-
Notifications
You must be signed in to change notification settings - Fork 45
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: 支持请求耗时告警策略实时修改 feat: 支持集群节点查看 feat: 调整部分插件变量命名 feat: 调整公共js文件路径 feat: 调整控制台展示名称错误 feat: 调整部分注释 feat: 负载和waf详情统计功能预告 feat: 事务日程调整 feat: 移除控制台调试日志 fix : 修复告警插件异常跳出问题
- Loading branch information
tsm
committed
Sep 15, 2022
1 parent
9c4499b
commit 21d46ba
Showing
100 changed files
with
2,402 additions
and
228 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -4,12 +4,15 @@ | |
| -- @author iamtsm | ||
| -- @email [email protected] | ||
|
|
||
| local cache = require("cache.tl_ops_cache_core"):new("tl-ops-auth"); | ||
| local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_plugin_auth") | ||
| local auth_constant = require("plugins.tl_ops_auth.tl_ops_plugin_constant") | ||
| local login_router = require("plugins.tl_ops_auth.login") | ||
| local constant_auth = require("plugins.tl_ops_auth.tl_ops_plugin_constant") | ||
| local login_router = require("plugins.tl_ops_auth.login_auth") | ||
| local cjson = require("cjson.safe") | ||
| local shared = tlops.plugin_shared | ||
| local utils = tlops.utils | ||
| local cjson = require("cjson.safe"); | ||
| cjson.encode_empty_table_as_object(false) | ||
|
|
||
| local _M = { | ||
| _VERSION = '0.01' | ||
|
|
@@ -21,10 +24,10 @@ function _M:new() | |
| return setmetatable({}, mt) | ||
| end | ||
|
|
||
| -- 添加登录态 | ||
| -- 获取登录态 | ||
| function _M:auth_get_session(id) | ||
|
|
||
| local key = auth_constant.cache_key.session .. id | ||
| local key = constant_auth.cache_key.session .. id | ||
|
|
||
| tlog:dbg("auth_get_session, key=",key) | ||
|
|
||
|
|
@@ -40,9 +43,21 @@ end | |
| -- 添加登录态 | ||
| function _M:auth_add_session(id, user) | ||
|
|
||
| local key = auth_constant.cache_key.session .. id | ||
| local login_str, _ = cache:get(constant_auth.cache_key.login) | ||
| if not login_str then | ||
| tlog:err("auth_add_session get login cache err login_str=",login_str,",err=",_) | ||
| return | ||
| end | ||
|
|
||
| local login, _ = cjson.decode(login_str) | ||
| if not login then | ||
| tlog:err("auth_add_session decode login cache err login=",login,",err=",_) | ||
| return | ||
| end | ||
|
|
||
| local key = constant_auth.cache_key.session .. id | ||
| local value = cjson.encode(user) | ||
| local time = auth_constant.login.auth_time | ||
| local time = login.auth_time | ||
|
|
||
| tlog:dbg("auth_add_session, key=",key,",value=",value,",time=",time) | ||
|
|
||
|
|
@@ -57,7 +72,7 @@ end | |
| -- 删除登录态 | ||
| function _M:auth_del_session(id) | ||
|
|
||
| local key = auth_constant.cache_key.session .. id | ||
| local key = constant_auth.cache_key.session .. id | ||
|
|
||
| tlog:dbg("auth_del_session, key=",key) | ||
|
|
||
|
|
@@ -71,7 +86,7 @@ end | |
|
|
||
|
|
||
| local uri_in_intercept_uri = function(ctx) | ||
| for i, intercept_uri in ipairs(auth_constant.login.intercept) do | ||
| for i, intercept_uri in ipairs(constant_auth.login.intercept) do | ||
| if ngx.re.find(ctx.request_uri, intercept_uri, 'jo') then | ||
| return true | ||
| end | ||
|
|
@@ -82,8 +97,20 @@ end | |
|
|
||
| function _M:auth_core(ctx) | ||
|
|
||
| local login_str, _ = cache:get(constant_auth.cache_key.login) | ||
| if not login_str then | ||
| tlog:err("auth_core get login cache err login_str=",login_str,",err=",_) | ||
| return | ||
| end | ||
|
|
||
| local login, _ = cjson.decode(login_str) | ||
| if not login then | ||
| tlog:err("auth_core decode login cache err login=",login,",err=",_) | ||
| return | ||
| end | ||
|
|
||
| -- 处理白名单 | ||
