Skip to content

jackLi-2024/auth_manager

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

说明:

1.框架运行
    本地运行: python3 lambda_function.py
    物理机部署: sh bin/start.sh
    aws-serverless运行: 入口为lambda_function.lambda_handler
2.开发者需知
    开发者只需要在module下定义自己的功能模块
    例如实例中给出了test模块
        a.api.py  定义接口模型
        b.model.py 定义数据接口模型
        c.deal.py 逻辑处理函数
        
        # 备注(重要):开发者可以按文档全部调试自己的代码,也可以仅仅定义自己业务模块(例如test),但是本机调试注意加上以下代码表示模块的查找路径
        `
        cur_dir = os.path.split(os.path.realpath(__file__))[0]
        sys.path.append("%s/" % cur_dir)
        `    
3.备注
    为防止接口被覆盖
    建议每个模块下Search,Operate下的接口采用统一形式,例如test模块下定义的接口应该为testResult(以防止其他模块有result接口被相互覆盖)

该项目提供了权限认证与权限管理(基于用户与组)

请求URL:

  • http://127.0.0.1:4901/graphql_api

请求方式:

  • POST

1、生成token:

  • 参数:
  {
        "query": "query generate_token($condition: GenerateTokenArgument!){  generate_token(condition:$condition){    access_token    fresh_token  }}",
        "variables": {"condition": {
                 "user_id": "123",  # 同一平台用户唯一标识
				  "app_id": "1",    # 应用平台id
				  "enc_data": "hello"   # 需要加密的json字符串
				  }},
        "operationName": "generate_token"
    }
  • 返回示例
  {"data": {"generate_token": {
        "access_token": "xxx",
        "fresh_token": "xxx"
    }}}

2、刷新token:

  • 参数:
  {
        "query": "query fresh_token($condition: FreshTokenArgument!){  fresh_token(condition:$condition){    fresh_token    access_token  }}",
        "variables": {"condition": {
            "fresh_token": "xxx"
        }},
        "operationName": "fresh_token"}
  • 返回示例
  {"data": {"generate_token": {
        "access_token": "xxx",
        "fresh_token": "xxx"
    }}}

3、验证token:

  • 参数:
  {
        "query": "query validate_token($condition: ValidateTokenArgument!){  validate_token(condition:$condition){    dec_data    user_id  }}",
        "variables": {"condition": {
            "token": "xx"
			}},
        "operationName": "validate_token"}
  • 返回示例
  {"data": {"generate_token": {
        "dec_data": "xxx",
        "user_id": "xxx"
    }}}

4、注销token:

  • 参数:
  {
        "query": "query logout_token($condition: LogoutTokenArgument!){  logout_token(condition:$condition){    action  }}",
        "variables": {"condition": {
            "user_id": "123",
            "app_id": "1"
        }},
        "operationName": "logout_token"}
  • 返回示例
  {"data": {"generate_token": {
        "dec_data": "xxx",
        "user_id": "xxx"
    }}}

5、为用户加权限:

  • 参数:
  {
        "query": "query add_permission_for_user($condition: SubObjActListArgument!){  add_permission_for_user(condition:$condition){    status  }}",
        "variables": {"condition":{"SOA_List":[{"subject":"lijiacai","resource":"/data/","action":"read"},{"subject":"lijiacai","resource":"/data/1","action":"read"}]}},
        "operationName": "add_permission_for_user"}
  • 返回示例
  {"data":{"add_permission_for_user":{
  	"status":false
  }}}

6、为组加权限:

  • 参数:
  {
        "query": "query add_permission_for_group($condition: SubObjActListArgument!){  add_permission_for_group(condition:$condition){    status  }}",
        "variables": {"condition":{"SOA_List":[{"subject":"admin","resource":"/data/","action":"read"},{"subject":"admin","resource":"/data/1","action":"read"}]}},
        "operationName": "add_permission_for_group"}
  • 返回示例
  {"data":{"add_permission_for_group":{
  	"status":true
  }}}

