ing
This commit is contained in:
parent
37fe2d08d0
commit
33dfa4bdcc
22
Dockerfile
Normal file
22
Dockerfile
Normal file
|
@ -0,0 +1,22 @@
|
|||
FROM alpine:3.7
|
||||
|
||||
# grab su-exec for easy step-down from root
|
||||
RUN apk add --no-cache curl
|
||||
|
||||
COPY _docker/config/* /etc/overflow/config/
|
||||
COPY _docker/bin/* /usr/local/overflow/bin/
|
||||
|
||||
RUN mkdir -p /etc/overflow/config; \
|
||||
mkdir -p /usr/local/overflow/bin; \
|
||||
mkdir -p /var/overflow/logs; \
|
||||
chmod +x /usr/local/overflow/bin/docker-entrypoint.sh /usr/local/overflow/bin/member_gateway_rest;
|
||||
|
||||
ENV TINI_VERSION='0.17.0'
|
||||
|
||||
# Use tini as subreaper in Docker container to adopt zombie processes
|
||||
RUN curl -fsSL https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini-static-amd64 -o /bin/tini && chmod +x /bin/tini
|
||||
|
||||
EXPOSE 80
|
||||
|
||||
ENTRYPOINT ["/bin/tini", "--"]
|
||||
CMD ["/usr/local/overflow/bin/docker-entrypoint.sh"]
|
4
_docker/bin/docker-entrypoint.sh
Normal file
4
_docker/bin/docker-entrypoint.sh
Normal file
|
@ -0,0 +1,4 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
exec /usr/local/overflow/bin/member_gateway_rest -config-dir=/etc/overflow/config
|
BIN
_docker/bin/member_gateway_rest
Executable file
BIN
_docker/bin/member_gateway_rest
Executable file
Binary file not shown.
30
_docker/config/config.json
Normal file
30
_docker/config/config.json
Normal file
|
@ -0,0 +1,30 @@
|
|||
{
|
||||
"serverHandler": {
|
||||
"name": "Member Gateway REST",
|
||||
"network": "tcp4",
|
||||
"address": ":80",
|
||||
"concurrency": 262144,
|
||||
"keepAlive": 60,
|
||||
"handshakeTimeout": 60,
|
||||
"maxMessageSize": 8192,
|
||||
"readBufferSize": 1024,
|
||||
"writeBufferSize": 1024,
|
||||
"readTimeout": 0,
|
||||
"writeTimeout": 0,
|
||||
"pongTimeout": 60,
|
||||
"pingTimeout": 10,
|
||||
"pingPeriod": 10,
|
||||
"enableCompression": false
|
||||
},
|
||||
"external": {
|
||||
"grpc": {
|
||||
"network": "tcp4",
|
||||
"address": "192.168.1.50:50006"
|
||||
},
|
||||
"redis": {
|
||||
"network": "tcp4",
|
||||
"address": "192.168.1.50:6379"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
51
_docker/config/overFlow-private.key
Normal file
51
_docker/config/overFlow-private.key
Normal file
|
@ -0,0 +1,51 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKgIBAAKCAgEAsmcQLI5ZQQThoePzL4dTwuAxqGPIfNCqTirQxZesyXTOEX3o
