具有完美身份验证和路由的服务器端 Swift

Posted

技术标签:

【中文标题】具有完美身份验证和路由的服务器端 Swift【英文标题】:Server Side Swift with Perfect authentication and routes 【发布时间】:2017-05-31 17:07:29 【问题描述】:

我有设置为上传文件的服务器端 swift 项目。我正在尝试对项目进行身份验证,以便只能通过有效登录访问文件。

ma​​in.swift

import PerfectLib
import PerfectHTTP
import PerfectHTTPServer

import StORM
import SQLiteStORM
import PerfectTurnstileSQLite
import PerfectRequestLogger
import TurnstilePerfect

//StORMdebug = true

// Used later in script for the Realm and how the user authenticates.
let pturnstile = TurnstilePerfectRealm()


// Set the connection vatiable
//connect = SQLiteConnect("./authdb")
SQLiteConnector.db = "./authdb"
RequestLogFile.location = "./http_log.txt"

// Set up the Authentication table
let auth = AuthAccount()
try? auth.setup()

// Connect the AccessTokenStore
tokenStore = AccessTokenStore()
try? tokenStore?.setup()

//let facebook = Facebook(clientID: "CLIENT_ID", clientSecret: "CLIENT_SECRET")
//let google = Google(clientID: "CLIENT_ID", clientSecret: "CLIENT_SECRET")

// Create HTTP server.
let server = HTTPServer()

// Register routes and handlers
let authWebRoutes = makeWebAuthRoutes()
let authJSONRoutes = makeJSONAuthRoutes("/api/v1")

// Add the routes to the server.
server.addRoutes(authWebRoutes)
server.addRoutes(authJSONRoutes)

// Adding a test route
var routes = Routes()
var postHandle: [[String: Any]] = [[String: Any]]()
routes.add(method: .get, uri: "/api/v1/test", handler: AuthHandlersJSON.testHandler)
routes.add(method: .post, uri: "/", handler: 
    request, response in

    // Context variable, which also initializes the "files" array
    var context = ["files":[[String:String]]()]

    // Process only if request.postFileUploads is populated
    if let uploads = request.postFileUploads, uploads.count > 0 

        // iterate through the file uploads.
        for upload in uploads 

            // move file
            let thisFile = File(upload.tmpFileName)
            do 
                let _ = try thisFile.moveTo(path: "./webroot/uploads/\(upload.fileName)", overWrite: true)
             catch 
                print(error)
            
        
    

    // Inspect the uploads directory contents
    let d = Dir("./webroot/uploads")
    do
        try d.forEachEntry(closure: f in
            context["files"]?.append(["name":f])
        )
     catch 
        print(error)
    


    // Render the Mustache template, with context.
     response.render(template: "index", context: context)
    response.completed()
)
routes.add(method: .get, uri: "/", handler: 
    request, response in

    // Context variable, which also initializes the "files" array
    var context = ["files":[[String:String]]()]

    // Process only if request.postFileUploads is populated
    if let uploads = request.postFileUploads, uploads.count > 0 

        // iterate through the file uploads.
        for upload in uploads 

            // move file
            let thisFile = File(upload.tmpFileName)
            do 
                let _ = try thisFile.moveTo(path: "./webroot/uploads/\(upload.fileName)", overWrite: true)
             catch 
                print(error)
            
        
    

    // Inspect the uploads directory contents
    let d = Dir("./webroot/uploads")
    do
        try d.forEachEntry(closure: f in
            context["files"]?.append(["name":f])
        )
     catch 
        print(error)
    

    var resp = [String: String]()
    resp["authenticated"] = "AUTHED: \(request.user.authenticated)"
    // Render the Mustache template, with context.
    response.render(template: "index", context: resp)
    response.completed()
)
routes.add(method: .get, uri: "/**", handler: try PerfectHTTPServer.HTTPHandler.staticFiles(data: ["documentRoot":"./webroot",
                                                                                    "allowResponseFilters":true]))


// An example route where authentication will be enforced
routes.add(method: .get, uri: "/api/v1/check", handler: 
    request, response in
    response.setHeader(.contentType, value: "application/json")

    var resp = [String: String]()
    resp["authenticated"] = "AUTHED: \(request.user.authenticated)"
    resp["authDetails"] = "DETAILS: \(String(describing: request.user.authDetails))"

    do 
        try response.setBody(json: resp)
     catch 
        print(error)
    
    response.completed()
)


