zoukankan      html  css  js  c++  java

  • Go Pentester

    Building Middleware with Negroni

    Reasons use middleware, including logging requests, authenticating and authorizing users, and mapping resources.

     Idiomatic HTTP Middleware for Golang. https://github.com/urfave/negroni

    Install the negroni package.

    go get github.com/urfave/negroni

    PS: How to solve the go get can not work in China. Following is the best solution so far. https://github.com/goproxy/goproxy.cn

    $ go env -w GO111MODULE=on
$ go env -w GOPROXY=https://goproxy.cn,direct

    Negroni example

    package main

import (
	"github.com/gorilla/mux"
	"github.com/urfave/negroni"
	"net/http"
)

func main() {
	r := mux.NewRouter()
	n := negroni.Classic()
	n.UseHandler(r)
	http.ListenAndServe(":8000",n)
}

    Build and execute this program.

     Create trivial middleware that prints a message and passes execution to the next middleware in the chain:

    package main

import (
	"fmt"
	"github.com/gorilla/mux"
	"github.com/urfave/negroni"
	"net/http"
)

type trivial struct {
}

func (t *trivial) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
	fmt.Println("Executing trivial middleware")
	next(w, r)
}

func main() {
	r := mux.NewRouter()
	n := negroni.Classic()
	n.UseHandler(r)
	n.Use(&trivial{})
	http.ListenAndServe(":8000",n)
}

    Build and test this new program.

    Adding Authentication with Negroni

    Use of context, which can easily pass variables between functions.  

    package main

import (
	"context"
	"fmt"
	"net/http"

	"github.com/gorilla/mux"
	"github.com/urfave/negroni"
)

type badAuth struct {
	Username string
	Password string
}

func (b *badAuth) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
	username := r.URL.Query().Get("username")
	password := r.URL.Query().Get("password")
	if username != b.Username && password !=b.Password {
		http.Error(w, "Unauthorized", 401)
		return
	}
	ctx := context.WithValue(r.Context(), "username", username)
	r = r.WithContext(ctx)
	next(w, r)
}

func hello(w http.ResponseWriter, r * http.Request) {
	username := r.Context().Value("username").(string)
	fmt.Fprintf(w, "Hi %s
", username)
}

func main() {
	r := mux.NewRouter()
	r.HandleFunc("/hello",hello).Methods("GET")
	n := negroni.Classic()
	n.Use(&badAuth{
		Username: "admin",
		Password: "password",
	})
	n.UseHandler(r)
	http.ListenAndServe(":8000", n)

}

    Build and excute this program. Then test it by sending a few requests to the server.

    curl -i http://localhost:8000/hello
curl -i 'http://localhost:8000/hello?username=admin&password=password'

     Logs on the server-side.

    相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。
  • 相关阅读:
    Kibana查询说明
    windows下安装python 且 安装pip
    pycharm编辑器,各种设置及配置修改
    用python输出未来时间,递增
    window 下python2.7与python3.5两版本共存设置
    python 运算符
    python 运算及注释
    js 实现动态的图片时钟
    js table的笔记,实现添加 td,实现搜索功能
    js实现图片无缝连接
  • 原文地址:https://www.cnblogs.com/keepmoving1113/p/12442563.html
Copyright © 2011-2022 走看看