show static image based on users in golang gin

huangapple go评论84阅读模式
英文:

show static image based on users in golang gin

问题

我正在使用Gin框架。我有一个包含一些课程信息的数据库。用户可以注册课程并访问内容。内容包括图片、视频和音频。

我在数据库中存储这些内容的相对路径,例如:

Content\Courses\CourseOne\Unit_1\image.jpg

然后在Gin中将其转换为实际路径:

route := gin.Default()
route.Static("/Content","./Media")

一切都正常工作,但是我想在访问内容之前对用户进行身份验证。在上述方式中,所有用户都可以通过更改所需模式的地址来访问任何数据。但是我希望只有注册了课程的用户才能访问数据,否则返回404错误。

我该如何实现这个功能?

编辑

由于要求解释身份验证的实现方式:

我使用JWT进行身份验证。每个用户都有一个HashID。我有一个名为UserCourses的表,用户购买课程后会将用户信息插入该表。

这是我的课程路由:

route.GET("api/v1/courses", handler.GetCourses)

这是我的处理程序:

func GetCourses(context *gin.Context) {
    hashID, status, err := repository.GetToken(context)
    if err != nil {
        context.IndentedJSON(status, err)
        return
    }
    courses := make([]model.CourseAPI, 0)
    userInfo := model.Users{HashID: hashID}
    err = repository.DatabaseInstance.GetCourses(&courses, &userInfo)
    if err != nil {
        context.IndentedJSON(http.StatusServiceUnavailable, err)
        return
    }
    context.IndentedJSON(http.StatusOK, gin.H{"courses": courses})
}

JWT令牌由客户端在标头中传递。我获取令牌并对其进行验证。令牌包含用户的HashID,我在UserCourses表中检查该HashID。除了课程信息之外,还有一个名为isRegistered的变量。如果HashID在UserCourses表中注册了任何课程,那么该课程的isRegistered变为true,否则为false

英文:

I'm using the Gin framework. I have a database that contains some course info. Users can register in the courses and access the contents. The contents are image, video, and audio.
I store the relative location of these contents in my database like this:

Content\Courses\CourseOne\Unit_1\image.jpg

and change it to the actual location in gin:

route := gin.Default()
route.Static("/Content","./Media")

Everything works fine, but I am looking for a way to authenticate users before accessing the contents. In the above-mentioned way, all users can access any data by changing the desired pattern's address. But I want if the user is registered in the course, be able to access data, otherwise, get a 404 error.
how can I do that?

Edit

since it was asked to explain the implementation of authentication:

I used JWT for authentication. so each user has a HashID.
I have a table called UserCourses and the user info would be inserted after purchasing a course.

this is my course route:

route.GET("api/v1/courses", handler.GetCourses)

and my handler:

func GetCourses(context *gin.Context) {
	hashID, status, err := repository.GetToken(context)
	if err != nil {
		context.IndentedJSON(status, err)
		return
	}
	courses := make([]model.CourseAPI, 0)
	userInfo := model.Users{HashID: hashID}
	err = repository.DatabaseInstance.GetCourses(&courses, &userInfo)
	if err != nil {
		context.IndentedJSON(http.StatusServiceUnavailable, err)
		return
	}
	context.IndentedJSON(http.StatusOK, gin.H{"courses": courses})
}

The JWT token is passed by the client in the header. so I get the token and validate it. The token contains the user HashID and I check for that HashID in the UserCourses table. besides the course info, there is a variable called isRegistered.if the HashID was registered for any course in UserCourses table,the isRegistered become true for that course otherwise false.

答案1

得分: 2

你可以通过创建路由组并应用身份验证中间件来实现。

r = gin.Default()

// 公共路由
r.GET("public", publicHandler)

// 路由组
auth = r.Group("/")
// 在路由组内使用身份验证中间件
auth.Use(AuthMiddleware())
// 在身份验证中间件之前运行的路由
auth.Static("/Content","./Media")
英文:

You can create group route and apply authentication middleware through it

r = gin.Default()

// public routes
r.GET("public", publicHandler)

// routes group
auth = r.Group("/")
// authentication middleware within group
auth.Use(AuthMiddleware())
// route before which auth middleware will be run
auth.Static("/Content","./Media")

huangapple
  • 本文由 发表于 2021年8月29日 13:38:48
  • 转载请务必保留本文链接:https://go.coder-hub.com/68970166.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定