nginx+lua 配置认证示例 token.lua

leoowu · Jun 2, 2015 · c1133f3 · c1133f3
1 parent a08d590
commit c1133f3
Show file tree

Hide file tree

Showing 7 changed files with 125 additions and 2 deletions.
diff --git a/web+app/fig.yml b/web+app/fig.yml
@@ -21,9 +21,15 @@ data:
   volumes:
       - /Users/moyong/docker-share/www/:/data/www/
       - /Users/moyong/docker-share/logs/web/:/usr/local/nginx/logs/
+
+data4app:
+  image: busybox
+  command: /bin/true
+  volumes:
       - /Users/moyong/docker-share/app/:/tomcat/webapps/
       - /Users/moyong/docker-share/logs/app/:/tomcat/logs/
 
+
 #启动tomcat
 mytomcat1:
   image: jamesmo/mytomcat:7
@@ -36,6 +42,8 @@ mytomcat1:
     - memcache2
   ports:
     - "8080:8080"
+  volumes_from:
+    - data4app
 
 #启动tomcat
 mytomcat2:
@@ -49,6 +57,9 @@ mytomcat2:
     - memcache2
   ports:
     - "8080"
+  volumes_from:
+    - data4app
+
 
 memcache1:
   image: sylvainlasnier/memcached

diff --git a/web+app/mynginx/nginx.d/echo.conf b/web+app/mynginx/nginx.d/echo.conf
@@ -1,5 +1,6 @@
 
 location /hello1 {
+
   default_type 'text/plain';
 
   echo "hello jamesmo!";

diff --git a/web+app/mynginx/nginx.d/nginx.conf b/web+app/mynginx/nginx.d/nginx.conf
@@ -62,11 +62,15 @@ http {
         listen     80 backlog=65535;
         server_name  localhost;
 
-	      root /data/www;
+	    root /data/www;
         #charset koi8-r;
 
         #access_log  logs/host.access.log  main;
 
+
+        access_by_lua_file '/usr/local/nginx/conf/nginx.d/token.lua';
+
+
         location / {
             root   /data/www;
             index  index.html index.htm;
@@ -146,6 +150,8 @@ http {
                        }
               }
 
+
+
     include   /usr/local/nginx/conf/nginx.d/lua.conf;
     include   /usr/local/nginx/conf/nginx.d/redis.conf;
     include   /usr/local/nginx/conf/nginx.d/lua-redis.conf;

diff --git a/web+app/mynginx/nginx.d/study.lua b/web+app/mynginx/nginx.d/study.lua
@@ -0,0 +1,29 @@
+--单行注释
+--[[
+    多行注释
+--]]
+--变量和程序流程控制
+num = 42 --所有的数值都是双精度的
+-- 别吓一跳，64位的双精度需要52位
+s = 'walternate' --字符串常量
+t = "也可以使用双引号"
+u = [[在开始和解释使用
+      标识多行字符串
+    ]]
+t = nil
+while num < 50 do
+    num = num +1
+end
+
+if num > 40 then
+    print ('over 40')
+elseif s ~= 'walternate' then
+    io.write('not over 40\n')
+else
+    thisGlobal = 5
+
+local line = io.read()
+    print ('Winter is coming,' .. line)
+end
+
+
diff --git a/web+app/mynginx/nginx.d/token.lua b/web+app/mynginx/nginx.d/token.lua
@@ -0,0 +1,45 @@
+ngx.log(ngx.ERR,">>>111")
+
+local secretkey='1234567890abcdefghi'
+
+local expiretime = ngx.time()
+expiretime = expiretime+86400
+expiretime = ngx.cookie_time(expiretime)
+
+
+if ngx.var.cookie_uid == nil or ngx.var.cookie_nickname == nil or ngx.var.cookie_token == nil then
+    ngx.log(ngx.ERR,">>>222")
+    ngx.req.set_header("Check-Login", "NULL")
+    ngx.req.set_header("Foo", {"a", "abc"})
+
+    ngx.header["Set-Cookie"] = {"Check-Login=NULL" .. "; expires=" .. expiretime ..";path=/" }
+
+    return
+end
+
+local ctoken = ngx.md5('uid:' .. ngx.var.cookie_uid .. '&nickname:' .. ngx.var.cookie_nickname .. '&secretkey:' .. secretkey)
+
+ngx.log(ngx.ERR,">>>333")
+
+if ctoken == ngx.var.cookie_token then
+    ngx.req.set_header("Check-Login", "Yes")
+
+    ngx.header["Set-Cookie"] = {"Check-Login=Yes" .. "; expires=" .. expiretime ..";path=/" }
+
+    ngx.log(ngx.ERR,">>>444")
+ else
+    ngx.req.set_header("Check-Login", "No")
+
+    ngx.header["Set-Cookie"] = {"Check-Login=No" .. "; expires=" .. expiretime ..";path=/" }
+
+    ngx.log(ngx.ERR,">>>555")
+
+end
+
+return
+
+--curl -v "http://192.168.59.103/hello1"
+--token 错误测试
+--curl -v -b "uid=12345;nickname=soga;token=aa6f21ec0fcf008aa5250904985a817b" "http://192.168.59.103/hello1"
+--token 正确测试
+--curl -v -b "uid=1234;nickname=soga;token=aa6f21ec0fcf008aa5250904985a817b"  "http://192.168.59.103/hello1"
diff --git a/web+app/mytomcat/dbtest/token.jsp b/web+app/mytomcat/dbtest/token.jsp
@@ -0,0 +1,26 @@
+<%@ taglib uri="http://java.sun.com/jsp/jstl/sql" prefix="sql" %>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+
+<sql:query var="rs" dataSource="jdbc/TestDB">
+select id, foo, bar from testdata
+</sql:query>
+
+<html>
+  <head>
+    <title>DB Test</title>
+  </head>
+  <body>
+
+  <h2>Results</h2>
+
+<c:forEach var="row" items="${rs.rows}">
+    Foo ${row.foo}<br/>
+    Bar ${row.bar}<br/>
+</c:forEach>
+
+  获取header 设置的值
+  <%=request.getHeader("Check-Login")%>
+
+
+  </body>
+</html>
diff --git a/web+app/mytomcat/readme.md b/web+app/mytomcat/readme.md
@@ -1,4 +1,9 @@
-2014-01-23
+2015-06-02
+    nginx+lua配置token.lua
+    curl -v -b "uid=1234;nickname=soga;token=aa6f21ec0fcf008aa5250904985a817b" "http://192.168.59.103/java/dbtest/token.jsp"
+
+
+2015-01-23
     配置公用数据源；
     启动nginx