feat: add access key and secret key for user (#1971)

2025-07-03 12:30:19 +08:00 · 2023-06-13 22:18:17 +08:00
parent 805cf20d04
commit 967fa4be68
9 changed files with 157 additions and 3 deletions
--- a/routers/authz_filter.go
+++ b/routers/authz_filter.go
@ -26,8 +26,10 @@ import (
 )

 type Object struct {
-	Owner string `json:"owner"`
-	Name  string `json:"name"`
+	Owner     string `json:"owner"`
+	Name      string `json:"name"`
+	AccessKey string `json:"accessKey"`
+	SecretKey string `json:"secretKey"`
 }

 func getUsername(ctx *context.Context) (username string) {
@ -43,6 +45,9 @@ func getUsername(ctx *context.Context) (username string) {
 		username = getUsernameByClientIdSecret(ctx)
 	}

+	if username == "" {
+		username = getUsernameByKeys(ctx)
+	}
 	return
 }

@ -98,6 +103,30 @@ func getObject(ctx *context.Context) (string, string) {
 	}
 }

+func getKeys(ctx *context.Context) (string, string) {
+	method := ctx.Request.Method
+
+	if method == http.MethodGet {
+		accessKey := ctx.Input.Query("accesskey")
+		secretKey := ctx.Input.Query("secretkey")
+		return accessKey, secretKey
+	} else {
+		body := ctx.Input.RequestBody
+
+		if len(body) == 0 {
+			return ctx.Request.Form.Get("accesskey"), ctx.Request.Form.Get("secretkey")
+		}
+
+		var obj Object
+		err := json.Unmarshal(body, &obj)
+		if err != nil {
+			return "", ""
+		}
+
+		return obj.AccessKey, obj.SecretKey
+	}
+}
+
 func willLog(subOwner string, subName string, method string, urlPath string, objOwner string, objName string) bool {
 	if subOwner == "anonymous" && subName == "anonymous" && method == "GET" && (urlPath == "/api/get-account" || urlPath == "/api/get-app-login") && objOwner == "" && objName == "" {
 		return false
--- a/routers/base.go
+++ b/routers/base.go
@ -84,6 +84,18 @@ func getUsernameByClientIdSecret(ctx *context.Context) string {
 	return fmt.Sprintf("app/%s", application.Name)
 }

+func getUsernameByKeys(ctx *context.Context) string {
+	accessKey, secretKey := getKeys(ctx)
+	user, err := object.GetUserByAccessKey(accessKey)
+	if err != nil {
+		panic(err)
+	}
+	if user != nil && secretKey == user.SecretKey {
+		return user.GetId()
+	}
+	return ""
+}
+
 func getSessionUser(ctx *context.Context) string {
 	user := ctx.Input.CruSession.Get("username")
 	if user == nil {
--- a/routers/router.go
+++ b/routers/router.go
@ -73,6 +73,7 @@ func initAPI() {
 	beego.Router("/api/get-user-count", &controllers.ApiController{}, "GET:GetUserCount")
 	beego.Router("/api/get-user", &controllers.ApiController{}, "GET:GetUser")
 	beego.Router("/api/update-user", &controllers.ApiController{}, "POST:UpdateUser")
+	beego.Router("/api/add-user-keys", &controllers.ApiController{}, "POST:AddUserkeys")
 	beego.Router("/api/add-user", &controllers.ApiController{}, "POST:AddUser")
 	beego.Router("/api/delete-user", &controllers.ApiController{}, "POST:DeleteUser")
 	beego.Router("/api/upload-users", &controllers.ApiController{}, "POST:UploadUsers")