DEV Community: luxion The latest articles on DEV Community by luxion (@luxion). https://dev.to/luxion https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1184056%2F3fb9c03d-e477-4cf2-806a-383f3be3a1e7.jpeg DEV Community: luxion https://dev.to/luxion en Token-go: A lightweight library for login authentication luxion Sat, 02 Dec 2023 12:59:23 +0000 https://dev.to/luxion/token-go-a-lightweight-library-for-login-authentication-2hi https://dev.to/luxion/token-go-a-lightweight-library-for-login-authentication-2hi <p><a href="https://github.com/weloe/token-go">https://github.com/weloe/token-go</a></p> <p><strong>What does it do?</strong><br> This library focuses on solving login authentication problems, such as: login, multi-account login, shared token login, token refresh, double token refresh, QR Code login, logout, kickout, banned, second auth, temp-token, SSO …<br> Using this library can simplify the authentication and authorization business, and only a few lines of code are needed to implement the above business.<br> Some using examples:<br> <code>login token, err := enforcer.Login("1", tokenGo.NewHttpContext(req, w))</code><br> <code>logout err := enforcer.Logout(tokenGo.NewHttpContext(req, w))</code><br> <code>Banned err = enforcer.Banned("1", "test", 1, 100)</code><br> <code>check login b, err := enforcer.IsLogin(tokenGo.NewHttpContext(req, w))</code></p> <p><strong>Features</strong></p> <p>Encapsulated multiple login policies, multi-account system login, same-end login, same-end mutually exclusive login, multi-terminal login, multi-terminal mutual exclusion login, scan code login, SSO single sign-on.<br> Encapsulate permission authentication functions, such as temporary tokens, second-level authentication, role authentication, and permission authentication.<br> Encapsulate multiple user session management methods, such as forced logout, kicking people offline, account banning, token auto-renewal, and dual-token renewal.</p> <p><strong>Manual</strong><br> <a href="https://github.com/weloe/token-go/wiki">https://github.com/weloe/token-go/wiki</a></p> github go programming tutorial Use golang to encapsulate and implement scan code login luxion Sat, 28 Oct 2023 09:08:15 +0000 https://dev.to/luxion/use-golang-to-encapsulate-and-implement-scan-code-login-101a https://dev.to/luxion/use-golang-to-encapsulate-and-implement-scan-code-login-101a <h1> Use go to encapsulate and implement code scanning login </h1> <p>I will talk about the implementation and usage of token-go scan code login.</p> <p>Github: <a href="https://github.com/weloe/token-go">https://github.com/weloe/token-go</a></p> <h2> Scan code login process </h2> <ol> <li><p>Open the login page, display a QR code, and poll the QR code status (web)</p></li> <li><p>After opening the APP and scanning the QR code, the APP displays confirmation and cancel buttons (app)</p></li> <li><p>The login page displays the scanned user avatar and other information (web)</p></li> <li><p>The user clicks on the APP to confirm login (app)</p></li> <li><p>The login page learns from the polling QR code status that the user has confirmed login and obtains the login credentials (web)</p></li> <li><p>The page login is successful and enters the main application page (web)</p></li> </ol> <p>We can know that the logged in QR code has the following states:</p> <ol> <li><p>Waiting for scanning</p></li> <li><p>Scanned code, waiting for user confirmation</p></li> <li><p>The QR code has been scanned and the user agrees to authorize</p></li> <li><p>The QR code has been scanned and the user has canceled the authorization.</p></li> <li><p>expired</p></li> </ol> <p>And our code-scanning client (usually a mobile app) can modify the status of the QR code.</p> <ol> <li><p>Confirm that the code has been scanned</p></li> <li><p>Agree to authorize</p></li> <li><p>Cancel authorization</p></li> </ol> <h2> Implementation ideas </h2> <p>What we encapsulate is mainly the state maintenance of QR codes, not including the generation of QR codes. The generation of QR codes is left to the user.</p> <p>The commonly used methods for QR code status are as follows.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// QRCode api</span> <span class="n">CreateQRCodeState</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">,</span> <span class="n">timeout</span> <span class="kt">int64</span><span class="p">)</span> <span class="kt">error</span> <span class="n">GetQRCodeTimeout</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">int64</span> <span class="n">GetQRCode</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">)</span> <span class="o">*</span><span class="n">model</span><span class="o">.</span><span class="n">QRCode</span> <span class="n">GetQRCodeState</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">)</span> <span class="n">model</span><span class="o">.</span><span class="n">QRCodeState</span> <span class="n">Scanned</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">,</span> <span class="n">loginId</span> <span class="kt">string</span><span class="p">)</span> <span class="p">(</span><span class="kt">string</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="n">ConfirmAuth</span><span class="p">(</span><span class="n">QRCodeTempToken</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">error</span> <span class="n">CancelAuth</span><span class="p">(</span><span class="n">QRCodeTempToken</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">error</span> </code></pre> </div> <p>QRCodeId is used by us as the unique identifier of the QR code status.</p> <p>When creating a QR code, we need to pass in the QRCodeId and timeout to set the timeout of the QR code. After all, the QR code cannot be used permanently.</p> <p>Of course, the prerequisite for confirming that the code has been scanned is that you are logged in, so we use loginId as a parameter to bind it to QRCodeId.</p> <p>For authorization and cancellation of authorization, we use the temporary Token returned by the api to confirm the scan code to perform operations.</p> <p>The storage and acquisition of information are obtained using the Adapter inside the framework.</p> <h2> Code </h2> <h3> QR code status and information </h3> <p>First we need to set the QR code status</p> <p>Waiting to scan code——1</p> <p>Scanned code, waiting for user confirmation——2</p> <p>The QR code has been scanned and the user agrees to authorize——3</p> <p>The QR code has been scanned and the user has canceled authorization——4</p> <p>Expired - 5</p> <p>package model </p> <p>type QRCodeState int<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">model</span> <span class="k">type</span> <span class="n">QRCodeState</span> <span class="kt">int</span> <span class="c">// QRCode State</span> <span class="k">const</span> <span class="p">(</span> <span class="n">WaitScan</span> <span class="n">QRCodeState</span> <span class="o">=</span> <span class="m">1</span> <span class="n">WaitAuth</span> <span class="n">QRCodeState</span> <span class="o">=</span> <span class="m">2</span> <span class="n">ConfirmAuth</span> <span class="n">QRCodeState</span> <span class="o">=</span> <span class="m">3</span> <span class="n">CancelAuth</span> <span class="n">QRCodeState</span> <span class="o">=</span> <span class="m">4</span> <span class="n">Expired</span> <span class="n">QRCodeState</span> <span class="o">=</span> <span class="m">5</span> <span class="p">)</span> </code></pre> </div> <p>The information needed to maintain the QR code, that is, the unique id of the QR code, the current status of the QR code, and the unique id of the user for whom the QR code belongs.