mirror of
https://github.com/nezhahq/nezha.git
synced 2025-01-23 13:18:13 -05:00
47 lines
1.1 KiB
Go
47 lines
1.1 KiB
Go
package rpc
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/naiba/nezha/service/dao"
|
|
"google.golang.org/grpc/codes"
|
|
"google.golang.org/grpc/metadata"
|
|
"google.golang.org/grpc/status"
|
|
)
|
|
|
|
type AuthHandler struct {
|
|
ClientSecret string
|
|
}
|
|
|
|
func (a *AuthHandler) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error) {
|
|
return map[string]string{"client_secret": a.ClientSecret}, nil
|
|
}
|
|
|
|
func (a *AuthHandler) RequireTransportSecurity() bool {
|
|
return false
|
|
}
|
|
|
|
func (a *AuthHandler) Check(ctx context.Context) (uint64, error) {
|
|
md, ok := metadata.FromIncomingContext(ctx)
|
|
if !ok {
|
|
return 0, status.Errorf(codes.Unauthenticated, "获取 metaData 失败")
|
|
}
|
|
|
|
var clientSecret string
|
|
if value, ok := md["client_secret"]; ok {
|
|
clientSecret = value[0]
|
|
}
|
|
|
|
dao.ServerLock.RLock()
|
|
defer dao.ServerLock.RUnlock()
|
|
clientID, hasID := dao.SecretToID[clientSecret]
|
|
if !hasID {
|
|
return 0, status.Errorf(codes.Unauthenticated, "客户端认证失败")
|
|
}
|
|
_, hasServer := dao.ServerList[clientID]
|
|
if !hasServer {
|
|
return 0, status.Errorf(codes.Unauthenticated, "客户端认证失败")
|
|
}
|
|
return clientID, nil
|
|
}
|