NATS源代码分析之auth目录
NATS是一个轻量的消息发布-订阅系统。NATS的核心是Event machine。
项目Server端源代码地址: github.com/nats-io/gnatsd
在auth目录中, multiuser.go plain.go token.go 本文一一记录
multisuer.go
1 // MultiUser Plain authentication is a basic username and password 2 type MultiUser struct { 3 users map[string]*server.User 4 }
其中User结构代码如下:
1 // For multiple accounts/users. 2 type User struct { 3 Username string `json:"user"` 4 Password string `json:"password"` 5 Permissions *Permissions `json:"permissions"` 6 } 7 8 // Authorization are the allowed subjects on a per 9 // publish or subscribe basis. 10 type Permissions struct { 11 Publish []string `json:"publish"` 12 Subscribe []string `json:"subscribe"` 13 }
server.auto.go中,与multouser结构关联,其代码如下:
// Auth is an interface for implementing authentication type Auth interface { // Check if a client is authorized to connect Check(c ClientAuth) bool } // ClientAuth is an interface for client authentication type ClientAuth interface { // Get options associated with a client GetOpts() *clientOpts // If TLS is enabled, TLS ConnectionState, nil otherwise GetTLSConnectionState() *tls.ConnectionState // Optionally map a user after auth. RegisterUser(*User) }
plain.go
Plain authentication is a basic username and password
type Plain struct { Username string Password string }
token.go
Token holds a string token used for authentication
// Token holds a string token used for authentication type Token struct { Token string } // Check authenticates a client from a token func (p *Token) Check(c server.ClientAuth) bool { opts := c.GetOpts() // Check to see if the token is a bcrypt hash if isBcrypt(p.Token) { if err := bcrypt.CompareHashAndPassword([]byte(p.Token), []byte(opts.Authorization)); err != nil { return false } } else if p.Token != opts.Authorization { return false } return true }
快速的执行是成功的关键!