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">model</span> <span class="k">type</span> <span class="n">QRCodeState</span> <span class="kt">int</span> <span class="c">// QRCode State</span> <span class="k">const</span> <span class="p">(</span> <span class="n">WaitScan</span> <span class="n">QRCodeState</span> <span class="o">=</span> <span class="m">1</span> <span class="n">WaitAuth</span> <span class="n">QRCodeState</span> <span class="o">=</span> <span class="m">2</span> <span class="n">ConfirmAuth</span> <span class="n">QRCodeState</span> <span class="o">=</span> <span class="m">3</span> <span class="n">CancelAuth</span> <span class="n">QRCodeState</span> <span class="o">=</span> <span class="m">4</span> <span class="n">Expired</span> <span class="n">QRCodeState</span> <span class="o">=</span> <span class="m">5</span> <span class="p">)</span> </code></pre> </div> <h3> Initialize QR code status </h3> <p><a href="https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L229">https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L229</a></p> <p>Before scanning the QR code in the APP, we must first create a QR code status and set it to WaitScan, which is 1. To create QR code information, we use the Adapter interface inside our framework to store it.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">CreateQRCodeState</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">,</span> <span class="n">timeout</span> <span class="kt">int64</span><span class="p">)</span> <span class="kt">error</span> <span class="p">{</span> <span class="k">return</span> <span class="n">e</span><span class="o">.</span><span class="n">createQRCode</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">,</span> <span class="n">timeout</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">createQRCode</span><span class="p">(</span><span class="n">id</span> <span class="kt">string</span><span class="p">,</span> <span class="n">timeout</span> <span class="kt">int64</span><span class="p">)</span> <span class="kt">error</span> <span class="p">{</span> <span class="k">return</span> <span class="n">e</span><span class="o">.</span><span class="n">adapter</span><span class="o">.</span><span class="n">Set</span><span class="p">(</span><span class="n">e</span><span class="o">.</span><span class="n">spliceQRCodeKey</span><span class="p">(</span><span class="n">id</span><span class="p">),</span> <span class="n">model</span><span class="o">.</span><span class="n">NewQRCode</span><span class="p">(</span><span class="n">id</span><span class="p">),</span> <span class="n">timeout</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>e.spliceQRCodeKey is a splicing method for stored keys.</p> <h3> Get the remaining time of the QR code </h3> <p><a href="https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L319">https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L319</a></p> <p>Use our Adapter to get it through QRCodeId<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">GetQRCodeTimeout</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">int64</span> <span class="p">{</span> <span class="k">return</span> <span class="n">e</span><span class="o">.</span><span class="n">getQRCodeTimeout</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">getQRCodeTimeout</span><span class="p">(</span><span class="n">id</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">int64</span> <span class="p">{</span> <span class="k">return</span> <span class="n">e</span><span class="o">.</span><span class="n">adapter</span><span class="o">.</span><span class="n">GetTimeout</span><span class="p">(</span><span class="n">e</span><span class="o">.</span><span class="n">spliceQRCodeKey</span><span class="p">(</span><span class="n">id</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <h3> Get QR code information </h3> <p><a href="https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L301">https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L301</a></p> <p>Use Adapter to get<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">GetQRCode</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">)</span> <span class="o">*</span><span class="n">model</span><span class="o">.</span><span class="n">QRCode</span> <span class="p">{</span> <span class="k">return</span> <span class="n">e</span><span class="o">.</span><span class="n">getQRCode</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h3> Get QR code status </h3> <p><a href="https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L311">https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L311</a></p> <p>Also use Adapter to obtain<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// GetQRCodeState</span> <span class="c">// WaitScan = 1</span> <span class="c">// WaitAuth = 2</span> <span class="c">// ConfirmAuth = 3</span> <span class="c">// CancelAuth = 4</span> <span class="c">// Expired = 5</span> <span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">GetQRCodeState</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">)</span> <span class="n">model</span><span class="o">.</span><span class="n">QRCodeState</span> <span class="p">{</span> <span class="n">qrCode</span> <span class="o">:=</span> <span class="n">e</span><span class="o">.</span><span class="n">getQRCode</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">)</span> <span class="k">if</span> <span class="n">qrCode</span> <span class="o">==</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">model</span><span class="o">.</span><span class="n">Expired</span> <span class="p">}</span> <span class="k">return</span> <span class="n">qrCode</span><span class="o">.</span><span class="n">State</span> <span class="p">}</span> </code></pre> </div> <h3> Delete QR code information </h3> <p><a href="https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L323">https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L323</a><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">DeleteQRCode</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">error</span> <span class="p">{</span> <span class="k">return</span> <span class="n">e</span><span class="o">.</span><span class="n">deleteQRCode</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">deleteQRCode</span><span class="p">(</span><span class="n">id</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">error</span> <span class="p">{</span> <span class="k">return</span> <span class="n">e</span><span class="o">.</span><span class="n">adapter</span><span class="o">.</span><span class="n">Delete</span><span class="p">(</span><span class="n">e</span><span class="o">.</span><span class="n">spliceQRCodeKey</span><span class="p">(</span><span class="n">id</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <h3> Confirm scan code </h3> <p><a href="https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L234">https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L234</a></p> <p>To confirm the code scanning, you must first determine whether the QR code exists, and then verify whether the status of the QR code is WaitScan, which is 1. After verification, bind the user's unique loginId, and finally create a temporary token with a value of QRCodeId and return it. This temporary token is used for authorization and cancellation of authorization.