// An example route where auth will not be enforced
routes.add(method: .get, uri: "/api/v1/nocheck", handler: 
    request, response in
    response.setHeader(.contentType, value: "application/json")

    var resp = [String: String]()
    resp["authenticated"] = "AUTHED: \(request.user.authenticated)"
    resp["authDetails"] = "DETAILS: \(String(describing: request.user.authDetails))"

    do 
        try response.setBody(json: resp)
     catch 
        print(error)
    
    response.completed()
)



// Add the routes to the server.
server.addRoutes(routes)


// Setup logging
let myLogger = RequestLogger()

// add routes to be checked for auth
var authenticationConfig = AuthenticationConfig()
authenticationConfig.include("/api/v1/check")
authenticationConfig.exclude("/api/v1/login")
authenticationConfig.exclude("/api/v1/register")

let authFilter = AuthFilter(authenticationConfig)

// Note that order matters when the filters are of the same priority level
server.setRequestFilters([pturnstile.requestFilter])
server.setResponseFilters([pturnstile.responseFilter])

server.setRequestFilters([(authFilter, .high)])

server.setRequestFilters([(myLogger, .high)])
server.setResponseFilters([(myLogger, .low)])

// Set a listen port of 8181
server.serverPort = 8181

// Where to serve static files from
server.documentRoot = "./webroot"

do 
    // Launch the HTTP server.
    try server.start()
 catch PerfectError.networkError(let err, let msg) 
    print("Network error thrown: \(err) \(msg)")

如果我将上下文更改为上下文,我会陷入一个循环,就像即使在成功登录后我也没有登录一样。如果我更改上下文:为了响应,我会陷入始终登录状态并且看不到文件。

    var resp = [String: String]()
    resp["authenticated"] = "AUTHED: \(request.user.authenticated)"
    // Render the Mustache template, with context.
    response.render(template: "index", context: resp)
    response.completed()

index.mustache

>header

^authenticated
<h1>Hi! Sign up today!</h1>
/authenticated
#authenticated
<h1>Hi! username</h1>
<p>Your ID is: <code>accountID</code></p>
<h2>File uploads</h2>
<form method="POST" enctype="multipart/form-data" action="">
File to upload: <input type="file" name="fileup"><br>
<input type="submit" value="Upload files now.">
</form>

<h3>Files:</h3>
#files<a href="/uploads/name">name</a><br>/files
/authenticated



>footer

更新

我即将让网站按照我想要的方式运行。代码打击显示了我所做的更改以及我需要克服的新障碍。哪个是如何在同一个render 中使用两个不同的上下文?

routes.add(method: .get, uri: "/", handler:  request, response in

    if request.user.authenticated == true 
        guard let accountID = request.user.authDetails?.account.uniqueID else  return 

        do 
            let newDir = Dir("./webroot/uploads/\(String(describing: accountID))")
            let _ = try newDir.create()
         catch 

        
        // Context variable, which also initializes the "files" array
        var context = ["files":[[String:String]]()]

        // Process only if request.postFileUploads is populated
        if let uploads = request.postFileUploads, uploads.count > 0 

            // iterate through the file uploads.
            for upload in uploads 

                // move file
                let thisFile = File(upload.tmpFileName)
                do 
                    let _ = try thisFile.moveTo(path: "./webroot/uploads/\(String(describing: accountID))/\(upload.fileName)", overWrite: true)
                 catch 
                    print(error)
                
            
        

        // Inspect the uploads directory contents
        let d = Dir("./webroot/uploads/\(String(describing: accountID))")
        do
            try d.forEachEntry(closure: f in
                context["files"]?.append(["name":f])
            )
         catch 
            print(error)
        
        let setID = [["accountID": accountID]]
        var dic = [String: String]()
        for item in setID 
            for (kind, value) in item 
                dic.updateValue(value, forKey: kind)
            
        

        var context1 = ["files":String()]
        context1.updateValue(accountID, forKey: "accountID")
        // Render the Mustache template, with context.
        response.render(template: "loggedin", context: context) // I only get this context info. 
        response.render(template: "loggedin", context: context1) // This is ignored unless I comment out the line above. 
        response.completed()

     else 
        response.render(template: "index")
        response.completed()

    
)

还更改了这部分代码。

var authenticationConfig = AuthenticationConfig()
authenticationConfig.include("/api/v1/check")
authenticationConfig.include("/loggedin") // Added this line
authenticationConfig.exclude("/api/v1/login")
authenticationConfig.exclude("/api/v1/register")

【问题讨论】:

你看过这里的演示吗? github.com/PerfectExamples/Perfect-Turnstile-SQLite-Demo 可能是一个很好的起点。我认为您缺少一些组件,但没有看到您的结构,很难衡量抱歉。谢谢,乔诺 【参考方案1】:

