dongsong8932 2017-01-30 13:18
浏览 95
已采纳

Go REST Api中的角色和权限

I'm developing an REST API in go, it's implementing jwt following this schema : Jwt schema

I've a middleware that verify tokens and my problem is that I want another one to add roles and permissions on some path in my API

Could you guys give some tips pls ? My project is on github as you can see all the code : repository

Thanks

  • 写回答

1条回答 默认 最新

  • douliedu335997 2017-01-31 05:40
    关注

    If I am not wrong, what you are asking is for access control list (ACL) https://en.wikipedia.org/wiki/Access_control_list

    You will need to separate controllers for each type of permission and have a module that checks the session variable set when the user logs in with the type of permission allowed for that particular controller.

    After the login check is completed, you can carry out an authorization check whether the user can access the resource and action, the controller can be tied to a single resource (but this behavior can be overridden) and the controller action can be mapped to a resource action.

    For Go, you can get a lot of ACL samples:

    [1] https://github.com/hectane/go-acl

    [2] https://github.com/mikespook/gorbac

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

    报告相同问题?

    悬赏问题

    • ¥15 询问MYSQL查询SQLSERVER数据表并比较差异后,更新MYSQL的数据表
    • ¥15 关于#前端#的问题,请各位专家解答!
    • ¥15 最小生成树问题 Prim算法和Kruskal算法
    • ¥25 医院住院病人呼叫器设计
    • ¥15 不想和现在的团队合作了,怎么避免他们对程序动手脚
    • ¥30 c++类和数组实验代码
    • ¥20 C语言字符串不区分大小写字典排序相关问题
    • ¥15 关于#python#的问题:我希望通过逆向技术爬取1688搜索页下滑加载的数据
    • ¥15 关于Linux的终端里,模拟实现一个带口令保护的屏保程序遇到的输入输出的问题!(语言-c语言)
    • ¥30 请问,这个嵌入式Linux系统怎么分析,crc检验区域在哪