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// Scanned update state to constant.WaitAuth, return tempToken</span> <span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">Scanned</span><span class="p">(</span><span class="n">QRCodeId</span> <span class="kt">string</span><span class="p">,</span> <span class="n">loginId</span> <span class="kt">string</span><span class="p">)</span> <span class="p">(</span><span class="kt">string</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">qrCode</span> <span class="o">:=</span> <span class="n">e</span><span class="o">.</span><span class="n">getQRCode</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">)</span> <span class="k">if</span> <span class="n">qrCode</span> <span class="o">==</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"QRCode doesn't exist"</span><span class="p">)</span> <span class="p">}</span> <span class="k">if</span> <span class="n">qrCode</span><span class="o">.</span><span class="n">State</span> <span class="o">!=</span> <span class="n">model</span><span class="o">.</span><span class="n">WaitScan</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"QRCode state error: unexpected state value %v, want is %v"</span><span class="p">,</span> <span class="n">qrCode</span><span class="o">.</span><span class="n">State</span><span class="p">,</span> <span class="n">model</span><span class="o">.</span><span class="n">WaitScan</span><span class="p">)</span> <span class="p">}</span> <span class="n">qrCode</span><span class="o">.</span><span class="n">State</span> <span class="o">=</span> <span class="n">model</span><span class="o">.</span><span class="n">WaitAuth</span> <span class="n">qrCode</span><span class="o">.</span><span class="n">LoginId</span> <span class="o">=</span> <span class="n">loginId</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">e</span><span class="o">.</span><span class="n">updateQRCode</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">,</span> <span class="n">qrCode</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="n">tempToken</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">e</span><span class="o">.</span><span class="n">CreateTempToken</span><span class="p">(</span><span class="n">e</span><span class="o">.</span><span class="n">config</span><span class="o">.</span><span class="n">TokenStyle</span><span class="p">,</span> <span class="s">"qrCode"</span><span class="p">,</span> <span class="n">QRCodeId</span><span class="p">,</span> <span class="n">e</span><span class="o">.</span><span class="n">config</span><span class="o">.</span><span class="n">Timeout</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="s">""</span><span class="p">,</span> <span class="n">err</span> <span class="p">}</span> <span class="k">return</span> <span class="n">tempToken</span><span class="p">,</span> <span class="no">nil</span> <span class="p">}</span> </code></pre> </div> <h3> Agree to authorize </h3> <p><a href="https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L257">https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L257</a></p> <p>To agree to authorization, we need to use the temporary token returned when we confirm the scan code. First, we need to verify the temporary token. The ParseTempToken method is an interface for verifying the temporary token and obtaining the value corresponding to the token. After verifying the token, obtain the QRCodeId, and then verify the status corresponding to the QRCodeId. It should be WaitAuth waiting for authorization, which is 2. The last step is to change the QR code status to ConfirmAuth which is 3. Of course, don't forget to delete the temporary token.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// ConfirmAuth update state to constant.ConfirmAuth</span> <span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">ConfirmAuth</span><span class="p">(</span><span class="n">tempToken</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">error</span> <span class="p">{</span> <span class="n">qrCodeId</span> <span class="o">:=</span> <span class="n">e</span><span class="o">.</span><span class="n">ParseTempToken</span><span class="p">(</span><span class="s">"qrCode"</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">qrCodeId</span> <span class="o">==</span> <span class="s">""</span> <span class="p">{</span> <span class="k">return</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"confirm failed, tempToken error: %v"</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="p">}</span> <span class="n">qrCode</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">e</span><span class="o">.</span><span class="n">getAndCheckQRCodeState</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">,</span> <span class="n">model</span><span class="o">.</span><span class="n">WaitAuth</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">err</span> <span class="p">}</span> <span class="n">qrCode</span><span class="o">.</span><span class="n">State</span> <span class="o">=</span> <span class="n">model</span><span class="o">.</span><span class="n">ConfirmAuth</span> <span class="n">err</span> <span class="o">=</span> <span class="n">e</span><span class="o">.</span><span class="n">updateQRCode</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">,</span> <span class="n">qrCode</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">err</span> <span class="p">}</span> <span class="n">err</span> <span class="o">=</span> <span class="n">e</span><span class="o">.</span><span class="n">DeleteTempToken</span><span class="p">(</span><span class="s">"qrCode"</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">err</span> <span class="p">}</span> <span class="k">return</span> <span class="n">err</span> <span class="p">}</span> </code></pre> </div> <h3> Cancel authorization </h3> <p><a href="https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L280">https://github.com/weloe/token-go/blob/b85a297b4eae1ee730059be277d7aa83658c1fe4/enforcer_manager_api.go#L280</a></p> <p>To cancel authorization, we also need to use the temporary token returned when we confirm the scan code. First, we need to verify the temporary token. The ParseTempToken method is the method to verify the temporary token. Through this method, we can obtain the QRCodeId value corresponding to the token. After verifying the token, obtain the QRCodeId, and then verify the status corresponding to the QRCodeId. It should be WaitAuth waiting for authorization, which is 2. The last step is to change the QR code status to CancelAuth which is 4. Also don't forget to delete the temporary token.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// CancelAuth update state to constant.CancelAuth</span> <span class="k">func</span> <span class="p">(</span><span class="n">e</span> <span class="o">*</span><span class="n">Enforcer</span><span class="p">)</span> <span class="n">CancelAuth</span><span class="p">(</span><span class="n">tempToken</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">error</span> <span class="p">{</span> <span class="n">qrCodeId</span> <span class="o">:=</span> <span class="n">e</span><span class="o">.</span><span class="n">ParseTempToken</span><span class="p">(</span><span class="s">"qrCode"</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">qrCodeId</span> <span class="o">==</span> <span class="s">""</span> <span class="p">{</span> <span class="k">return</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"confirm failed, tempToken error: %v"</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="p">}</span> <span class="n">qrCode</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">e</span><span class="o">.</span><span class="n">getAndCheckQRCodeState</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">,</span> <span class="n">model</span><span class="o">.