nezha/service/rpc/auth.go

47 lines
1.1 KiB
Go
Raw Normal View History

2019-12-08 03:59:58 -05:00
package rpc
2019-12-07 05:14:40 -05:00
import (
"context"
2020-11-10 21:07:45 -05:00
"github.com/naiba/nezha/service/dao"
2019-12-07 05:14:40 -05:00
"google.golang.org/grpc/codes"
"google.golang.org/grpc/metadata"
"google.golang.org/grpc/status"
)
type AuthHandler struct {
2019-12-09 03:02:49 -05:00
ClientSecret string
2019-12-07 05:14:40 -05:00
}
func (a *AuthHandler) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error) {
return map[string]string{"client_secret": a.ClientSecret}, nil
2019-12-07 05:14:40 -05:00
}
func (a *AuthHandler) RequireTransportSecurity() bool {
2021-05-10 06:04:38 -04:00
return false
2019-12-07 05:14:40 -05:00
}
func (a *AuthHandler) Check(ctx context.Context) (uint64, error) {
2019-12-07 05:14:40 -05:00
md, ok := metadata.FromIncomingContext(ctx)
if !ok {
return 0, status.Errorf(codes.Unauthenticated, "获取 metaData 失败")
2019-12-07 05:14:40 -05:00
}
2021-01-08 08:04:50 -05:00
var clientSecret string
2019-12-09 05:14:31 -05:00
if value, ok := md["client_secret"]; ok {
clientSecret = value[0]
2019-12-07 05:14:40 -05:00
}
2019-12-09 05:14:31 -05:00
dao.ServerLock.RLock()
defer dao.ServerLock.RUnlock()
clientID, hasID := dao.SecretToID[clientSecret]
if !hasID {
return 0, status.Errorf(codes.Unauthenticated, "客户端认证失败")
}
_, hasServer := dao.ServerList[clientID]
if !hasServer {
return 0, status.Errorf(codes.Unauthenticated, "客户端认证失败")
2019-12-07 05:14:40 -05:00
}
return clientID, nil
2019-12-07 05:14:40 -05:00
}