|
||||
QFLkd3s6dNHmFQIj1jVsFXDML5wRvv7YeI4a9wOrH+QR62KEzB6aT/yxSsVhNrLx
|
||||
kQ35Xd9keGmfyMRNr72iiP8Hrm+7O0x2vlGUQp8+jMCzDVNlFvE5V9iqjSv4Q/AH
|
||||
rURg5fH8JBIMZnhcz/kmNgWg2NByTFDiQXRjwBY5ts4Ylk8mZdAuumyiseXjE4l2
|
||||
JxdJJyRGqbx70wrC76MgTUvXEyw3MPSDGvN67PFYIJJwq5VpRNHeBMkNoPRWX6eE
|
||||
9M1VNY+/rXuUGdg2ZxBzykAUjhjR9Iq/hawPZR78TaJ/w5wCVb7L6xIDqXb2Jqhl
|
||||
FA4LHZmiDcR/m9Y2wI1DJkBeZpdxF1m19d5sxs3vNNKzNVquKEz1QBfKnLvPxBXK
|
||||
pUT+zliCdzu1D/VU+veqDtKI8dmmGflc5lXeDUYfPc7Kt4XLEZDSTBQlMgtkgE94
|
||||
ZcCJu6zdM3DrjPTh9OP5sG+/B5/KRYqZb4YpPGQ0TkXCaJjBtBEOM1FTk9/uhU/9
|
||||
b6lFbgc/quCkmz8Vxe5sJ98tXMi/F5q5n8ba90AKaLUUwhTAxWV69NXweYtIMtKI
|
||||
j7AuI7IuK64iIyW+CE6BAl0QOlMtgF2/EqKWltvmbYpb+YgWOYJwa8F8pj0CAwEA
|
||||
AQKCAgEApv52U17ECWqqUkHwB1Njgo0droQIzVz9rcHCPtNleAYQRqtW1a9CEN2W
|
||||
sHcyKgQgy4iiLceyOfabXe9rbh2G/CXA708rvuwvZmpXA/yDcHwmLW9/U8qC2+4a
|
||||
O+STHvkxxwl5tUcUR6Jq3m0K0cfHQj2R7WsLr7OacslGZgZ4T0ETWXS7muLg2R2U
|
||||
aadDWD/ekQalT/ggwhMMiodD4wUxwkKLr6Rnu3tHdBJVS0gZWvDXiBgqMxlG7o60
|
||||
XnoCZmAybOKDgBc3sci3uOmIN5gmPtkDJyossVBgg3z3l/8i9MECgPNsL0JtOn/e
|
||||
amO9FBwhgIQT/wPQudpd3cxqzpNqrCsCI6twWxWnvkmjGQ/ia2eSHwPnt5gzu+du
|
||||
FEt4ZNHJCYvPsd5Q18dr433M4aQxTB7ba7YCELy4Q3wBXXpwGDvf6+fo9GY0rJ41
|
||||
O7sCE2g2O9kGct12dD2saUZagXnHYJB3A9uSIMZ09o/mN2MZsIVx/umfbWWWcjug
|
||||
iLqHWTAXeR27LTGjcPiNCVDM95+G71e76k+mLRyKYzQrmREeU6tXKUhXi2IDMAZm
|
||||
tFKB2toLyoFrJLbTeVU8pv+PQK2iv5r7kQg14h2aaid3OyGubcvBGfORTuDR+rFF
|
||||
2wn6kBUooP0J3xKhzCnaIB8qtQGpOKd+WJtKW/WgtvT2TOjdoAECggEBANub/8+v
|
||||
mH/+OPPzA+9DgInynukt3knF+KVtZ9yEJYvrBP8eFYOIecPG000SRvfAoDJuqYc0
|
||||
yhfTWdDs1Yiw39SmP3ACgObBBRiEXXmWh1x9alytc0UTX1fh9mf5PocuxvWLtHCH
|
||||
SZ89lzs6Znu8di3aUWwMF7oU+ZF1TgAC9YUpS+SqRG6rV2RJ+TiJWJdS3BaQzhLe
|
||||
S7Ul4No7DByPnsTAJG82YARGi6EyBQA04kYB49dO+kAXNyQ6qNR89tchV9IAA6qz
|
||||
kR2ExgoA9c6kZUsexkS2ir1iuwjYUmHxhadJFUTGVzbgOcAbSBmUNEINM0CPgddi
|
||||
ttPaKMo80kUlKj0CggEBAM/3CkWa99j+T+oyoyLNiIWqfdktZaguDv+yxGV4rWx/
|
||||
rntRs6Dj0isTQYe3wgaeD7A6N618gS7etjI7q/wiw/0rknxyxLvQOTFLs/OWYcLs
|
||||
smsnbHBvMnWcjKaH50DUrBAQDP39vOcBIkeEwP4AcUnJXJW6T8HI9nqBqMCJ1MHv
|
||||
n16Fd6bnKM8AdiB6O8mLcPWVAN9aVy8CbL0G3EWV289+yDz9ftuxkOApfvIHfaHx
|
||||
EbuvE2xTIaANXcF6h1CK0izejXQLu/J7tE0j+G5oIe3bblIQvQmxVEzTKgv+S9qC
|
||||
6WqVBNFN0/Dll+HWrCYSP0XyRk5QzlN3lDSUCg+5LAECggEBALAkJoEZEVMPv/SC
|
||||
pVRCKxX6ANV8Ub+QR0fAQb7QSyE3htFs+sp+K1QI5C/8CenrmVH6CoWEpNeJUI/P
|
||||