</span><span class="n">WaitAuth</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">err</span> <span class="p">}</span> <span class="n">qrCode</span><span class="o">.</span><span class="n">State</span> <span class="o">=</span> <span class="n">model</span><span class="o">.</span><span class="n">CancelAuth</span> <span class="n">err</span> <span class="o">=</span> <span class="n">e</span><span class="o">.</span><span class="n">updateQRCode</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">,</span> <span class="n">qrCode</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">err</span> <span class="p">}</span> <span class="n">err</span> <span class="o">=</span> <span class="n">e</span><span class="o">.</span><span class="n">DeleteTempToken</span><span class="p">(</span><span class="s">"qrCode"</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">return</span> <span class="n">err</span> <span class="p">}</span> <span class="k">return</span> <span class="n">err</span> <span class="p">}</span> </code></pre> </div> <h2> test </h2> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">TestEnforcer_ConfirmQRCode</span><span class="p">(</span><span class="n">t</span> <span class="o">*</span><span class="n">testing</span><span class="o">.</span><span class="n">T</span><span class="p">)</span> <span class="p">{</span> <span class="n">enforcer</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">NewTestEnforcer</span><span class="p">(</span><span class="n">t</span><span class="p">)</span> <span class="c">// in APP</span> <span class="n">loginId</span> <span class="o">:=</span> <span class="s">"1"</span> <span class="n">token</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">LoginById</span><span class="p">(</span><span class="n">loginId</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"Login failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">t</span><span class="o">.</span><span class="n">Logf</span><span class="p">(</span><span class="s">"login token: %v"</span><span class="p">,</span> <span class="n">token</span><span class="p">)</span> <span class="n">qrCodeId</span> <span class="o">:=</span> <span class="s">"q1"</span> <span class="n">err</span> <span class="o">=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">CreateQRCodeState</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">,</span> <span class="o">-</span><span class="m">1</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"CreateQRCodeState() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">t</span><span class="o">.</span><span class="n">Logf</span><span class="p">(</span><span class="s">"After CreateQRCodeState(), current QRCode state: %v"</span><span class="p">,</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetQRCodeState</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">))</span> <span class="n">loginIdByToken</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetLoginIdByToken</span><span class="p">(</span><span class="n">token</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"GetLoginIdByToken() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">tempToken</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">Scanned</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">,</span> <span class="n">loginIdByToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"Scanned() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="k">if</span> <span class="n">state</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetQRCodeState</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">);</span> <span class="n">state</span> <span class="o">!=</span> <span class="n">model</span><span class="o">.</span><span class="n">WaitAuth</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"After Scanned(), QRCode should be %v"</span><span class="p">,</span> <span class="n">model</span><span class="o">.</span><span class="n">WaitAuth</span><span class="p">)</span> <span class="p">}</span> <span class="n">t</span><span class="o">.</span><span class="n">Logf</span><span class="p">(</span><span class="s">"After Scanned(), current QRCode state: %v"</span><span class="p">,</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetQRCodeState</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">))</span> <span class="n">t</span><span class="o">.</span><span class="n">Logf</span><span class="p">(</span><span class="s">"tempToken: %v"</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="n">err</span> <span class="o">=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">ConfirmAuth</span><span class="p">(</span><span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"ConfirmAuth() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="k">if</span> <span class="n">state</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetQRCodeState</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">);</span> <span class="n">state</span> <span class="o">!=</span> <span class="n">model</span><span class="o">.</span><span class="n">ConfirmAuth</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"After ConfirmAuth(), QRCode should be %v"</span><span class="p">,</span> <span class="n">model</span><span class="o">.</span><span class="n">ConfirmAuth</span><span class="p">)</span> <span class="p">}</span> <span class="n">t</span><span class="o">.</span><span class="n">Logf</span><span class="p">(</span><span class="s">"After ConfirmAuth(), current QRCode state: %v"</span><span class="p">,</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetQRCodeState</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">))</span> <span class="k">if</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetQRCodeState</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">)</span> <span class="o">==</span> <span class="n">model</span><span class="o">.</span><span class="n">ConfirmAuth</span> <span class="p">{</span> <span class="n">loginId</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">getQRCode</span><span class="p">(</span><span class="n">qrCodeId</span><span class="p">)</span><span class="o">.</span><span class="n">LoginId</span> <span class="n">t</span><span class="o">.</span><span class="n">Logf</span><span class="p">(</span><span class="s">"id: [%v] QRCode login successfully."</span><span class="p">,</span> <span class="n">loginId</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h2> how to use </h2> <p><a href="https://github.com/weloe/token-go/blob/master/examples/qrcode/qrcode-server.go">https://github.com/weloe/token-go/blob/master/examples/qrcode/qrcode-server.go</a></p> <p>Install token-go, <code>go get github.com/weloe/token-go</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"fmt"</span> <span class="n">tokenGo</span> <span class="s">"github.com/weloe/token-go"</span> <span class="s">"github.com/weloe/token-go/model"</span> <span class="s">"log"</span> <span class="s">"net/http"</span> <span class="p">)</span> <span class="k">var</span> <span class="n">enforcer</span> <span class="o">*</span><span class="n">tokenGo</span><span class="o">.</span><span class="n">Enforcer</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="k">var</span> <span class="n">err</span> <span class="kt">error</span> <span class="c">// use default adapter</span> <span class="n">adapter</span> <span class="o">:=</span> <span class="n">tokenGo</span><span class="o">.</span><span class="n">NewDefaultAdapter</span><span class="p">()</span> <span class="n">enforcer</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">tokenGo</span><span class="o">.