7、移除权限:用户/组:

  • 参数:
  {
        "query": "query remove_permission($condition: SubObjActListArgument!){  remove_permission(condition:$condition){    status  }}",
        "variables": {"condition":{"SOA_List":[{"subject":"admin","resource":"/data/","action":"read"},{"subject":"admin","resource":"/data/1","action":"read"}]}},
        "operationName": "remove_permission"}
  • 返回示例
  {"data":{"remove_permission":{
  	"status":true
  }}}

8、判断权限是否存在: 用户/组:

  • 参数:
  {
        "query": "query is_permission($condition: SubObjActArgument!){  is_permission(condition:$condition){    status  }}",
        "variables": {"condition": {
            "subject": "admin3",
            "resource": "/data/",
            "action": "read"
			}},
        "operationName": "is_permission"}
  • 返回示例
  {"data":{"is_permission":{
  	"status":true
  }}}

9、删除角色:用户/组:

  • 参数:
  {
        "query": "query delete_role($condition: SubArgument!){  delete_role(condition:$condition){    status  }}",
        "variables": {"condition": {
            "subject": "admin3"
			}},
        "operationName": "delete_role"}
  • 返回示例
  {"data":{"delete_role":{
  	"status":true
  }}}

10、为用户查询组:

  • 参数:
  {
        "query": "query search_group_for_user($condition: SubArgument!){  search_group_for_user(condition:$condition){    rows{ group }  }}",
        "variables": {"condition": {
            "subject": "admin3"
			}},
        "operationName": "search_group_for_user"}
  • 返回示例
  {"data":{"search_permission_for_user":{
  	"rows":[
		{"group":"xxx"}
	]
  }}}

11、查询某用户所有权限:

  • 参数:
  {
        "query": "query search_permission_for_user($condition: SubArgument!){  search_permission_for_user(condition:$condition){    rows{ user resource action}  }}",
        "variables": {"condition": {
            "subject": "admin3"
			}},
        "operationName": "search_permission_for_user"}
  • 返回示例
  {"data":{"search_permission_for_user":{
  	"rows":[
		{"group":"xxx",
		"user":"xxx",
		"resource":"xxx",
		"action":"xxx"
		}
	]
  }}}

12、查询某组所有权限:

  • 参数:
  {
        "query": "query search_permission_for_group($condition: GroupArgument!){  search_permission_for_group(condition:$condition){    rows{ group resource action }  }}",
        "variables": {"condition": {
            "group_name": "admin3"
			}},
        "operationName": "search_permission_for_group"}
  • 返回示例
  {"data":{"search_permission_for_group":{
  	"rows":[
		{"group":"xxx",
		"resource":"xxx",
		"action":"xxx"
		}
	]
  }}}

13、为用户添加组,使用户拥有组的权限:

  • 参数:
  {
        "query": "query add_group_for_user($condition: SubGroupArgument!){  add_group_for_user(condition:$condition){    status  }}",
        "variables": {"condition": {
            "subject": "user1",
            "group_name": "admin3"
            }},
        "operationName": "add_group_for_user"}
  • 返回示例
  {"data":{"add_group_for_user":{
  	"status":true
  }}}

14、为组移除用户,使用户不再拥有组的权限:

  • 参数:
  {
        "query": "query remove_user_for_group($condition: SubGroupArgument!){  remove_user_for_group(condition:$condition){    status  }}",
        "variables": {"condition": {
            "subject": "user1",
            "group_name": "admin3"
            }},
        "operationName": "remove_user_for_group"}
  • 返回示例
  {"data":{"remove_user_for_group":{
  	"status":true
  }}}

15、查询所有组:

  • 参数:
  {
        "query": "query search_groups{  search_groups{    rows{ group }  }}",
        "operationName": "search_groups"}
  • 返回示例
  {"data":{"search_permission_for_user":{
  	"rows":[
		{"group":"xxx"}
	]
  }}}

About

权限认证与管理

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published