feat[Https]: added https support (go-admin-team#113)

cmd/api/server.go

@@ -84,8 +84,14 @@ func run() error {
 
 	go func() {
 		// 服务连接
-		if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
-			log.Fatalf("listen: %s\n", err)
+		if config2.ApplicationConfig.IsHttps {
+			if err := srv.ListenAndServeTLS(config2.SslConfig.Pem, config2.SslConfig.KeyStr); err != nil && err != http.ErrServerClosed {
+				log.Fatalf("listen: %s\n", err)
+			}
+		} else {
+			if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
+				log.Fatalf("listen: %s\n", err)
+			}
 		}
 	}()
 	content, _ := ioutil.ReadFile("./static/go-admin.txt")

config/settings.yml

@@ -6,6 +6,11 @@ settings:
     port: 8000
     readtimeout: 1
     writertimeout: 2
+    domain: localhost:8000
+    ishttps: false
+  ssl:
+    key: keystring
+    pem: temp/pem.pem
   log:
     dir: temp/logs
   jwt:

go.mod

@@ -20,7 +20,6 @@ require (
 	github.com/json-iterator/go v1.1.8 // indirect
 	github.com/mailru/easyjson v0.7.1 // indirect
 	github.com/mattn/go-isatty v0.0.10 // indirect
-	github.com/mitchellh/go-homedir v1.1.0
 	github.com/mojocn/base64Captcha v1.3.1
 	github.com/mssola/user_agent v0.5.1
 	github.com/pkg/errors v0.8.1
@@ -29,11 +28,11 @@ require (
 	github.com/shirou/gopsutil v2.20.3+incompatible
 	github.com/sirupsen/logrus v1.2.0
 	github.com/spf13/cobra v1.0.0
-	github.com/spf13/pflag v1.0.3
 	github.com/spf13/viper v1.6.2
 	github.com/swaggo/gin-swagger v1.2.0
 	github.com/swaggo/swag v1.6.5
 	github.com/ugorji/go v1.1.7 // indirect
+	github.com/unrolled/secure v1.0.8
 	golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59
 	golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e // indirect
 	golang.org/x/tools v0.0.0-20200402223321-bcf690261a44 // indirect

go.sum

@@ -300,8 +300,12 @@ github.com/ugorji/go/codec v1.1.5-pre h1:5YV9PsFAN+ndcCtTM7s60no7nY7eTG3LPtxhSwu
 github.com/ugorji/go/codec v1.1.5-pre/go.mod h1:tULtS6Gy1AE1yCENaw4Vb//HLH5njI2tfCQDUqRd8fI=
 github.com/ugorji/go/codec v1.1.7 h1:2SvQaVZ1ouYrrKKwoSk2pzd4A9evlKJb9oTL+OaLUSs=
 github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY=
+github.com/unrolled/secure v1.0.8 h1:JaMvKbe4CRt8oyxVXn+xY+6jlqd7pyJNSVkmsBxxQsM=
+github.com/unrolled/secure v1.0.8/go.mod h1:fO+mEan+FLB0CdEnHf6Q4ZZVNqG+5fuLFnP8p0BXDPI=
 github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
 github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/urfave/negroni v1.0.0 h1:kIimOitoypq34K7TG7DUaJ9kq/N4Ofuwi1sjz0KipXc=
+github.com/urfave/negroni v1.0.0/go.mod h1:Meg73S6kFm/4PpbYdq35yYWoCZ9mS/YSx+lKnmiohz4=
 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=

handler/httpshandler.go

@@ -0,0 +1,21 @@
+package handler
+
+import (
+	"github.com/gin-gonic/gin"
+	"github.com/unrolled/secure"
+	"go-admin/tools/config"
+)
+
+func TlsHandler() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		secureMiddleware := secure.New(secure.Options{
+			SSLRedirect: true,
+			SSLHost:     config.ApplicationConfig.Domain,
+		})
+		err := secureMiddleware.Process(c.Writer, c.Request)
+		if err != nil {
+			return
+		}
+		c.Next()
+	}
+}

router/init_router.go

@@ -2,14 +2,19 @@ package router
 
 import (
 	"github.com/gin-gonic/gin"
+	"go-admin/handler"
 	"go-admin/middleware"
 	_ "go-admin/pkg/jwtauth"
 	"go-admin/tools"
+	config2 "go-admin/tools/config"
 )
 
 func InitRouter() *gin.Engine {
 
 	r := gin.New()
+	if config2.ApplicationConfig.IsHttps {
+		r.Use(handler.TlsHandler())
+	}
 	middleware.InitMiddleware(r)
 	// the jwt middleware
 	authMiddleware, err := middleware.AuthInit()

tools/config/application.go

@@ -11,19 +11,39 @@ type Application struct {
 	JwtSecret     string
 	Mode          string
 	DemoMsg       string
+	Domain        string
+	IsHttps       bool
 }
 
 func InitApplication(cfg *viper.Viper) *Application {
 	return &Application{
 		ReadTimeout:   cfg.GetInt("readTimeout"),
 		WriterTimeout: cfg.GetInt("writerTimeout"),
 		Host:          cfg.GetString("host"),
-		Port:          cfg.GetString("port"),
+		Port:          portDefault(cfg),
 		Name:          cfg.GetString("name"),
 		JwtSecret:     cfg.GetString("jwtSecret"),
 		Mode:          cfg.GetString("mode"),
 		DemoMsg:       cfg.GetString("demoMsg"),
+		Domain:        cfg.GetString("domain"),
+		IsHttps:       cfg.GetBool("ishttps"),
 	}
 }
 
 var ApplicationConfig = new(Application)
+
+func portDefault(cfg *viper.Viper) string {
+	if cfg.GetString("port") == "" {
+		return "8000"
+	} else {
+		return cfg.GetString("port")
+	}
+}
+
+func isHttpsDefault(cfg *viper.Viper) bool {
+	if cfg.GetString("ishttps") == "" ||  cfg.GetBool("ishttps") == false{
+		return false
+	} else {
+		return true
+	}
+}

tools/config/config.go

@@ -13,6 +13,7 @@ var cfgDatabase *viper.Viper
 var cfgApplication *viper.Viper
 var cfgJwt *viper.Viper
 var cfgLog *viper.Viper
+var cfgSsl *viper.Viper
 
 
 //载入配置文件
@@ -53,6 +54,12 @@ func ConfigSetup(path string) {
 		panic("config not found settings.log")
 	}
 	LogConfig = InitLog(cfgLog)
+
+	cfgSsl = viper.Sub("settings.ssl")
+	if cfgSsl == nil {
+		panic("config not found settings.ssl")
+	}
+	SslConfig = InitSsl(cfgSsl)
 }
 
 

tools/config/ssl.go

@@ -0,0 +1,17 @@
+package config
+
+import "github.com/spf13/viper"
+
+type Ssl struct {
+	KeyStr string
+	Pem    string
+}
+
+func InitSsl(cfg *viper.Viper) *Ssl {
+	return &Ssl{
+		KeyStr: cfg.GetString("key"),
+		Pem:    cfg.GetString("pem"),
+	}
+}
+
+var SslConfig = new(Ssl)