</span><span class="n">NewEnforcer</span><span class="p">(</span><span class="n">adapter</span><span class="p">)</span> <span class="c">// enable logger</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">EnableLog</span><span class="p">()</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/qrcode/create"</span><span class="p">,</span> <span class="n">create</span><span class="p">)</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/qrcode/scanned"</span><span class="p">,</span> <span class="n">scanned</span><span class="p">)</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/qrcode/confirmAuth"</span><span class="p">,</span> <span class="n">confirmAuth</span><span class="p">)</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/qrcode/cancelAuth"</span><span class="p">,</span> <span class="n">cancelAuth</span><span class="p">)</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/qrcode/getState"</span><span class="p">,</span> <span class="n">getState</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">http</span><span class="o">.</span><span class="n">ListenAndServe</span><span class="p">(</span><span class="s">":8081"</span><span class="p">,</span> <span class="no">nil</span><span class="p">))</span> <span class="p">}</span> <span class="k">func</span> <span class="n">create</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">request</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="c">// you should implement generate QR code method, returns QRCodeId to CreateQRCodeState</span> <span class="c">// called generate QR code, returns QRCodeId to CreateQRCodeState</span> <span class="c">//</span> <span class="n">QRCodeId</span> <span class="o">:=</span> <span class="s">"generatedQRCodeId"</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">CreateQRCodeState</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">,</span> <span class="m">50000</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"CreateQRCodeState() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"QRCodeId = %v"</span><span class="p">,</span> <span class="n">QRCodeId</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">scanned</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">loginId</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetLoginId</span><span class="p">(</span><span class="n">tokenGo</span><span class="o">.</span><span class="n">NewHttpContext</span><span class="p">(</span><span class="n">req</span><span class="p">,</span> <span class="n">w</span><span class="p">))</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"GetLoginId() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">QRCodeId</span> <span class="o">:=</span> <span class="n">req</span><span class="o">.</span><span class="n">URL</span><span class="o">.</span><span class="n">Query</span><span class="p">()</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"QRCodeId"</span><span class="p">)</span> <span class="n">tempToken</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">Scanned</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">,</span> <span class="n">loginId</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"Scanned() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"tempToken = %v"</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">getState</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">QRCodeId</span> <span class="o">:=</span> <span class="n">req</span><span class="o">.</span><span class="n">URL</span><span class="o">.</span><span class="n">Query</span><span class="p">()</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"QRCodeId"</span><span class="p">)</span> <span class="n">state</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetQRCodeState</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">)</span> <span class="k">if</span> <span class="n">state</span> <span class="o">==</span> <span class="n">model</span><span class="o">.</span><span class="n">ConfirmAuth</span> <span class="p">{</span> <span class="n">qrCode</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetQRCode</span><span class="p">(</span><span class="n">QRCodeId</span><span class="p">)</span> <span class="k">if</span> <span class="n">qrCode</span> <span class="o">==</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"login error. state = %v, code is nil"</span><span class="p">,</span> <span class="n">state</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">loginId</span> <span class="o">:=</span> <span class="n">qrCode</span><span class="o">.</span><span class="n">LoginId</span> <span class="n">token</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">LoginById</span><span class="p">(</span><span class="n">loginId</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"Login error: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"%v login success. state = %v, token = %v"</span><span class="p">,</span> <span class="n">loginId</span><span class="p">,</span> <span class="n">state</span><span class="p">,</span> <span class="n">token</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if</span> <span class="n">state</span> <span class="o">==</span> <span class="n">model</span><span class="o">.</span><span class="n">CancelAuth</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"QRCodeId be cancelled: %v"</span><span class="p">,</span> <span class="n">QRCodeId</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"state = %v"</span><span class="p">,</span> <span class="n">state</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">cancelAuth</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">tempToken</span> <span class="o">:=</span> <span class="n">req</span><span class="o">.</span><span class="n">URL</span><span class="o">.</span><span class="n">Query</span><span class="p">()</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"tempToken"</span><span class="p">)</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">CancelAuth</span><span class="p">(</span><span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"CancelAuth() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprint</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"ConfirmAuth() success"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">confirmAuth</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">tempToken</span> <span class="o">:=</span> <span class="n">req</span><span class="o">.</span><span class="n">URL</span><span class="o">.</span><span class="n">Query</span><span class="p">()</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"tempToken"</span><span class="p">)</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">ConfirmAuth</span><span class="p">(</span><span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"ConfirmAuth() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprint</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"ConfirmAuth() success"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>You can also know from the initial process and testing methods</p> <p><code>/qrcode/create</code>with the parameter QR code id . The backend calls the method of generating the QR code (which needs to be implemented by yourself). Then call the <code>enforcer.CreateQRCodeState()</code>method to initialize the QR code state.</p> <p>Scan the QR code from the APP and request the backend <code>/qrcode/scanned</code> . The backend first checks the token sent from the APP (use the<code>enforcer.isLoginByToken()</code>method of the framework to judge) whether it is in the login state, use enforcer. <code>GetLoginId()</code>obtains the corresponding loginId, and then calls the <code>enforcer.Scanned()</code> method. Then return the temporary token.