golang 中间件的实现本质:
写一个func,接受handler并且返回handler
把私货写在func里面,从而实现把你要写的操作执行了之后,再把原有的流程进行下去
一个好的中间件有一个责任就是可插拔并且自足。
例子:
package main
import (
"fmt"
"github.com/devfeel/dotweb"
)
func main() {
app := dotweb.New()
// App注册中间件
app.Use(NewSessionAuth())
// 开启SESSION
app.HttpServer.SetEnabledSession(true)
// 设置路由 输出字符串 Hello Dotweb
app.HttpServer.GET("/", func(ctx dotweb.Context) error {
method := ctx.Request().Method
return ctx.WriteString("Hello Dotweb\n" + "Method:" + method)
})
//开启服务 端口号
fmt.Println("dotweb.StartServer => 8080")
err := app.StartServer(8080)
fmt.Println("dotweb.StartServer error => ", err)
}
// SessionAuth 结构体
type SessionAuth struct {
dotweb.BaseMiddlware
}
// Handle 处理程序
func (m *SessionAuth) Handle(ctx dotweb.Context) error {
fmt.Println("SessionID = ", ctx.SessionID(), " RequestURI = ", ctx.Request().RequestURI)
return m.Next(ctx)
}
// NewSessionAuth New
func NewSessionAuth() *SessionAuth {
sAuth := new(SessionAuth)
return sAu
}
Handle是什么时候被调用的?
我们看看BaseMiddlWare的源码:
// BaseMiddleware is the base struct, user defined middleware should extend this
type BaseMiddleware struct {
next Middleware
excludeRouters map[string]struct{}
}
func (bm *BaseMiddleware) SetNext(m Middleware) {
bm.next = m
}
func (bm *BaseMiddleware) Next(ctx Context) error {
httpCtx := ctx.(*HttpContext)
if httpCtx.middlewareStep == "" {
httpCtx.middlewareStep = middleware_App
}
if bm.next == nil {
if httpCtx.middlewareStep == middleware_App {
httpCtx.middlewareStep = middleware_Group
if len(httpCtx.RouterNode().GroupMiddlewares()) > 0 {
return httpCtx.RouterNode().GroupMiddlewares()[0].Handle(ctx)
}
}
if httpCtx.middlewareStep == middleware_Group {
httpCtx.middlewareStep = middleware_Router
if len(httpCtx.RouterNode().Middlewares()) > 0 {
return httpCtx.RouterNode().Middlewares()[0].Handle(ctx)
}
}
if httpCtx.middlewareStep == middleware_Router {
return httpCtx.Handler()(ctx)
}
} else {
// check exclude config
if ctx.RouterNode().Node().hasExcludeMiddleware && bm.next.HasExclude() {
if bm.next.ExistsExcludeRouter(ctx.RouterNode().Node().fullPath) {
return bm.next.Next(ctx)
}
}
return bm.next.Handle(ctx)
}
return n
}通过这个代码我们大概能看出:
BaseMiddleware其实是一个链表的node
中间件组成了一个链表,并且有不同的类型
有group中间件和普通中间件
根据当前ctx所处的处理步骤决定调用哪一个中间件
最后调用ctx的handler
自定义的middleware要继承 BaseMiddleware
并且实现handle
func (asm *ApiSignMiddleware) Handle(ctx dotweb.Context) error {
if sign := ctx.Request().QueryHeader("Sign"); len(sign) <= 0 {
return ctx.WriteJsonC(http.StatusBadRequest, models.Response{Err: common.ErrSignParams, Data: nil})
} else {
uri := ctx.Request().RequestURI
if index := strings.Index(uri, "?"); index != -1 {
uri = uri[:index]
}
if ok := checkSign(sign, uri); !ok {
return ctx.WriteJsonC(http.StatusBadRequest, models.Response{Err: common.ErrSignParams, Data: nil})
}
return asm.Next(ctx)
}
}这样就可以对传进来的Contex进行解析
分析一下blogserver里面用到的middleware:
CrosMiddleware
func (cm *CrosMiddleware) Handle(ctx dotweb.Context) error {
if strings.Contains(ctx.Request().RequestURI, "v1") && ctx.Request().Method != "OPTIONS" {
if sign := ctx.Request().QueryHeader("Sign"); len(sign) <= 0 {
return ctx.WriteJsonC(http.StatusBadRequest, models.Response{Err: common.ErrSignParams, Data: nil})
} else {
uri := ctx.Request().RequestURI
if index := strings.Index(uri, "?"); index != -1 {
uri = uri[:index]
}
if ok := checkSign(sign, uri); !ok {
return ctx.WriteJsonC(http.StatusBadRequest, models.Response{Err: common.ErrSignParams, Data: nil})
}
return cm.Next(ctx)
}
}
return cm.Next(ctx)
}CrosMiddleware 对uri的非参数部分调用checkSign
//验证签名 (requestUri(不含query)+secret)
func checkSign(sign, uri string) bool {
result := utils.Md5(uri + config.Config().SecretKey)
return result == sign
}传过来得header里面得sign值应该跟 uri + 配置文件里面的 SecretKey 取md5 一致