42 lines
834 B
Go
42 lines
834 B
Go
package main
|
|
|
|
import (
|
|
"strings"
|
|
|
|
restful "github.com/emicklei/go-restful"
|
|
)
|
|
|
|
func adminAuth(req *restful.Request, resp *restful.Response, chain *restful.FilterChain) {
|
|
tokenAuth(req, resp, chain, adminToken)
|
|
}
|
|
|
|
func tokenAuth(req *restful.Request, resp *restful.Response, chain *restful.FilterChain, allowedTokens ...string) {
|
|
token := getToken(req)
|
|
|
|
for _, allowedToken := range allowedTokens {
|
|
if allowedToken != "" && token == allowedToken {
|
|
chain.ProcessFilter(req, resp)
|
|
return
|
|
}
|
|
}
|
|
|
|
wsError(resp, ErrUnauthorized)
|
|
return
|
|
}
|
|
|
|
func getToken(req *restful.Request) string {
|
|
const bearerPrefix = "Bearer "
|
|
|
|
token := req.HeaderParameter("Authorization")
|
|
|
|
if token == "" {
|
|
return req.QueryParameter("token")
|
|
}
|
|
|
|
if !strings.HasPrefix(token, bearerPrefix) {
|
|
return token
|
|
}
|
|
|
|
return token[len(bearerPrefix):]
|
|
}
|