</p> <p>After receiving the temporary token, the APP chooses to agree or cancel the authorization, that is, the temporary token is sent to the backend <code>/qrcode/confirmAuth</code> or <code>/qrcode/cancelAuth</code> , and the backend calls the <code>enforcer.ConfirmAuth()</code>or <code>enforcer.CancelAuth()</code>method to agree or cancel. Authorization.</p> <p>After initializing the QR code status, the Web side must continue to request the backend<code>/qrcode/getState</code>. The backend calls the <code>GetQRCodeState</code> method to obtain the QR code status. If the QR code status is timed out, that is, Expired, the front end will delete the QR code information. It prompts that the QR code has expired. Regenerate the QR code. If the obtained status is equal to the confirmation authorization ConfirmAuth, perform the login operation <code>enforcer.LoginById()</code>and return the login credential token.</p> github go A login authentication Golang library luxion Fri, 13 Oct 2023 21:19:26 +0000 https://dev.to/luxion/a-login-authentication-golang-library-53jd https://dev.to/luxion/a-login-authentication-golang-library-53jd <h2> Token-Go </h2> <p><a href="https://github.com/weloe/token-go">https://github.com/weloe/token-go</a></p> <p>This library focuses on solving login authentication problems, such as: login, multi-account login, shared token, logout, kickout, banned, second auth, temp-token, SSO ...</p> <p><a href="https://github.com/weloe/token-go/wiki/3.-Features">Features</a></p> <p>Using this library can simplify the authentication and authorization business, and only a few lines of code are needed to implement the above business.</p> <h2> Installation </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>go get github.com/weloe/token-go </code></pre> </div> <h2> Simple Example </h2> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="p">(</span> <span class="s">"fmt"</span> <span class="n">tokenGo</span> <span class="s">"github.com/weloe/token-go"</span> <span class="s">"log"</span> <span class="s">"net/http"</span> <span class="p">)</span> <span class="k">var</span> <span class="n">enforcer</span> <span class="o">*</span><span class="n">tokenGo</span><span class="o">.</span><span class="n">Enforcer</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="k">var</span> <span class="n">err</span> <span class="kt">error</span> <span class="c">// use default adapter</span> <span class="n">adapter</span> <span class="o">:=</span> <span class="n">tokenGo</span><span class="o">.</span><span class="n">NewDefaultAdapter</span><span class="p">()</span> <span class="n">enforcer</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">tokenGo</span><span class="o">.</span><span class="n">NewEnforcer</span><span class="p">(</span><span class="n">adapter</span><span class="p">)</span> <span class="c">// enable logger</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">EnableLog</span><span class="p">()</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/user/login"</span><span class="p">,</span> <span class="n">Login</span><span class="p">)</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/user/logout"</span><span class="p">,</span> <span class="n">Logout</span><span class="p">)</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/user/isLogin"</span><span class="p">,</span> <span class="n">IsLogin</span><span class="p">)</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/user/kickout"</span><span class="p">,</span> <span class="n">Kickout</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">http</span><span class="o">.</span><span class="n">ListenAndServe</span><span class="p">(</span><span class="s">":8081"</span><span class="p">,</span> <span class="no">nil</span><span class="p">))</span> <span class="p">}</span> <span class="k">func</span> <span class="n">Login</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">token</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">Login</span><span class="p">(</span><span class="s">"1"</span><span class="p">,</span> <span class="n">tokenGo</span><span class="o">.</span><span class="n">NewHttpContext</span><span class="p">(</span><span class="n">req</span><span class="p">,</span> <span class="n">w</span><span class="p">))</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"Login error: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"token: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">token</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">Logout</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">Logout</span><span class="p">(</span><span class="n">tokenGo</span><span class="o">.</span><span class="n">NewHttpContext</span><span class="p">(</span><span class="n">req</span><span class="p">,</span> <span class="n">w</span><span class="p">))</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"Logout error: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"logout success"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">IsLogin</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">login</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">IsLogin</span><span class="p">(</span><span class="n">tokenGo</span><span class="o">.</span><span class="n">NewHttpContext</span><span class="p">(</span><span class="n">req</span><span class="p">,</span> <span class="n">w</span><span class="p">))</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"IsLogin() = %v: %v"</span><span class="p">,</span> <span class="n">login</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"IsLogin() = %v"</span><span class="p">,</span> <span class="n">login</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">Kickout</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">Kickout</span><span class="p">(</span><span class="n">req</span><span class="o">.</span><span class="n">URL</span><span class="o">.</span><span class="n">Query</span><span class="p">()</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"id"</span><span class="p">),</span> <span class="s">""</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"error: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"logout success"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> Custom TokenConfig </h2> <p>The same user can only log in once: <code>IsConcurrent = false &amp;&amp; IsShare = false</code></p> <p>The same user logs in multiple times and shares a token: <code>IsConcurrent = true &amp;&amp; IsShare = true</code></p> <p>Multiple logins of the same user to multiple tokens: <code>IsConcurrent = true &amp;&amp; IsShare = false</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="p">(</span> <span class="s">"fmt"</span> <span class="n">tokenGo</span> <span class="s">"github.com/weloe/token-go"</span> <span class="s">"github.com/weloe/token-go/config"</span> <span class="s">"log"</span> <span class="s">"net/http"</span> <span class="p">)</span> <span class="k">var</span> <span class="n">enforcer</span> <span class="o">*</span><span class="n">tokenGo</span><span class="o">.</span><span class="n">Enforcer</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="k">var</span> <span class="n">err</span> <span class="kt">error</span> <span class="c">// use default adapter</span> <span class="n">adapter</span> <span class="o">:=</span> <span class="n">tokenGo</span><span class="o">.</span><span class="n">NewDefaultAdapter</span><span class="p">()</span> <span class="n">tokenConfig</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="n">config</span><span class="o">.