Added session middleware, updated casbin middlware

vishr · vishr · commit bcde4c74f28c · 2017-06-21T23:13:50.000-07:00
Signed-off-by: Vishal Rana &lt;vr@labstack.com&gt;
diff --git a/Gopkg.lock b/Gopkg.lock
diff --git a/README.md b/README.md
@@ -4,4 +4,5 @@
 
 ## Packages
 
-- Casbin (https://github.com/casbin/casbin) by [@hsluoyz](https://github.com/hsluoyz)
+- `casbin` (https://github.com/casbin/casbin) by [@hsluoyz](https://github.com/hsluoyz)
+- `session` (Session middleware backed by https://github.com/gorilla/sessions) by [@vishr](https://github.com/vishr)
diff --git a/casbin/casbin.go b/casbin/casbin.go
@@ -14,7 +14,7 @@ Simple example:
 		e := echo.New()
 
 		// Mediate the access for every request
-		e.Use(casbin-mw.Auth(casbin.NewEnforcer("auth_model.conf", "auth_policy.csv")))
+		e.Use(casbin-mw.Middleware(casbin.NewEnforcer("auth_model.conf", "auth_policy.csv")))
 
 		e.Logger.Fatal(e.Start(":1323"))
 	}
@@ -36,7 +36,7 @@ Advanced example:
 
 		e := echo.New()
 
-		echo.Use(casbin-mw.Auth(ce))
+		echo.Use(casbin-mw.Middleware(ce))
 
 		e.Logger.Fatal(e.Start(":1323"))
 	}
@@ -51,39 +51,40 @@ import (
 )
 
 type (
-	// AuthConfig defines the config for CasbinAuth middleware.
-	AuthConfig struct {
+	// Config defines the config for CasbinAuth middleware.
+	Config struct {
 		// Skipper defines a function to skip middleware.
 		Skipper middleware.Skipper
+
 		// Enforcer CasbinAuth main rule.
 		// Required.
 		Enforcer *casbin.Enforcer
 	}
 )
 
 var (
-	// DefaultAuthConfig is the default CasbinAuth middleware config.
-	DefaultAuthConfig = AuthConfig{
+	// DefaultConfig is the default CasbinAuth middleware config.
+	DefaultConfig = Config{
 		Skipper: middleware.DefaultSkipper,
 	}
 )
 
-// Auth returns an Auth middleware.
+// Middleware returns a CasbinAuth middleware.
 //
 // For valid credentials it calls the next handler.
 // For missing or invalid credentials, it sends "401 - Unauthorized" response.
-func Auth(ce *casbin.Enforcer) echo.MiddlewareFunc {
-	c := DefaultAuthConfig
+func Middleware(ce *casbin.Enforcer) echo.MiddlewareFunc {
+	c := DefaultConfig
 	c.Enforcer = ce
-	return AuthWithConfig(c)
+	return MiddlewareWithConfig(c)
 }
 
-// AuthWithConfig returns a CasbinAuth middleware with config.
-// See `Auth()`.
-func AuthWithConfig(config AuthConfig) echo.MiddlewareFunc {
+// MiddlewareWithConfig returns a CasbinAuth middleware with config.
+// See `Middleware()`.
+func MiddlewareWithConfig(config Config) echo.MiddlewareFunc {
 	// Defaults
 	if config.Skipper == nil {
-		config.Skipper = DefaultAuthConfig.Skipper
+		config.Skipper = DefaultConfig.Skipper
 	}
 
 	return func(next echo.HandlerFunc) echo.HandlerFunc {
@@ -99,14 +100,14 @@ func AuthWithConfig(config AuthConfig) echo.MiddlewareFunc {
 
 // GetUserName gets the user name from the request.
 // Currently, only HTTP basic authentication is supported
-func (a *AuthConfig) GetUserName(c echo.Context) string {
+func (a *Config) GetUserName(c echo.Context) string {
 	username, _, _ := c.Request().BasicAuth()
 	return username
 }
 
 // CheckPermission checks the user/method/path combination from the request.
 // Returns true (permission granted) or false (permission forbidden)
-func (a *AuthConfig) CheckPermission(c echo.Context) bool {
+func (a *Config) CheckPermission(c echo.Context) bool {
 	user := a.GetUserName(c)
 	method := c.Request().Method
 	path := c.Request().URL.Path
diff --git a/casbin/casbin_test.go b/casbin/casbin_test.go
@@ -15,7 +15,7 @@ func testRequest(t *testing.T, ce *casbin.Enforcer, user string, path string, me
 	req.SetBasicAuth(user, "secret")
 	res := httptest.NewRecorder()
 	c := e.NewContext(req, res)
-	h := Auth(ce)(func(c echo.Context) error {
+	h := Middleware(ce)(func(c echo.Context) error {
 		return c.String(http.StatusOK, "test")
 	})
 
diff --git a/session/session.go b/session/session.go
@@ -0,0 +1,61 @@
+package session
+
+import (
+	"github.com/gorilla/sessions"
+	"github.com/labstack/echo"
+	"github.com/labstack/echo/middleware"
+)
+
+type (
+	// Config defines the config for CasbinAuth middleware.
+	Config struct {
+		// Skipper defines a function to skip middleware.
+		Skipper middleware.Skipper
+
+		// Session store.
+		// Required.
+		Store sessions.Store
+	}
+)
+
+var (
+	// DefaultConfig is the default Session middleware config.
+	DefaultConfig = Config{
+		Skipper: middleware.DefaultSkipper,
+	}
+)
+
+// Get returns a named session.
+func Get(name string, c echo.Context) (*sessions.Session, error) {
+	store := c.Get("_session_store").(sessions.Store)
+	return store.Get(c.Request(), name)
+}
+
+// Middleware returns a Session middleware.
+func Middleware(store sessions.Store) echo.MiddlewareFunc {
+	c := DefaultConfig
+	c.Store = store
+	return MiddlewareWithConfig(c)
+}
+
+// MiddlewareWithConfig returns a Sessions middleware with config.
+// See `Middleware()`.
+func MiddlewareWithConfig(config Config) echo.MiddlewareFunc {
+	// Defaults
+	if config.Skipper == nil {
+		config.Skipper = DefaultConfig.Skipper
+	}
+	if config.Store == nil {
+		panic("echo: session middleware requires store")
+	}
+
+	return func(next echo.HandlerFunc) echo.HandlerFunc {
+		return func(c echo.Context) error {
+			if config.Skipper(c) {
+				return next(c)
+			}
+			c.Set("_session_store", config.Store)
+			return next(c)
+		}
+	}
+}
diff --git a/session/session_test.go b/session/session_test.go
@@ -0,0 +1 @@
+package session
