc) echo.HandlerFunc
- func CompareHashAndPassword(hashedPassword, password []byte) error
- func CreateAccessToken(userID, tenantID, accountID uuid.UUID, email, username, roleName string) (string, error)
- func CreateRefreshToken(userID, tenantID, accountID uuid.UUID, email, username, roleName string) (string, error)
- func Encode(data string) string
- func GenerateFromPassword(password []byte, cost int) ([]byte, error)
- func GenerateRandomKey(length int) (string, error)
- func GenerateUsername() string
- func InitLogger()
- func SessionMiddleware(next echo.HandlerFunc) echo.HandlerFunc
- func SetCSRFToken(next echo.HandlerFunc) echo.HandlerFunc
- func UUID() string
- func ValidAccessTokenConfig() echojwt.Config
- func ValidateRefreshTokenConfig() echojwt.Config
- type JwtCustomClaims
Constants ¶
View Source
const ( MinCost int = 4 // the minimum allowable cost as passed in to GenerateFromPassword MaxCost int = 31 // the maximum allowable cost as passed in to GenerateFromPassword DefaultCost int = 10 // the cost that will actually be set if a cost below MinCost is passed into GenerateFromPassword )
View Source
const ( PlatformName = "CloudSecPlatform" ManagementTenant = "systemTenant" DefaultTenant = "defaultTenant" Account = "systemAccount" UserName = "SuperAdmin" )
View Source
const ( UserResourceType = "user" ConfigResourceType = "config" TenantResourceType = "tenant" AccountResourceType = "account" ProjectResourceType = "project" AuditLogResourceType = "audit-log" RoleResourceType = "role" PolicyResourceType = "policy" )
View Source
const ( // ActionConfigRead ActionConfig ActionConfigRead = "config:read" ActionConfigUpdateDatabase = "config:update:database" ActionConfigUpdateNetwork = "config:update:network" // ActionTenantCreate Tenant Actions ActionTenantCreate = "tenant:create" ActionTenantRead = "tenant:read" ActionTenantUpdate = "tenant:update" ActionTenantDelete = "tenant:delete" // ActionUserCreate User Actions ActionUserCreate = "user:create" ActionUserRead = "user:read" ActionUserUpdate = "user:update" ActionUserDelete = "user:delete" // ActionRoleCreate ActionUserCreate User Actions ActionRoleCreate = "role:create" ActionRoleRead = "role:read" ActionRoleUpdate = "role:update" ActionRoleDelete = "role:delete" // ActionProjectCreate Project Actions ActionProjectCreate = "project:create" ActionProjectRead = "project:read" ActionProjectUpdate = "project:update" ActionProjectDelete = "project:delete" // ActionAuditLogRead Audit Log Actions ActionAuditLogRead = "audit-log:read" ActionAuditLogExport = "audit-log:export" )
View Source
const ( ResourceUserAll = "rrn:" + PlatformName + ":*:*:user:*" // 匹配所有租户和账户的用户 ResourceUserSpecific = "rrn:" + PlatformName + ":%s:%s:user:%s" // 匹配特定租户和账户的用户 ResourceConfigAll = "rrn:" + PlatformName + ":*:*:config:*" ResourceConfigSpecific = "rrn:" + PlatformName + ":%s:%s:config:%s" ResourceTenantAll = "rrn:" + PlatformName + ":*:*:tenant:*" ResourceAccountAll = "rrn:" + PlatformName + ":*:*:account:*" ResourceProjectAll = "rrn:" + PlatformName + ":*:*:project:*" ResourceAuditLogAll = "rrn:" + PlatformName + ":*:*:audit-log:*" ResourceRoleAll = "rrn:" + PlatformName + ":*:*:role:*" ResourcePolicyAll = "rrn:" + PlatformName + ":*:*:policy:*" )
Variables ¶
View Source
var ( AccessTokenSecret string RefreshTokenSecret string )
在代码中直接定义密钥(使用随机密钥)
View Source
var ErrMismatchedHashAndPassword = errors.New("crypto/bcrypt: hashedPassword is not the hash of the given password")
View Source
var Log *zap.Logger
Log zapLog对象
Functions ¶
func CasbinMiddleware ¶
func CasbinMiddleware(enforcer *casbin.Enforcer) echo.MiddlewareFunc
func CheckAccessToken ¶
func CheckAccessToken(next echo.HandlerFunc) echo.HandlerFunc
CheckAccessToken 中间件用于检查访问令牌
func CompareHashAndPassword ¶
func CreateAccessToken ¶
func CreateAccessToken(userID, tenantID, accountID uuid.UUID, email, username, roleName string) (string, error)
CreateAccessToken 创建JWT访问令牌
func CreateRefreshToken ¶
func CreateRefreshToken(userID, tenantID, accountID uuid.UUID, email, username, roleName string) (string, error)
CreateRefreshToken 创建刷新令牌
func GenerateRandomKey ¶
GenerateRandomKey 生成随机密钥的函数
func SessionMiddleware ¶
func SessionMiddleware(next echo.HandlerFunc) echo.HandlerFunc
func SetCSRFToken ¶
func SetCSRFToken(next echo.HandlerFunc) echo.HandlerFunc
func ValidAccessTokenConfig ¶
ValidAccessTokenConfig 配置有效的访问令牌
func ValidateRefreshTokenConfig ¶
ValidateRefreshTokenConfig 验证刷新令牌
Types ¶
type JwtCustomClaims ¶
type JwtCustomClaims struct {
UserID uuid.UUID `json:"user_id"`
Email string `json:"email"`
Username string `json:"username"`
TenantID uuid.UUID `json:"tenant_id"`
RoleName string `json:"role_name"` // 存储单个角色的名称
AccountID uuid.UUID `json:"account_id"`
jwt.RegisteredClaims
}
JwtCustomClaims 在全局范围内定义你的jwtCustomClaims类型
Source Files
Click to show internal directories.
Click to hide internal directories.