ddHmNBFmqpkXmPX8OS8Z87NzNezMNwRQppTv3dgqSC3K7wkUTsZhoH9lM3rCtsrt
|
||||
o4d5eLx8UDQ+WsWIz0eI89/0f6KnpdSpcKvnR/gLkRZ0qxbsgdSjnnXp0IVh9UB0
|
||||
fdlmpGygxFhjH44uWw4WhYZN5HNMTsfB89x2AmdPmVydQor4lmy8UDSZRDqN5R3e
|
||||
+Ukd+JTRASvZ0dvnFacZgrJGOvIbHzEDeK5uGEPqXeEOSv/zgHk24Wi1J3kykObs
|
||||
86Y8Ee0CggEAZNrywVTpU/Ppf7O1CADTb7eCNtvcTBaiMYFZ27gNquu1C5tQ2PsD
|
||||
ht5czlvgneLzysxBCkKyR6+8floQC0Q09ke2T+I85LSTuAN1rvFEUgsGcA77eP+E
|
||||
YiNc1rpb/UXmeBfApUDz5rfXDwYjrks6pcUgwIBNg7ZZSoos88skQjVafbWOlIPQ
|
||||
d6tKnm+JJTIZww/TD365f1PWtkloc9q8ckGTDHkHl7Xig8O8C9Z0KCBIMFQ0wDkE
|
||||
uqEg0d8BVp8sVJRN13SFXpB9nVePeMPJiJf9RZFWjCfSsTtLTeuyj7MjTgwc/QCY
|
||||
g2BlKyI39HKu+tYHIJ3xoesBFgqhYoS0AQKCAQEA0E3oLbrGvq5U3SlDXmVzRNV6
|
||||
7vDhl9H7KJvNA4+C9XPDAyPNtzS1hYYlELSV4EW/G1GY9Mm0VSxLQrVMyhSCN/Ih
|
||||
Tj7t4xfAevjYoI2XtXwjmjxKYznaL2t99g8NAzeK27Pa/z0J9tm9Uxm2akweGqsI
|
||||
gJ6u7daFksV9JXQtbQ9nRmBQ1E7mYxjsTEDdPSEl+S4M4UjTE38OLpRZRv49vSNZ
|
||||
wFjOnrpEETJY/eMhyyUgR2LNM2hrvd95QvykLpzVFguNQlsqCxWL8D81RSdSmDF9
|
||||
xdYsAuVTkhDWXwJ8hV95QxlurTu4rJgLBQA5gfxi20m8dWlO5KsMGyYqak3oWg==
|
||||
-----END RSA PRIVATE KEY-----
|
14
_docker/config/overFlow-public.pem
Normal file
14
_docker/config/overFlow-public.pem
Normal file
|
@ -0,0 +1,14 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsmcQLI5ZQQThoePzL4dT
|
||||
wuAxqGPIfNCqTirQxZesyXTOEX3oQFLkd3s6dNHmFQIj1jVsFXDML5wRvv7YeI4a
|
||||
9wOrH+QR62KEzB6aT/yxSsVhNrLxkQ35Xd9keGmfyMRNr72iiP8Hrm+7O0x2vlGU
|
||||
Qp8+jMCzDVNlFvE5V9iqjSv4Q/AHrURg5fH8JBIMZnhcz/kmNgWg2NByTFDiQXRj
|
||||
wBY5ts4Ylk8mZdAuumyiseXjE4l2JxdJJyRGqbx70wrC76MgTUvXEyw3MPSDGvN6
|
||||
7PFYIJJwq5VpRNHeBMkNoPRWX6eE9M1VNY+/rXuUGdg2ZxBzykAUjhjR9Iq/hawP
|
||||
ZR78TaJ/w5wCVb7L6xIDqXb2JqhlFA4LHZmiDcR/m9Y2wI1DJkBeZpdxF1m19d5s
|
||||
xs3vNNKzNVquKEz1QBfKnLvPxBXKpUT+zliCdzu1D/VU+veqDtKI8dmmGflc5lXe
|
||||
DUYfPc7Kt4XLEZDSTBQlMgtkgE94ZcCJu6zdM3DrjPTh9OP5sG+/B5/KRYqZb4Yp
|
||||
PGQ0TkXCaJjBtBEOM1FTk9/uhU/9b6lFbgc/quCkmz8Vxe5sJ98tXMi/F5q5n8ba
|
||||
90AKaLUUwhTAxWV69NXweYtIMtKIj7AuI7IuK64iIyW+CE6BAl0QOlMtgF2/EqKW
|
||||
ltvmbYpb+YgWOYJwa8F8pj0CAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
8
build.sh
Executable file
8
build.sh
Executable file
|
@ -0,0 +1,8 @@
|
|||
#!/bin/bash
|
||||
|
||||
rm ./_docker/bin/member_gateway_rest
|
||||
CGO_ENABLED=0 go build -a --installsuffix cgo --ldflags="-s" -o ./_docker/bin/member_gateway_rest
|
||||
|
||||
docker build -t docker.loafle.net/overflow/member_gateway_rest:1.0.0 .
