github.com/lei006/gmqtt-broker@v0.0.1/plugins/auth/authhttp/authhttp.go (about)

     1  package authhttp
     2  
     3  import (
     4  	"encoding/json"
     5  	"io"
     6  	"io/ioutil"
     7  	"net/http"
     8  	"net/url"
     9  	"strconv"
    10  	"strings"
    11  	"time"
    12  
    13  	"github.com/lei006/gmqtt-broker/logger"
    14  	"go.uber.org/zap"
    15  )
    16  
    17  // Config device kafka config
    18  type Config struct {
    19  	AuthURL  string `json:"auth"`
    20  	ACLURL   string `json:"acl"`
    21  	SuperURL string `json:"super"`
    22  }
    23  
    24  type authHTTP struct {
    25  	client *http.Client
    26  }
    27  
    28  var (
    29  	config     Config
    30  	log        = logger.Get().Named("authhttp")
    31  	httpClient *http.Client
    32  )
    33  
    34  // Init init kafak client
    35  func Init() *authHTTP {
    36  	content, err := ioutil.ReadFile("./plugins/auth/authhttp/http.json")
    37  	if err != nil {
    38  		log.Fatal("Read config file error: ", zap.Error(err))
    39  	}
    40  	// log.Info(string(content))
    41  
    42  	err = json.Unmarshal(content, &config)
    43  	if err != nil {
    44  		log.Fatal("Unmarshal config file error: ", zap.Error(err))
    45  	}
    46  	// fmt.Println("http: config: ", config)
    47  
    48  	httpClient = &http.Client{
    49  		Transport: &http.Transport{
    50  			MaxConnsPerHost:     100,
    51  			MaxIdleConns:        100,
    52  			MaxIdleConnsPerHost: 100,
    53  		},
    54  		Timeout: time.Second * 100,
    55  	}
    56  	return &authHTTP{client: httpClient}
    57  }
    58  
    59  // CheckConnect check mqtt connect
    60  func (a *authHTTP) CheckConnect(clientID, username, password string) bool {
    61  	action := "connect"
    62  	{
    63  		aCache := checkCache(action, clientID, username, password, "")
    64  		if aCache != nil {
    65  			if aCache.password == password && aCache.username == username && aCache.action == action {
    66  				return true
    67  			}
    68  		}
    69  	}
    70  
    71  	data := url.Values{}
    72  	data.Add("username", username)
    73  	data.Add("clientid", clientID)
    74  	data.Add("password", password)
    75  
    76  	req, err := http.NewRequest("POST", config.AuthURL, strings.NewReader(data.Encode()))
    77  	if err != nil {
    78  		log.Error("new request super: ", zap.Error(err))
    79  		return false
    80  	}
    81  	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
    82  	req.Header.Add("Content-Length", strconv.Itoa(len(data.Encode())))
    83  
    84  	resp, err := a.client.Do(req)
    85  	if err != nil {
    86  		log.Error("request super: ", zap.Error(err))
    87  		return false
    88  	}
    89  
    90  	defer resp.Body.Close()
    91  	io.Copy(ioutil.Discard, resp.Body)
    92  	if resp.StatusCode == http.StatusOK {
    93  		addCache(action, clientID, username, password, "")
    94  		return true
    95  	}
    96  
    97  	return false
    98  }
    99  
   100  // //CheckSuper check mqtt connect
   101  // func CheckSuper(clientID, username, password string) bool {
   102  // 	action := "connect"
   103  // 	{
   104  // 		aCache := checkCache(action, clientID, username, password, "")
   105  // 		if aCache != nil {
   106  // 			if aCache.password == password && aCache.username == username && aCache.action == action {
   107  // 				return true
   108  // 			}
   109  // 		}
   110  // 	}
   111  
   112  // 	data := url.Values{}
   113  // 	data.Add("username", username)
   114  // 	data.Add("clientid", clientID)
   115  // 	data.Add("password", password)
   116  
   117  // 	req, err := http.NewRequest("POST", config.SuperURL, strings.NewReader(data.Encode()))
   118  // 	if err != nil {
   119  // 		log.Error("new request super: ", zap.Error(err))
   120  // 		return false
   121  // 	}
   122  // 	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
   123  // 	req.Header.Add("Content-Length", strconv.Itoa(len(data.Encode())))
   124  
   125  // 	resp, err := httpClient.Do(req)
   126  // 	if err != nil {
   127  // 		log.Error("request super: ", zap.Error(err))
   128  // 		return false
   129  // 	}
   130  
   131  // 	defer resp.Body.Close()
   132  // 	io.Copy(ioutil.Discard, resp.Body)
   133  
   134  // 	if resp.StatusCode == http.StatusOK {
   135  // 		return true
   136  // 	}
   137  // 	return false
   138  // }
   139  
   140  // CheckACL check mqtt connect
   141  func (a *authHTTP) CheckACL(action, clientID, username, ip, topic string) bool {
   142  
   143  	{
   144  		aCache := checkCache(action, "", username, "", topic)
   145  		if aCache != nil {
   146  			if aCache.topic == topic && aCache.action == action {
   147  				return true
   148  			}
   149  		}
   150  	}
   151  
   152  	req, err := http.NewRequest("GET", config.ACLURL, nil)
   153  	if err != nil {
   154  		log.Error("get acl: ", zap.Error(err))
   155  		return false
   156  	}
   157  
   158  	data := req.URL.Query()
   159  
   160  	data.Add("username", username)
   161  	data.Add("topic", topic)
   162  	data.Add("access", action)
   163  	req.URL.RawQuery = data.Encode()
   164  	// fmt.Println("req:", req)
   165  	resp, err := a.client.Do(req)
   166  	if err != nil {
   167  		log.Error("request acl: ", zap.Error(err))
   168  		return false
   169  	}
   170  
   171  	defer resp.Body.Close()
   172  	io.Copy(ioutil.Discard, resp.Body)
   173  
   174  	if resp.StatusCode == http.StatusOK {
   175  		addCache(action, "", username, "", topic)
   176  		return true
   177  	}
   178  	return false
   179  }