增加配置,和定时操作初始化时将时间内容提前加载到内存中,用于后续的权限认证使用
This commit is contained in:
wanglei
parent
5660d561be
commit
32b50a90c1
|
|
@ -26,7 +26,7 @@ http {
|
|||
|
||||
#在Nginx启动时执行的Lua代码块
|
||||
#初始化用户角色权限相关的共享内存
|
||||
lua_shared_dict dictRBAC 50m;
|
||||
lua_shared_dict dict 10m;
|
||||
#init_by_lua_block {
|
||||
# -- 定义一个全局变量
|
||||
# ngx.log(ngx.INFO, "Initializing global variable")
|
||||
|
|
@ -37,7 +37,9 @@ http {
|
|||
#}
|
||||
#init_by_lua_block 与 init_by_lua_file 只能初始化其中的一个,不能同时启用
|
||||
#否则报错nginx: [emerg] "init_by_lua_file" directive is duplicate
|
||||
init_by_lua_file '/home/frankly/work/AuthPlatform/src/init.lua';
|
||||
#init_by_lua_file '/home/frankly/work/AuthPlatform/src/init.lua';
|
||||
|
||||
init_worker_by_lua_file '/home/frankly/work/AuthPlatform/src/init.lua';
|
||||
|
||||
server {
|
||||
listen 9080;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,11 @@ return {
|
|||
REDIS = {
|
||||
HOST = "127.0.0.1", -- redis host
|
||||
PORT = 6379, -- redis port
|
||||
PASSWORD = nil -- redis password
|
||||
PASSWORD = nil, -- redis password
|
||||
POOL_MAX_IDLE_TIME = 10000,
|
||||
POOL_TIMEOUT = 1000, -- pool timeout
|
||||
POOL_SIZE = 20, -- pool size
|
||||
TIMEOUT = 1000, -- timeout
|
||||
},
|
||||
|
||||
-- 配置PostgresSQL数据库连接
|
||||
|
|
|
|||
104
src/init.lua
104
src/init.lua
|
|
@ -9,15 +9,97 @@
|
|||
--]]
|
||||
|
||||
print("init application...")
|
||||
--初始化,获取系统默认的用户权限,为实现RBAC框架做权限数据准备
|
||||
local data = {
|
||||
admin = {
|
||||
"system:user:add", "system:user:edit", "system:user:delete", "system:user:view", "system:user:list"
|
||||
},
|
||||
guest = {
|
||||
"system:user:view"
|
||||
},
|
||||
}
|
||||
--判断程序是否加载权限数据
|
||||
--local dict = ngx.shared.dict
|
||||
--local load = dict:get("RBAC")
|
||||
--if load then
|
||||
-- return
|
||||
--end
|
||||
|
||||
local dict = ngx.shared.dictRBAC
|
||||
dict:set("users", data)
|
||||
--只在第一个worker进程中执行一次
|
||||
if ngx.worker.id() ~= 0 then
|
||||
return
|
||||
end
|
||||
|
||||
--初始化,获取系统默认的用户权限,为实现RBAC框架做权限数据准备
|
||||
local function handler()
|
||||
local conf = require("config")
|
||||
--引用使用的库文件
|
||||
local Model = require("share.model")
|
||||
--创建一个数据表相关的模型
|
||||
local userModel = Model:new('sys_user')
|
||||
|
||||
--读取用户表、角色表和权限表中配置的权限数据
|
||||
--获取数据表中的记录数
|
||||
local code, res = userModel:count()
|
||||
ngx.log(ngx.INFO, "user count:"..res)
|
||||
|
||||
local redis = require("resty.redis")
|
||||
local red = redis:new()
|
||||
|
||||
-- 设置超时时间
|
||||
red:set_timeout(conf.REDIS.TIMEOUT) -- 1秒
|
||||
|
||||
-- 连接到 Redis
|
||||
local ok, err = red:connect(conf.REDIS.HOST, conf.REDIS.PORT)
|
||||
if not ok then
|
||||
ngx.log(ngx.ERR, "redis failed to connect: "..err)
|
||||
return
|
||||
end
|
||||
--需要密码时对密码进行处理
|
||||
if conf.REDIS.PASSWORD ~= nil then
|
||||
local res, err = red:auth(conf.REDIS.PASSWORD)
|
||||
if not res then
|
||||
ngx.log(ngx.ERR, "redis failed to connect, password error: "..err)
|
||||
return
|
||||
end
|
||||
end
|
||||
|
||||
-- 从连接池中获取连接
|
||||
red:set_keepalive(conf.REDIS.POOL_MAX_IDLE_TIME, conf.REDIS.POOL_SIZE)
|
||||
|
||||
-- 设置 key-value
|
||||
local ok, err = red:set("admin-system:user:add", "1")
|
||||
if not ok then
|
||||
ngx.log(ngx.ERR, "redis failed to set key: "..err)
|
||||
return
|
||||
end
|
||||
|
||||
local ok, err = red:set("admin-system:user:edit", "1")
|
||||
if not ok then
|
||||
ngx.log(ngx.ERR, "failed to set key: "..err)
|
||||
return
|
||||
end
|
||||
|
||||
local ok, err = red:set("admin-system:user:delete", "1")
|
||||
if not ok then
|
||||
ngx.log(ngx.ERR, "failed to set key: "..err)
|
||||
return
|
||||
end
|
||||
|
||||
local ok, err = red:set("admin-system:user:view", "1")
|
||||
if not ok then
|
||||
ngx.log(ngx.ERR, "failed to set key: "..err)
|
||||
return
|
||||
end
|
||||
|
||||
local ok, err = red:set("admin-system:user:list", "1")