|
||||
|
||||
#docker push docker.loafle.net/overflow/member_gateway_rest:1.0.0
|
|
@ -3,9 +3,13 @@ package config
|
|||
import (
|
||||
occe "git.loafle.net/overflow/commons-go/config/external"
|
||||
ogrs "git.loafle.net/overflow/gateway_rest/server"
|
||||
"crypto/rsa"
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
ServerHandler *ogrs.ServerHandlers `json:"serverHandler"`
|
||||
External *occe.External `json:"external"`
|
||||
|
||||
VerifyKey *rsa.PublicKey
|
||||
SignKey *rsa.PrivateKey
|
||||
}
|
||||
|
|
11
docker-compose.yml
Normal file
11
docker-compose.yml
Normal file
|
@ -0,0 +1,11 @@
|
|||
version: "3"
|
||||
|
||||
services:
|
||||
member_gateway_rest:
|
||||
image: docker.loafle.net/overflow/member_gateway_rest:1.0.0
|
||||
container_name: member_gateway_rest
|
||||
# volumes:
|
||||
# - /service/redis/data/var/redis:/data
|
||||
# - /service/redis/data/usr/local/etc/redis/redis.conf:/usr/local/etc/redis/redis.conf
|
||||
ports:
|
||||
- "19080:80"
|
|
@ -11,3 +11,4 @@ import:
|
|||
- package: git.loafle.net/overflow/commons-go
|
||||
- package: github.com/dgrijalva/jwt-go
|
||||
version: ^3.2.0
|
||||
- package: git.loafle.net/commons/cors-go
|
||||
|
|
29
main.go
29
main.go
|
@ -14,6 +14,9 @@ import (
|
|||
"git.loafle.net/overflow/member_gateway_rest/config"
|
||||
"git.loafle.net/overflow/member_gateway_rest/server"
|
||||
"git.loafle.net/overflow/member_gateway_rest/service"
|
||||
"io/ioutil"
|
||||
"path"
|
||||
"github.com/dgrijalva/jwt-go"
|
||||
)
|
||||
|
||||
var (
|
||||
|
@ -35,6 +38,8 @@ func main() {
|
|||
logging.Logger().Panic(err)
|
||||
}
|
||||
|
||||
loadKey(*configDir, _config)
|
||||
|
||||
service.InitPackage()
|
||||
defer func() {
|
||||
service.DestroyPackage()
|
||||
|
@ -65,3 +70,27 @@ func main() {
|
|||
logging.Logger().Errorf("error: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
func loadKey(configDir string, _config *config.Config) {
|
||||
|
||||
signBytes, err := ioutil.ReadFile(path.Join(configDir, "overFlow-private.key"))
|
||||
if nil != err {
|
||||
logging.Logger().Panic(err)
|
||||
}
|
||||
|
||||
_config.SignKey, err = jwt.ParseRSAPrivateKeyFromPEM(signBytes)
|
||||
if nil != err {
|
||||
logging.Logger().Panic(err)
|
||||
}
|
||||
|
||||
verifyBytes, err := ioutil.ReadFile(path.Join(configDir, "overFlow-public.pem"))
|
||||
if nil != err {
|
||||
logging.Logger().Panic(err)
|
||||
}
|
||||
|
||||
_config.VerifyKey, err = jwt.ParseRSAPublicKeyFromPEM(verifyBytes)
|
||||
if nil != err {
|
||||
logging.Logger().Panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -5,6 +5,8 @@ import (
|
|||
oge "git.loafle.net/overflow/gateway/external"
|
||||
ogrs "git.loafle.net/overflow/gateway_rest/server"
|
||||
"git.loafle.net/overflow/member_gateway_rest/config"
|
||||
"github.com/valyala/fasthttp"
|
||||
ccf "git.loafle.net/commons/cors-go/fasthttp"
|
||||
)
|
||||
|
||||
type ServerHandler interface {
|
||||
|
@ -15,6 +17,7 @@ type ServerHandlers struct {
|
|||
ogrs.ServerHandlers
|
||||
|
||||
Config *config.Config
|
||||
corsHandler ccf.Cors
|
||||
}
|
||||
|
||||
func (sh *ServerHandlers) Init(serverCtx cs.ServerCtx) error {
|
||||
|
@ -23,6 +26,8 @@ func (sh *ServerHandlers) Init(serverCtx cs.ServerCtx) error {
|
|||
}
|
||||
oge.InitPackage(sh.Config.External)
|
||||
|
||||
sh.corsHandler = ccf.AllowAll()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
@ -47,3 +52,7 @@ func (sh *ServerHandlers) Destroy(serverCtx cs.ServerCtx) {