</span><span class="n">TokenConfig</span><span class="p">{</span> <span class="n">TokenName</span><span class="o">:</span> <span class="s">"uuid"</span><span class="p">,</span> <span class="n">Timeout</span><span class="o">:</span> <span class="m">60</span><span class="p">,</span> <span class="n">IsReadCookie</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="n">IsReadHeader</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="n">IsReadBody</span><span class="o">:</span> <span class="no">false</span><span class="p">,</span> <span class="n">IsConcurrent</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="n">IsShare</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="n">MaxLoginCount</span><span class="o">:</span> <span class="o">-</span><span class="m">1</span><span class="p">,</span> <span class="p">}</span> <span class="n">enforcer</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">tokenGo</span><span class="o">.</span><span class="n">NewEnforcer</span><span class="p">(</span><span class="n">adapter</span><span class="p">,</span> <span class="n">tokenConfig</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>You can also configure it using a yml or ini file like this</p> <p><a href="https://github.com/weloe/token-go/blob/master/examples/token_conf.ini">token-go/token_conf.ini at master · weloe/token-go · GitHub</a></p> <p><a href="https://github.com/weloe/token-go/blob/master/examples/token_conf.yaml">token-go/token_conf.yaml at master · weloe/token-go · GitHub</a></p> <p>Then use <code>enforcer, err = tokenGo.NewEnforcer(adapter, filepath)</code> to init.</p> <h2> Banned </h2> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">TestEnforcer_GetBannedTime</span><span class="p">(</span><span class="n">t</span> <span class="o">*</span><span class="n">testing</span><span class="o">.</span><span class="n">T</span><span class="p">)</span> <span class="p">{</span> <span class="n">enforcer</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">NewTestEnforcer</span><span class="p">(</span><span class="n">t</span><span class="p">)</span> <span class="k">var</span> <span class="n">err</span> <span class="kt">error</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"NewTestEnforcer() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">err</span> <span class="o">=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">Banned</span><span class="p">(</span><span class="s">"1"</span><span class="p">,</span> <span class="s">"comment"</span><span class="p">,</span> <span class="m">1</span><span class="p">,</span> <span class="m">100</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"Banned() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">t</span><span class="o">.</span><span class="n">Logf</span><span class="p">(</span><span class="s">"banned time = %v"</span><span class="p">,</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetBannedTime</span><span class="p">(</span><span class="s">"1"</span><span class="p">,</span> <span class="s">"comment"</span><span class="p">))</span> <span class="n">err</span> <span class="o">=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">Banned</span><span class="p">(</span><span class="s">"1"</span><span class="p">,</span> <span class="s">"comment"</span><span class="p">,</span> <span class="m">1</span><span class="p">,</span> <span class="o">-</span><span class="m">1</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"Banned() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">t</span><span class="o">.</span><span class="n">Logf</span><span class="p">(</span><span class="s">"banned time = %v"</span><span class="p">,</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetBannedTime</span><span class="p">(</span><span class="s">"1"</span><span class="p">,</span> <span class="s">"comment"</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <h2> Temp-token </h2> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">TestEnforcer_TempToken</span><span class="p">(</span><span class="n">t</span> <span class="o">*</span><span class="n">testing</span><span class="o">.</span><span class="n">T</span><span class="p">)</span> <span class="p">{</span> <span class="n">enforcer</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">NewTestEnforcer</span><span class="p">(</span><span class="n">t</span><span class="p">)</span> <span class="n">service</span> <span class="o">:=</span> <span class="s">"code"</span> <span class="n">tempToken</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">CreateTempToken</span><span class="p">(</span><span class="s">"uuid"</span><span class="p">,</span> <span class="n">service</span><span class="p">,</span> <span class="s">"1234"</span><span class="p">,</span> <span class="o">-</span><span class="m">1</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"CreateTempToken() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">timeout</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetTempTokenTimeout</span><span class="p">(</span><span class="n">service</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">timeout</span> <span class="o">!=</span> <span class="o">-</span><span class="m">1</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"GetTempTokenTimeout() failed, unexpected timeout: %v"</span><span class="p">,</span> <span class="n">timeout</span><span class="p">)</span> <span class="p">}</span> <span class="n">codeValue</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">ParseTempToken</span><span class="p">(</span><span class="s">"code"</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">codeValue</span> <span class="o">!=</span> <span class="s">"1234"</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"ParseTempToken() failed, unexpected codeValue: %v"</span><span class="p">,</span> <span class="n">codeValue</span><span class="p">)</span> <span class="p">}</span> <span class="c">// delete</span> <span class="k">if</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">DeleteTempToken</span><span class="p">(</span><span class="n">service</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Fatalf</span><span class="p">(</span><span class="s">"DeleteTempToken() failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">tokenTimeout</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">GetTempTokenTimeout</span><span class="p">(</span><span class="n">service</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">tokenTimeout</span> <span class="o">!=</span> <span class="o">-</span><span class="m">2</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"GetTempTokenTimeout() failed, unexpected tokenTimeout: %v"</span><span class="p">,</span> <span class="n">tokenTimeout</span><span class="p">)</span> <span class="p">}</span> <span class="n">codeValue</span> <span class="o">=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">ParseTempToken</span><span class="p">(</span><span class="n">service</span><span class="p">,</span> <span class="n">tempToken</span><span class="p">)</span> <span class="k">if</span> <span class="n">codeValue</span> <span class="o">!=</span> <span class="s">""</span> <span class="p">{</span> <span class="n">t</span><span class="o">.