|
||||
if not ok then
|
||||
ngx.log(ngx.ERR, "failed to set key: "..err)
|
||||
return
|
||||
end
|
||||
|
||||
ngx.log(ngx.INFO, "set key successfully")
|
||||
|
||||
--关闭redis连接
|
||||
red:close()
|
||||
|
||||
--dict:set("RBAC", "1")
|
||||
end
|
||||
|
||||
-- 设置定时器,执行一次handler函数
|
||||
local ok, err = ngx.timer.at(0, handler)
|
||||
if not ok then
|
||||
ngx.log(ngx.ERR, "failed to create timer")
|
||||
return
|
||||
end
|
||||
|
|
|
|||
|
|
@ -1,15 +1,15 @@
|
|||
local redis = require("resty.redis")
|
||||
local conf = require('config')
|
||||
|
||||
local _M = setmetatable({}, {__index=function(self, key)
|
||||
local red = redis:new()
|
||||
local ok,err = red:connect(conf.REDIS.HOST, conf.REDIS.POST, conf.REDIS.PASSWORD)
|
||||
if not ok then
|
||||
ngx.log(ngx.ERR, err)
|
||||
end
|
||||
if key == 'red' then
|
||||
return red
|
||||
end
|
||||
local _M = setmetatable({}, {__index = function(self, key)
|
||||
local red = redis:new()
|
||||
local ok, err = red:connect(conf.REDIS.HOST, conf.REDIS.PORT)
|
||||
if not ok then
|
||||
ngx.log(ngx.ERR, err)
|
||||
end
|
||||
if key == "red" then
|
||||
return red
|
||||
end
|
||||
end})
|
||||
|
||||
function _M:set(key, value, time)
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@
|
|||
local helpers = require("share.helpers")
|
||||
local jsonschema = require("jsonschema")
|
||||
local cjson = require("cjson.safe")
|
||||
local redis = require("share.redis")
|
||||
|
||||
--local workerId = 0 -- 假设当前机器的ID是1,范围在[0, 31]之间
|
||||
--local datacenterId = 0 -- 数据中心ID,范围在[0, 31]之间
|
||||
|
|
@ -16,16 +17,67 @@ local cjson = require("cjson.safe")
|
|||
|
||||
--max =a and b or c--a?b:c
|
||||
|
||||
--[[
|
||||
--获取用户相关的角色数据的数据
|
||||
local function init_task()
|
||||
local redis = require("share.redis")
|
||||
--引用使用的库文件
|
||||
local Model = require("share.model")
|
||||
--创建一个数据表相关的模型
|
||||
local userModel = Model:new('sys_user')
|
||||
|
||||
--获取数据表中的记录数
|
||||
local code, res = userModel:count()
|
||||
--redis:set("admin-system:user:add", "1")
|
||||
--redis:set("admin-system:user:edit", "1")
|
||||
--redis:set("admin-system:user:delete", "1")
|
||||
--redis:set("admin-system:user:view", "1")
|
||||
--local ok, err = redis:set("admin-system:user:list", "1")
|
||||
|
||||
--if not ok then
|
||||
-- ngx.log(ngx.ERR, "failed to set key in Redis: ", err)
|
||||
--else
|
||||
-- ngx.log(ngx.INFO, "updated key: ", key, " with value: ", value)
|
||||
--end
|
||||
|
||||
--dict:set("RBAC", "1")
|
||||
|
||||
ngx.thread.kill(t)
|
||||
end
|
||||
|
||||
--启动线程进行处理
|
||||
t = ngx.thread.spawn(init_task)
|
||||
--]]
|
||||
|
||||
--[[
|
||||
--调用c库相关例子
|
||||
local mylib = require "addlib"
|
||||
ngx.say(addlib.add(5,7))
|
||||
--]]
|
||||
|
||||
local dict = ngx.shared.dictRBAC
|
||||
local val = dict:get("users")
|
||||
ngx.say(val)
|
||||
--local dict = ngx.shared.dictRBAC
|
||||
--local value, err = dict:get("zhangsan-system:user:list")
|
||||
--if value then
|
||||
-- ngx.say("zhangsan-system:user:list is exist")
|
||||
--else
|
||||
-- ngx.say("zhangsan-system:user:list is not exist")
|
||||
--end
|
||||
|
||||
local val1, err = redis:get("admin-system:user:add")
|
||||
local val2, err = redis:get("admin-system:user:edit")
|
||||
local val3, err = redis:get("admin-system:user:delete")
|
||||
local val4, err = redis:get("admin-system:user:view")
|
||||
local val5, err = redis:get("admin-system:user:list")
|
||||
ngx.say("add:"..val1)
|
||||
ngx.say("edit:"..val2)
|
||||
ngx.say("delete:"..val3)
|
||||
ngx.say("view:"..val4)
|
||||
ngx.say("list:"..val5)
|
||||
|
||||
local val6, err = redis:get("admin-system:user:test")
|
||||
if val6 ~= nil then
|
||||
ngx.say("test:"..val6)
|
||||
end
|
||||
--[[
|
||||
local uuid = require("resty.jit-uuid")
|
||||
uuid.seed()
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user