| for i, filter_ui in ipairs(auth_constant.login.filter) do | ||
| for i, filter_ui in ipairs(login.filter) do | ||
| if ngx.re.find(ctx.request_uri, filter_ui, 'jo') then | ||
| return | ||
| end | ||
|
|
@@ -96,7 +123,7 @@ function _M:auth_core(ctx) | |
|
|
||
| -- cookie校验 | ||
| local cookie_utils = require("lib.cookie"):new(); | ||
| local auth_cid, _ = cookie_utils:get(auth_constant.login.auth_cid); | ||
| local auth_cid, _ = cookie_utils:get(login.auth_cid); | ||
| if auth_cid ~= nil and auth_cid then | ||
| local session = self:auth_get_session(auth_cid) | ||
| if session then | ||
|
|
@@ -106,7 +133,7 @@ function _M:auth_core(ctx) | |
|
|
||
| -- header校验 | ||
| local headers = ngx.req.get_headers() | ||
| local auth_hid = headers[auth_constant.login.auth_hid] | ||
| local auth_hid = headers[login.auth_hid] | ||
| if auth_hid ~= nil then | ||
| local session = self:auth_get_session(auth_hid) | ||
| if session then | ||
|
|
@@ -117,9 +144,9 @@ function _M:auth_core(ctx) | |
| tlog:dbg("req uri no auth, uri=",ctx.request_uri) | ||
|
|
||
| utils:set_ngx_req_return_content( | ||
| auth_constant.login.code, | ||
| auth_constant.login.content, | ||
| auth_constant.login.content_type | ||
| login.code, | ||
| login.content, | ||
| login.content_type | ||
| ) | ||
| return | ||
| end | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| -- tl_ops_auth_get | ||
| -- en : get auth config/list | ||
| -- zn : 获取auth插件配置列表 | ||
| -- @author iamtsm | ||
| -- @email [email protected] | ||
|
|
||
| local cache = require("cache.tl_ops_cache_core"):new("tl-ops-auth"); | ||
| local constant_auth = require("plugins.tl_ops_auth.tl_ops_plugin_constant"); | ||
| local tl_ops_rt = tlops.constant.comm.tl_ops_rt; | ||
| local tl_ops_utils_func = tlops.utils | ||
| local cjson = require("cjson.safe"); | ||
| cjson.encode_empty_table_as_object(false) | ||
|
|
||
|
|
||
| local Router = function() | ||
|
|
||
| local list_str, _ = cache:get(constant_auth.cache_key.list); | ||
| if not list_str or list_str == nil then | ||
| tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.not_found, "not found list", _); | ||
| return; | ||
| end | ||
|
|
||
| local login_str, _ = cache:get(constant_auth.cache_key.login); | ||
| if not login_str or login_str == nil then | ||
| tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.not_found, "not found login", _); | ||
| return; | ||
| end | ||
|
|
||
| local res_data = {} | ||
| res_data[constant_auth.cache_key.list] = cjson.decode(list_str) | ||
| res_data[constant_auth.cache_key.login] = cjson.decode(login_str) | ||
|
|
||
| tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data); | ||
| end | ||
|
|
||
| return Router |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -4,14 +4,16 @@ | |
| -- @author iamtsm | ||
| -- @email [email protected] | ||
|
|
||
| local cache = require("cache.tl_ops_cache_core"):new("tl-ops-auth"); | ||
| local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_plugin_auth") | ||
| local auth_constant = require("plugins.tl_ops_auth.tl_ops_plugin_constant") | ||
| local constant_auth = require("plugins.tl_ops_auth.tl_ops_plugin_constant") | ||
| local auth = require("plugins.tl_ops_auth.auth") | ||
| local uuid = require("lib.jit-uuid") | ||
| local utils = tlops.utils | ||
| local shared = tlops.plugin_shared | ||
| local tl_ops_rt = tlops.constant.comm.tl_ops_rt | ||
|
|
||
| local cjson = require("cjson.safe"); | ||
| cjson.encode_empty_table_as_object(false) | ||
|
|
||
| local Router = function() | ||
|
|
||
|
|
@@ -27,18 +29,42 @@ local Router = function() | |
