OMC/be.ems
1
0
Fork 0
Code Issues Releases 3 Activity

fix: add new authenrization header

Browse Source
This commit is contained in:
simonzhangsz
2023-11-25 17:41:20 +08:00
parent e36ef6a339
commit 93a17a1c81
1 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
restagent/restagent.go
View File

@@ -19,6 +19,7 @@ import (
"ems.agt/lib/routes"
"ems.agt/restagent/config"
"ems.agt/src"
"ems.agt/src/framework/middleware"
libSession "ems.agt/src/lib_features/session"
"github.com/gin-gonic/gin"
)
@@ -73,7 +74,8 @@ func HttpListen(addr string, router http.Handler) {
}
}
func HttpListenTLS(addr, certFile, keyFile string, router http.Handler) {
func HttpListenTLS(addr, caFile, certFile, keyFile string, router http.Handler) {
HttpListenConfigTLS(addr, caFile, certFile, keyFile, router)
err := http.ListenAndServeTLS(addr, certFile, keyFile, router)
if err != nil {
fmt.Println("ListenAndServeTLS err:", err)
@@ -92,6 +94,7 @@ func HttpListenConfigTLS(addr, caFile, certFile, keyFile string, router http.Han
// 创建自定义的TLS配置
tlsConfig := &tls.Config{
MinVersion: 1,
ClientCAs: caCertPool,
ClientAuth: tls.RequireAndVerifyClientCert,
}
@@ -110,7 +113,8 @@ func HttpListenConfigTLS(addr, caFile, certFile, keyFile string, router http.Han
}
}
func HttpListenWebServerTLS(addr, certFile, keyFile string) {
func HttpListenWebServerTLS(addr, caFile, certFile, keyFile string) {
HttpListenConfigTLS(addr, caFile, certFile, keyFile, nil)
err := http.ListenAndServeTLS(addr, certFile, keyFile, nil)
if err != nil {
fmt.Println("ListenAndServeTLS err:", err)
@@ -173,6 +177,7 @@ func main() {
// 默认路由组
defaultUriGroup := app.Group(config.DefaultUriPrefix)
defaultUriGroup.Use(middleware.PreAuthorize(nil))
defaultUriGroup.Use(libSession.SessionHeader())
defaultUriGroup.Any("/*any", gin.WrapH(routes.NewRouter()))
// 可配置前缀路由组
@@ -188,7 +193,7 @@ func main() {
if rest.IPv4 != "" {
listen := rest.IPv4 + ":" + strconv.Itoa(int(rest.Port))
if strings.ToLower(rest.Scheme) == "https" {
go HttpListenTLS(listen, rest.CertFile, rest.KeyFile, app)
go HttpListenTLS(listen, rest.CaFile, rest.CertFile, rest.KeyFile, app)
} else {
go HttpListen(listen, app)
}
@@ -198,7 +203,7 @@ func main() {
if rest.IPv6 != "" {
listenv6 := "[" + rest.IPv6 + "]" + ":" + strconv.Itoa(int(rest.Port))
if strings.ToLower(rest.Scheme) == "https" {
go HttpListenTLS(listenv6, rest.CertFile, rest.KeyFile, app)
go HttpListenTLS(listenv6, rest.CaFile, rest.CertFile, rest.KeyFile, app)
} else {
go HttpListen(listenv6, app)
}
@@ -210,7 +215,7 @@ func main() {
http.Handle("/", fs)
for _, listen := range conf.WebServer.Listen {
if strings.ToLower(listen.Scheme) == "https" {
go HttpListenWebServerTLS(listen.Addr, listen.CertFile, listen.KeyFile)
go HttpListenWebServerTLS(listen.Addr, listen.CaFile, listen.CertFile, listen.KeyFile)
} else {
go HttpListenWebServer(listen.Addr)
}