|
|||
|
||||
sh.ServerHandlers.Destroy(serverCtx)
|
||||
}
|
||||
|
||||
func (sh *ServerHandlers) CheckOrigin(ctx *fasthttp.RequestCtx) bool {
|
||||
return sh.corsHandler.Handle(ctx)
|
||||
}
|
||||
|
|
|
@ -11,6 +11,10 @@ import (
|
|||
|
||||
func NewServer(_config *config.Config) *cswf.Server {
|
||||
|
||||
cdr.RegisterResource("VerifyKey", _config.VerifyKey)
|
||||
cdr.RegisterResource("SignKey", _config.SignKey)
|
||||
|
||||
|
||||
services, err := cdr.GetInstancesByAnnotationType(oca.RESTServiceAnnotationType)
|
||||
if nil != err {
|
||||
logging.Logger().Panic(err)
|
||||
|
|
|
@ -5,56 +5,34 @@ import (
|
|||
"crypto/rsa"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"reflect"
|
||||
"time"
|
||||
|
||||
cda "git.loafle.net/commons/di-go/annotation"
|
||||
cdr "git.loafle.net/commons/di-go/registry"
|
||||
logging "git.loafle.net/commons/logging-go"
|
||||
"git.loafle.net/commons/logging-go"
|
||||
"git.loafle.net/commons/server-go"
|
||||
_ "git.loafle.net/overflow/commons-go/annotation"
|
||||
"git.loafle.net/overflow/gateway/external/grpc"
|
||||
"github.com/valyala/fasthttp"
|
||||
|
||||
jwt "github.com/dgrijalva/jwt-go"
|
||||
"github.com/dgrijalva/jwt-go"
|
||||
"net/url"
|
||||
)
|
||||
|
||||
var (
|
||||
verifyKey *rsa.PublicKey
|
||||
signKey *rsa.PrivateKey
|
||||
)
|
||||
|
||||
var MemberServiceType = reflect.TypeOf((*MemberService)(nil))
|
||||
|
||||
func init() {
|
||||
func init() {
|
||||
cdr.RegisterType(MemberServiceType)
|
||||
|
||||
signBytes, err := ioutil.ReadFile("overFlow-private.key")
|
||||
if nil != err {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
signKey, err = jwt.ParseRSAPrivateKeyFromPEM(signBytes)
|
||||
if nil != err {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
verifyBytes, err := ioutil.ReadFile("overFlow-public.pem")
|
||||
if nil != err {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
verifyKey, err = jwt.ParseRSAPublicKeyFromPEM(verifyBytes)
|
||||
if nil != err {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
type MemberService struct {
|
||||
cda.TypeAnnotation `annotation:"@overflow:RESTService()"`
|
||||
|
||||
VerifyKey *rsa.PublicKey `annotation:"@Resource(name='VerifyKey')"`
|
||||
SignKey *rsa.PrivateKey `annotation:"@Resource(name='SignKey')"`
|
||||
|
||||
_Signin cda.MethodAnnotation `annotation:"@overflow:RequestMapping(method='POST', entry='/account/signin', params='[signinID, signinPW]')"`
|
||||
_SigninByCookie cda.MethodAnnotation `annotation:"@overflow:RequestMapping(method='POST', entry='/account/signin_cookie', params='[authToken]')"`
|
||||
_Signup cda.MethodAnnotation `annotation:"@overflow:RequestMapping(method='POST', entry='/account/signup', params='[member, pw]')"`
|
||||
|
@ -102,7 +80,7 @@ func (ms *MemberService) Signin(servletCtx server.ServletCtx, ctx *fasthttp.Requ
|
|||
claims["sub"] = signinID
|
||||
|
||||
/* Sign the token with our secret */
|
||||
tokenString, err := token.SignedString(signKey)
|
||||
tokenString, err := token.SignedString(ms.SignKey)
|
||||
if nil != err {
|
||||
return err
|
||||
}
|
||||
|
@ -137,7 +115,7 @@ func (ms *MemberService) SigninByCookie(servletCtx server.ServletCtx, ctx *fasth
|
|||
}
|
||||
|
||||
// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
|
||||
return verifyKey, nil
|
||||
return ms.VerifyKey, nil
|
||||
})
|
||||
if nil != err {
|
||||
return err
|
||||
|
|
Loading…
Reference in New Issue
Block a user