</span><span class="n">Errorf</span><span class="p">(</span><span class="s">"ParseTempToken() failed, unexpected codeValue: %v"</span><span class="p">,</span> <span class="n">codeValue</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h2> Authorization </h2> <p>A simple permission verification method is also provided<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">ACL</span> <span class="k">interface</span> <span class="p">{</span> <span class="n">GetPermission</span><span class="p">(</span><span class="n">id</span> <span class="kt">string</span><span class="p">)</span> <span class="p">[]</span><span class="kt">string</span> <span class="p">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">RBAC</span> <span class="k">interface</span> <span class="p">{</span> <span class="n">GetRole</span><span class="p">(</span><span class="n">id</span> <span class="kt">string</span><span class="p">)</span> <span class="p">[]</span><span class="kt">string</span> <span class="p">}</span> </code></pre> </div> <p>Implement either of these two interfaces and call <code>enforcer.SetAuth(model)</code><br> After that, you can use these two APIs for permission verification<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// implement RBAC</span> <span class="n">CheckRole</span><span class="p">(</span><span class="n">ctx</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Context</span><span class="p">,</span> <span class="n">role</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">error</span> <span class="c">// implement ACL</span> <span class="n">CheckPermission</span><span class="p">(</span><span class="n">ctx</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Context</span><span class="p">,</span> <span class="n">permission</span> <span class="kt">string</span><span class="p">)</span> <span class="kt">error</span> </code></pre> </div> <h3> example </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Auth</span> <span class="k">struct</span> <span class="p">{</span> <span class="p">}</span> <span class="k">func</span> <span class="p">(</span><span class="n">m</span> <span class="o">*</span><span class="n">Auth</span><span class="p">)</span> <span class="n">GetRole</span><span class="p">(</span><span class="n">id</span> <span class="kt">string</span><span class="p">)</span> <span class="p">[]</span><span class="kt">string</span> <span class="p">{</span> <span class="k">var</span> <span class="n">arr</span> <span class="o">=</span> <span class="nb">make</span><span class="p">([]</span><span class="kt">string</span><span class="p">,</span> <span class="m">2</span><span class="p">)</span> <span class="n">arr</span><span class="p">[</span><span class="m">1</span><span class="p">]</span> <span class="o">=</span> <span class="s">"user"</span> <span class="k">return</span> <span class="n">arr</span> <span class="p">}</span> <span class="k">func</span> <span class="p">(</span><span class="n">m</span> <span class="o">*</span><span class="n">Auth</span><span class="p">)</span> <span class="n">GetPermission</span><span class="p">(</span><span class="n">id</span> <span class="kt">string</span><span class="p">)</span> <span class="p">[]</span><span class="kt">string</span> <span class="p">{</span> <span class="k">var</span> <span class="n">arr</span> <span class="o">=</span> <span class="nb">make</span><span class="p">([]</span><span class="kt">string</span><span class="p">,</span> <span class="m">2</span><span class="p">)</span> <span class="n">arr</span><span class="p">[</span><span class="m">1</span><span class="p">]</span> <span class="o">=</span> <span class="s">"user::get"</span> <span class="k">return</span> <span class="n">arr</span> <span class="p">}</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="k">var</span> <span class="n">err</span> <span class="kt">error</span> <span class="c">// use default adapter</span> <span class="n">adapter</span> <span class="o">:=</span> <span class="n">tokenGo</span><span class="o">.</span><span class="n">NewDefaultAdapter</span><span class="p">()</span> <span class="n">enforcer</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">tokenGo</span><span class="o">.</span><span class="n">NewEnforcer</span><span class="p">(</span><span class="n">adapter</span><span class="p">)</span> <span class="c">// set auth</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">SetAuth</span><span class="p">(</span><span class="o">&amp;</span><span class="n">Auth</span><span class="p">{})</span> <span class="c">// enable logger</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">EnableLog</span><span class="p">()</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="n">http</span><span class="o">.</span><span class="n">HandleFunc</span><span class="p">(</span><span class="s">"/user/check"</span><span class="p">,</span> <span class="n">CheckAuth</span><span class="p">)</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">http</span><span class="o">.</span><span class="n">ListenAndServe</span><span class="p">(</span><span class="s">":8081"</span><span class="p">,</span> <span class="no">nil</span><span class="p">))</span> <span class="p">}</span> <span class="k">func</span> <span class="n">CheckAuth</span><span class="p">(</span><span class="n">w</span> <span class="n">http</span><span class="o">.</span><span class="n">ResponseWriter</span><span class="p">,</span> <span class="n">req</span> <span class="o">*</span><span class="n">http</span><span class="o">.</span><span class="n">Request</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span> <span class="o">:=</span> <span class="n">tokenGo</span><span class="o">.</span><span class="n">NewHttpContext</span><span class="p">(</span><span class="n">req</span><span class="p">,</span> <span class="n">w</span><span class="p">)</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">CheckRole</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span> <span class="s">"user"</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"CheckRole() error: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">err</span> <span class="o">=</span> <span class="n">enforcer</span><span class="o">.</span><span class="n">CheckPermission</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span> <span class="s">"user::get"</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"CheckPermission() error: %s</span><span class="se">\n</span><span class="s">"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Fprintf</span><span class="p">(</span><span class="n">w</span><span class="p">,</span> <span class="s">"you have authorization"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> SSO </h2> <p>SSO-Server examples: <a href="https://github.com/weloe/token-go/blob/master/examples/sso/sso-server/sso-server.go">https://github.com/weloe/token-go/blob/master/examples/sso/sso-server/sso-server.go</a></p> <p>SSO-Client examples: <a href="https://github.com/weloe/token-go/blob/master/examples/sso/sso-client-3/sso-client.go">https://github.com/weloe/token-go/blob/master/examples/sso/sso-client-3/sso-client.go</a></p> <h2> Extensions </h2> <p><a href="https://github.com/weloe/token-go-extensions">https://github.com/weloe/token-go-extensions</a></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Adapter</th> <th></th> </tr> </thead> <tbody> <tr> <td>RedisAdapter</td> <td><code>go get github.com/weloe/token-go-extensions/redis-adapter</code></td> </tr> </tbody> </table></div> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Enforcer</th> <th></th> </tr> </thead> <tbody> <tr> <td>StatelessEnforcer</td> <td><code>go get github.com/weloe/token-go-extensions/jwt</code></td> </tr> </tbody> </table></div> <h2> Documentation </h2> <p><a href="https://github.com/weloe/token-go/wiki">https://github.com/weloe/token-go/wiki</a></p> <h2> Api </h2> <p><a href="https://pkg.go.dev/github.com/weloe/token-go#section-documentation">token_go package - github.com/weloe/token-go - Go Packages</a></p> tutorial go programming github