llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-03 12:30:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add willLog() and control access to signup page.

Browse Source
This commit is contained in:
Yang Luo
2021-05-08 00:23:08 +08:00
parent 75f23478d1
commit e3b3a76088
7 changed files with 73 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
routers/authz_filter.go
View File

@ -94,6 +94,13 @@ func denyRequest(ctx *context.Context) {
}
}
func willLog(subOwner string, subName string, method string, urlPath string, objOwner string, objName string) bool {
if subOwner == "anonymous" && subName == "anonymous" && method == "GET" && (urlPath == "/api/get-account" || urlPath == "/api/get-app-login") && objOwner == "" && objName == "" {
return false
}
return true
}
func AuthzFilter(ctx *context.Context) {
subOwner, subName := getSubject(ctx)
method := ctx.Request.Method
@ -106,10 +113,14 @@ func AuthzFilter(ctx *context.Context) {
if isAllowed {
result = "allow"
}
logLine := fmt.Sprintf("subOwner = %s, subName = %s, method = %s, urlPath = %s, obj.Owner = %s, obj.Name = %s, result = %s",
subOwner, subName, method, urlPath, objOwner, objName, result)
fmt.Println(logLine)
util.LogInfo(ctx, logLine)
if willLog(subOwner, subName, method, urlPath, objOwner, objName) {
logLine := fmt.Sprintf("subOwner = %s, subName = %s, method = %s, urlPath = %s, obj.Owner = %s, obj.Name = %s, result = %s",
subOwner, subName, method, urlPath, objOwner, objName, result)
fmt.Println(logLine)
util.LogInfo(ctx, logLine)
}
if !isAllowed {
denyRequest(ctx)
}