Open hoogw opened 5 years ago
Glad to see gohttpserver starts to support Casbin! Here are some materials for implementing a middleware/plugin/module based on Casbin: https://github.com/casbin/casbin#web-frameworks
Actually, support casbin is still in conversion. Because gohttpserver has its owner ACL. https://github.com/codeskyblue/gohttpserver#advanced-usage
@codeskyblue the current ACL is simple but crude.The user has to define .ghs.yml
under each path to define a policy rule. It doesn't work well if we grant permissions to folders with a naming pattern. And there's no roles at all.
For example, if I want to allow all users with LOG_ADMINS
role to be able to read all folders with leading log_
pattern, like: log_20190101
, log_20190102
, then there's no simple way to do this. I have to create .ghs.yml
for each folder.
But if using Casbin, it will be very simple. Just define a role called LOG_ADMINS
, then add users to it. Then write a rule like:
p, LOG_ADMINS, log_.*, (delete)|(upload)
,then it does everything for you.
Casbin has already be the de-facto ACL library for Golang's projects. Supporting it will free your hands from the trivial authz work and let you focus on the core value of gohttpserver.
I know you have many features want to added into this repo, but it make this repo hard to maintained. So even .ghs.yml
is too simple, I still keep it this way until I have plenty time to do Code refactoring.
can you make module to support cashbin, https://github.com/casbin/casbin
It is a good authentication library for golang
user management is a MUST have feature, open-id is NOT enough, must improve