如果您查看以下部分:

var authenticationConfig = AuthenticationConfig()
authenticationConfig.include("/api/v1/check")
authenticationConfig.exclude("/api/v1/login")
authenticationConfig.exclude("/api/v1/register")

您可以在此处主动包含或排除对身份验证状态的检查。

您要从身份验证检查中排除的路由应始终具有主路由和登录/注册。然后你可以专门包含路由,或者使用通配符。

【讨论】:

【参考方案2】:

这是基于Perfect-Turnstile-SQLite-Demo 和该项目的一部分File-Uploads。目标是创建一个基于用户登录的 Swift 服务器端应用程序,它将创建一个私有目录供用户上传文件。

ma​​in.swift

//
//  main.swift
//  PerfectTurnstileSQLiteDemo
//
//  Created by Jonathan Guthrie on 2016-10-11.
//  Copyright (C) 2015 PerfectlySoft, Inc.
//
//===----------------------------------------------------------------------===//
//
// This source file is part of the Perfect.org open source project
//
// Copyright (c) 2015 - 2016 PerfectlySoft Inc. and the Perfect project authors
// Licensed under Apache License v2.0
//
// See http://perfect.org/licensing.html for license information
//
//===----------------------------------------------------------------------===//
//

import PerfectLib
import PerfectHTTP
import PerfectHTTPServer

import StORM
import SQLiteStORM
import PerfectTurnstileSQLite
import PerfectRequestLogger
import TurnstilePerfect

//StORMdebug = true

// Used later in script for the Realm and how the user authenticates.
let pturnstile = TurnstilePerfectRealm()


// Set the connection vatiable
//connect = SQLiteConnect("./authdb")
SQLiteConnector.db = "./authdb"
RequestLogFile.location = "./http_log.txt"


// Set up the Authentication table
let auth = AuthAccount()
try? auth.setup()

// Connect the AccessTokenStore
tokenStore = AccessTokenStore()
try? tokenStore?.setup()

//let facebook = Facebook(clientID: "CLIENT_ID", clientSecret: "CLIENT_SECRET")
//let google = Google(clientID: "CLIENT_ID", clientSecret: "CLIENT_SECRET")

// Create HTTP server.
let server = HTTPServer()

// Register routes and handlers
let authWebRoutes = makeWebAuthRoutes()
let authJSONRoutes = makeJSONAuthRoutes("/api/v1")

// Add the routes to the server.
server.addRoutes(authWebRoutes)
server.addRoutes(authJSONRoutes)

// Adding a test route
var routes = Routes()
routes.add(method: .get, uri: "/api/v1/test", handler: AuthHandlersJSON.testHandler)
routes.add(method: .post, uri: "/", handler: 
    request, response in


    if request.user.authenticated == true 
        guard let accountID = request.user.authDetails?.account.uniqueID else  return 

        do 
            let newDir = Dir("./webroot/uploads/\(String(describing: accountID))")
            let _ = try newDir.create()
         catch 

        
        // Context variable, which also initializes the "files" array
        var context = ["files":[[String:String]]()]

        // Process only if request.postFileUploads is populated
        if let uploads = request.postFileUploads, uploads.count > 0 

            // iterate through the file uploads.
            for upload in uploads 

                // move file
                let thisFile = File(upload.tmpFileName)
                do 
                    let _ = try thisFile.moveTo(path: "./webroot/uploads/\(String(describing: accountID))/\(upload.fileName)", overWrite: true)
                 catch 
                    print(error)
                
            
        

        // Inspect the uploads directory contents
        let d = Dir("./webroot/uploads/\(String(describing: accountID))")
        do
            try d.forEachEntry(closure: f in
                context["files"]?.append(["name":f])
            )
         catch 
            print(error)
        

        context["files"]?.append(["aID":accountID])
        // Render the Mustache template, with context.
        response.render(template: "loggedin", context: context)
        response.completed()

     else 
        response.render(template: "index")
        response.completed()

    
)
routes.add(method: .get, uri: "/", handler:  request, response in

    if request.user.authenticated == true 
        guard let accountID = request.user.authDetails?.account.uniqueID else  return 

        do 
            let newDir = Dir("./webroot/uploads/\(String(describing: accountID))")
            let _ = try newDir.create()
         catch 

        
        // Context variable, which also initializes the "files" array
        var context = ["files":[[String:String]]()]

        // Process only if request.postFileUploads is populated
        if let uploads = request.postFileUploads, uploads.count > 0 

            // iterate through the file uploads.
            for upload in uploads 

                // move file
                let thisFile = File(upload.tmpFileName)
                do 
                    let _ = try thisFile.moveTo(path: "./webroot/uploads/\(String(describing: accountID))/\(upload.fileName)", overWrite: true)
                 catch 
                    print(error)
                
