如果某些权限检查失败,如何提前终止我的处理程序?
我正在寻找一种方法来实现权限检查功能,使用http
这个想法是有些API应该只由登录会话使用。
func CheckPermissionFilter(w http.ResponseWriter, r *http.Response){
sid, err := r.Cookie("sid")
// check the permission with sid, if permission is granted then just let the
// process go on, otherwise, just break the filter chain and return Http Error Code.
}
func SomeHttpHandler(w http.ResponseWriter, r *http.Response){
CheckPermissionFilter(w, r)
// if not breaked by above filter function, process the request...
}
我对权限检查没有问题,但我找不到破坏HTTP请求处理的方法。
动漫人物浏览 64回答 1
1回答
-
慕虎7371278
处理程序中的调用不能提前终止后者。相反,您应该定义为中间件(另请参阅装饰器模式):CheckPermissionFilterSomeHttpHandlerCheckPermissionFilterpackage mainimport ( "net/http")func main() { http.Handle("/foo", CheckPermissionFilter(SomeHttpHandler)) // ...}func CheckPermissionFilter(h http.HandlerFunc) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { sid, err := r.Cookie("sid") // handle err if !Validate(sid) { http.Error(w, "Unauthorized", http.StatusUnauthorized) return } h(w, r) })}func SomeHttpHandler(w http.ResponseWriter, r *http.Request) { // ...}func Validate(sid string) bool { return true // simplistic implementation for this example}
随时随地看视频慕课网APP
相关分类
Go