将2个对象传递给处理程序的正确解决方案是什么?

huangapple go评论89阅读模式
英文:

What is the correct solution to pass 2 objects to the handlers

问题

你好,
有一个需求,需要在每个请求中传递一个JSON对象来进行身份验证。

为了实现这个目的,我正在使用gorilla包。

func middlewareFirstAuthCheck(next http.Handler) http.Handler {
    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
        log.Println("middlewareFirstAuthCheck - Before Handler")
        
        // 在这里处理身份验证的逻辑
        
        next.ServeHTTP(w, r)
    })
}

func StandartHandler(w http.ResponseWriter, r *http.Request) {
    // 在这里处理标准处理程序的逻辑
}

在标准处理程序中,我接受JSON对象,在middlewareFirstAuthCheck中,我接受不同的JSON对象。

middlewareFirstAuthCheck会首先执行。

对于如何正确实现这个功能,我理解了需要做什么,但具体如何实现还需要进一步讨论。

英文:

Hi
there is a need to pass a json object to check authentication in each request

for this purpose i am using gorilla package

func middlewareFirstAuthCheck(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
log.Println("middlewareFirstAuthCheck - Before Handler")


next.ServeHTTP(w, r)

})
}

func StandartHandler(w http.ResponseWriter, r *http.Request) {


}

in standard handler i accept json object, and in middlewareFirstAuthCheck i accept different json object

middlewareFirstAuthCheck is executed first

there is an understanding of what needs to be done, but how to implement it correctly?

答案1

得分: 1

请记住,此函数内部运行的代码对于多路复用服务器来说是不安全的:

func middlewareFirstAuthCheck(next http.Handler) http.Handler {
    // 如果你有一个多路复用服务器,不要处理与请求相关的内容
    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
        log.Println("middlewareFirstAuthCheck - Before Handler")
        // 在这里可以获取r.Body或r.Headers以进行用户身份验证
        next.ServeHTTP(w, r)
    })
}

理想情况下,如果你想处理权限,你应该根据端点的范围在中间件上设置它们。类似于:

// 请忽略可怕的函数/变量名称
router.Get("/url", authMiddlewareForScope(s.handleTask(), "scope:to:handle:task"))

如果你希望这些角色可以由你的应用程序进行配置,你将需要一个更优雅的解决方案。

如果有任何问题,请告诉我。

英文:

Keep in mind that the code running inside this function is not safe for a mux server:

func middlewareFirstAuthCheck(next http.Handler) http.Handler {
    // don't manage something related to request if you have a mux server
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		log.Println("middlewareFirstAuthCheck - Before Handler")
	    // you could get the r.Body or r.Headers here to get the user authenticated
	    next.ServeHTTP(w, r)
	})
}

Ideally if you wanna handle permissions you should be setting them on the middleware depending the scope of your endpoint. Something like:

// please don't mind the terrible function/variable names
router.Get("/url", authMiddlewareForScope(s.handleTask(), "scope:to:handle:task"))

If you want this roles to be configurable by your application you will need a more elegant solution.

Please let me know if

huangapple
  • 本文由 发表于 2022年5月11日 18:06:45
  • 转载请务必保留本文链接:https://go.coder-hub.com/72199158.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定