| return; | ||
| end | ||
|
|
||
| for i, user in ipairs(auth_constant.list) do | ||
| local login_str, _ = cache:get(constant_auth.cache_key.login) | ||
| if not login_str then | ||
| utils:set_ngx_req_return_ok(tl_ops_rt.args_error ,"auth login_str err3", _); | ||
| return | ||
| end | ||
|
|
||
| local login, _ = cjson.decode(login_str) | ||
| if not login then | ||
| utils:set_ngx_req_return_ok(tl_ops_rt.args_error ,"auth login err4", _); | ||
| return | ||
| end | ||
|
|
||
| local list_str, _ = cache:get(constant_auth.cache_key.list) | ||
| if not list_str then | ||
| utils:set_ngx_req_return_ok(tl_ops_rt.args_error ,"auth list_str err5", _); | ||
| return | ||
| end | ||
|
|
||
| local list, _ = cjson.decode(list_str) | ||
| if not list then | ||
| utils:set_ngx_req_return_ok(tl_ops_rt.args_error ,"auth list err6", _); | ||
| return | ||
| end | ||
|
|
||
| for i, user in ipairs(list) do | ||
| if user.username == username and user.password == password then | ||
| -- add cookie | ||
| local cookie_utils = require("lib.cookie"):new(); | ||
| local auth_cid = uuid() | ||
| cookie_utils:set({ | ||
| key = auth_constant.login.auth_cid, | ||
| key = login.auth_cid, | ||
| value = auth_cid, | ||
| path = "/", | ||
| domain = ngx.var.host, | ||
| httponly = true, | ||
| max_age = auth_constant.login.auth_time, | ||
| max_age = login.auth_time, | ||
| }) | ||
|
|
||
| -- add session | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,61 @@ | ||
| -- tl_ops_set_auth | ||
| -- en : set auth config/list | ||
| -- zn : 更新auth插件配置列表 | ||
| -- @author iamtsm | ||
| -- @email [email protected] | ||
|
|
||
| local snowflake = require("lib.snowflake"); | ||
| local cache = require("cache.tl_ops_cache_core"):new("tl-ops-auth"); | ||
| local constant_auth = require("plugins.tl_ops_auth.tl_ops_plugin_constant"); | ||
| local tl_ops_rt = tlops.constant.comm.tl_ops_rt; | ||
| local tl_ops_utils_func = tlops.utils | ||
| local cjson = require("cjson.safe"); | ||
| cjson.encode_empty_table_as_object(false) | ||
|
|
||
|
|
||
| local Router = function() | ||
|
|
||
| local change = "success" | ||
|
|
||
| local list, _ = tl_ops_utils_func:get_req_post_args_by_name(constant_auth.cache_key.list, 1); | ||
| if list then | ||
| -- 更新生成id | ||
| for _, user in ipairs(list) do | ||
| if not user.id or user.id == nil or user.id == '' then | ||
| user.id = snowflake.generate_id( 100 ) | ||
| end | ||
| if not user.updatetime or user.updatetime == nil or user.updatetime == '' then | ||
| user.updatetime = ngx.localtime() | ||
| end | ||
| if user.change and user.change == true then | ||
| user.updatetime = ngx.localtime() | ||
| user.change = nil | ||
| end | ||
| end | ||
|
|
||
| local res, _ = cache:set(constant_auth.cache_key.list, cjson.encode(list)); | ||
| if not res then | ||
| tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.error, "set list err ", _) | ||
| return; | ||
| end | ||
|
|
||
| change = "list" | ||
| end | ||
|
|
||
| local login, _ = tl_ops_utils_func:get_req_post_args_by_name(constant_auth.cache_key.login, 1); | ||
| if login then | ||
| local res, _ = cache:set(constant_auth.cache_key.login, cjson.encode(login)); | ||
| if not res then | ||
| tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.error, "set login err ", _) | ||
| return; | ||
| end | ||
|
|
||
| change = "login" | ||
| end | ||
|
|
||
| local res_data = {} | ||
|
|
||
| tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, change, res_data) | ||
| end | ||
|
|
||
| return Router |
Oops, something went wrong.