英文:
What is the correct solution to pass 2 objects to the handlers
问题
你好,
有一个需求,需要在每个请求中传递一个JSON对象来进行身份验证。
为了实现这个目的,我正在使用gorilla包。
func middlewareFirstAuthCheck(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
log.Println("middlewareFirstAuthCheck - Before Handler")
// 在这里处理身份验证的逻辑
next.ServeHTTP(w, r)
})
}
func StandartHandler(w http.ResponseWriter, r *http.Request) {
// 在这里处理标准处理程序的逻辑
}
在标准处理程序中,我接受JSON对象,在middlewareFirstAuthCheck中,我接受不同的JSON对象。
middlewareFirstAuthCheck会首先执行。
对于如何正确实现这个功能,我理解了需要做什么,但具体如何实现还需要进一步讨论。
英文:
Hi
there is a need to pass a json object to check authentication in each request
for this purpose i am using gorilla package
func middlewareFirstAuthCheck(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
log.Println("middlewareFirstAuthCheck - Before Handler")
next.ServeHTTP(w, r)
})
}
func StandartHandler(w http.ResponseWriter, r *http.Request) {
}
in standard handler i accept json object, and in middlewareFirstAuthCheck i accept different json object
middlewareFirstAuthCheck is executed first
there is an understanding of what needs to be done, but how to implement it correctly?
答案1
得分: 1
请记住,此函数内部运行的代码对于多路复用服务器来说是不安全的:
func middlewareFirstAuthCheck(next http.Handler) http.Handler {
// 如果你有一个多路复用服务器,不要处理与请求相关的内容
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
log.Println("middlewareFirstAuthCheck - Before Handler")
// 在这里可以获取r.Body或r.Headers以进行用户身份验证
next.ServeHTTP(w, r)
})
}
理想情况下,如果你想处理权限,你应该根据端点的范围在中间件上设置它们。类似于:
// 请忽略可怕的函数/变量名称
router.Get("/url", authMiddlewareForScope(s.handleTask(), "scope:to:handle:task"))
如果你希望这些角色可以由你的应用程序进行配置,你将需要一个更优雅的解决方案。
如果有任何问题,请告诉我。
英文:
Keep in mind that the code running inside this function is not safe for a mux server:
func middlewareFirstAuthCheck(next http.Handler) http.Handler {
// don't manage something related to request if you have a mux server
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
log.Println("middlewareFirstAuthCheck - Before Handler")
// you could get the r.Body or r.Headers here to get the user authenticated
next.ServeHTTP(w, r)
})
}
Ideally if you wanna handle permissions you should be setting them on the middleware depending the scope of your endpoint. Something like:
// please don't mind the terrible function/variable names
router.Get("/url", authMiddlewareForScope(s.handleTask(), "scope:to:handle:task"))
If you want this roles to be configurable by your application you will need a more elegant solution.
Please let me know if
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论