Code Review / msb / apigateway.git / blob
? search:


dd7b2ed317788af3a6fe1b9da7ed55119e1a94cb
[msb/apigateway.git] / msb-core / openresty-ext / src / assembly / resources / openresty / nginx / luaext / iui_auth.lua
1 local cache = ngx.shared.ceryx
2 local client_ip = ngx.var.remote_addr
3 local uri = ngx.var.uri
4 if uri == "/iui/framework/login.html" then
5         local value, flags = cache:get(client_ip)
6         if not value then
7                 return
8         else
9                 ngx.redirect("/iui/framework/main-page.html")
10         end
11 end
12
13 local referer =  ngx.var.http_referer
14 local refererList = {
15         "/iui/framework/login.html",
16         "/iui/framework/css/login.css",
17         "/iui/component/thirdparty/font%-awesome/css/font%-awesome.min.css",
18         "/iui/framework/css/style%-custom.css"
19 }       
20 local function referer_matches(t, r)
21         for k,_ in pairs(t) do
22                 if string.match(r, t[k]) then
23                         return true
24                 end
25         end
26         return false
27 end     
28
29 if referer and referer_matches(refererList, referer) then
30         return
31 end     
32
33 local succ, err, forcible = cache:replace(client_ip, "place_holder", 3600)
34 if not succ then
35         if err == 'not found' then
36                 ngx.log(ngx.WARN, "access record not found for "..client_ip..",redirect to login page")
37                 ngx.redirect("/iui/framework/login.html")
38         else
39                 ngx.log(ngx.WARN, err)
40         end
41 end
Service API gateway which provides client request routing, client request load balancing, transformation, such as https to http, authentication & authorization for service request with plugin of auth service provider,service request logging,service request rate-limiting,service monitoring,request result cache,solve cross-domain issue for web application and other functionalities with the pluggable architecture capability.