            
        

        // Inspect the uploads directory contents
        let d = Dir("./webroot/uploads/\(String(describing: accountID))")
        do
            try d.forEachEntry(closure: f in
                context["files"]?.append(["name":f])
            )
         catch 
            print(error)
        

        context["files"]?.append(["aID":accountID])
        // Render the Mustache template, with context.
        response.render(template: "loggedin", context: context)
        response.completed()

     else 
        response.render(template: "index")
        response.completed()

    
)
routes.add(method: .get, uri: "/**", handler: try PerfectHTTPServer.HTTPHandler.staticFiles(data: ["documentRoot":"./webroot", "allowResponseFilters":true]))

// An example route where authentication will be enforced
routes.add(method: .get, uri: "/api/v1/check", handler: 
    request, response in
    response.setHeader(.contentType, value: "application/json")

    var resp = [String: String]()
    resp["authenticated"] = "AUTHED: \(request.user.authenticated)"
    resp["authDetails"] = "DETAILS: \(String(describing: request.user.authDetails))"

    do 
        try response.setBody(json: resp)
     catch 
        print(error)
    
    response.completed()
)


// An example route where auth will not be enforced
routes.add(method: .get, uri: "/api/v1/nocheck", handler: 
    request, response in
    response.setHeader(.contentType, value: "application/json")

    var resp = [String: String]()
    resp["authenticated"] = "AUTHED: \(request.user.authenticated)"
    resp["authDetails"] = "DETAILS: \(String(describing: request.user.authDetails))"

    do 
        try response.setBody(json: resp)
     catch 
        print(error)
    
    response.completed()
)



// Add the routes to the server.
server.addRoutes(routes)

// Setup logging
let myLogger = RequestLogger()

// add routes to be checked for auth
var authenticationConfig = AuthenticationConfig()
authenticationConfig.include("/api/v1/check")
authenticationConfig.exclude("/api/v1/login")
authenticationConfig.exclude("/api/v1/register")

let authFilter = AuthFilter(authenticationConfig)

// Note that order matters when the filters are of the same priority level
server.setRequestFilters([pturnstile.requestFilter])
server.setResponseFilters([pturnstile.responseFilter])

server.setRequestFilters([(authFilter, .high)])

server.setRequestFilters([(myLogger, .high)])
server.setResponseFilters([(myLogger, .low)])

// Set a listen port of 8181
server.serverPort = 8181

// Where to serve static files from
server.documentRoot = "./webroot"

do 
    // Launch the HTTP server.
    try server.start()
 catch PerfectError.networkError(let err, let msg) 
    print("Network error thrown: \(err) \(msg)")

header.mustache

<html>
  <head>
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
    <link href="/styles/jumbotron-narrow.css" rel="stylesheet">
    <title>title</title>
  </head>
  <body>
    <div class="container">
    <div class="header clearfix">
      <nav>
        <ul class="nav nav-pills pull-right">
          ^authenticated
          <li role="presentation"><a href="/login">Log In</a></li>
          /authenticated
          #authenticated
          <li role="presentation"><a href="javascript:;" onclick="var f=document.createElement('form');f.method='POST';f.action='/logout';f.submit();">Logout</a></li>
          /authenticated
        </ul>
      </nav>
<img id="logo" src="/images/perfect-logo-2-0.png"   >

      <h3 class="text-muted"><a href="/">Perfect Swift Secure File Upload</a></h3>
    </div>
    #flash
    <div class="alert alert-danger" role="alert">
      <span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
      <span class="sr-only">Error:</span>
      flash
    </div>
    /flash

index.mustache

>header

^authenticated
<h1>Hi! Sign up today!</h1>
/authenticated

>footer

loggedin.mustache

>header2


<h2>File uploads</h2>
<form method="POST" enctype="multipart/form-data" action="">
File to upload: <input type="file" name="fileup"><br>
<input type="submit" value="Upload files now.">
</form>
<code>#filesaID/files</code>
<h3>Files:</h3>
#files<a href="/uploads/#filesaID/files/name">name</a><br>/files
>footer

【讨论】:

以上是关于具有完美身份验证和路由的服务器端 Swift的主要内容,如果未能解决你的问题,请参考以下文章

如何通过 vue 路由器和服务器提供的 JWT 令牌管理用户身份验证?

具有无状态服务器且无服务器端呈现的 cookie 中的 JWT 身份验证

Kong Basic Auth 使用来自其他服务的身份验证来授权路由请求

React Router:处理角色身份验证

具有基本身份验证的 Apache 反向代理

在 Vue 路由解析之前访问 Vuex