OptimusX
/
OneAuth
mirror of https://github.com/veypi/OneAuth.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
v4
v3
v2
v1.2.0
v1.1.0
v1.1.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '95c1f616be'
${ noResults }
OneAuth/docs/integration.md

151 lines
3.9 KiB
Markdown
Raw Normal View History Unescape Escape

docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
# VBase 集成指南
update
4 months ago
docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
本文档介绍如何将 VBase 作为基础库集成到现有的 Golang 项目中,并使用其权限管理系统。
update
4 months ago
docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
## 1. 安装
update
4 months ago
docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
```bash
go get github.com/veypi/vbase
update
4 months ago
```
docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
## 2. 初始化
update
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
在你的应用入口文件(如 `main.go`)中进行初始化。
update
4 months ago
```go
package main
import (
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
"github.com/veypi/vbase"
"github.com/veypi/vbase/cfg"
"github.com/veypi/vigo"
update
4 months ago
)
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
func main() {
// cfg.Global 已包含默认配置SQLite 内存数据库)
// 可通过环境变量或 YAML 文件覆盖
app := vigo.New("myapp", vbase.Router, cfg.Global, vigo.WithInit(vbase.Init))
panic(app.Run())
}
```
update
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
VBase 自带嵌入式管理界面,启动后访问 `/vb/` 即可使用。
docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
### 2.1 挂载路由
refactor(auth): 重构权限系统,简化API并添加缓存支持 主要变更: - 将权限域从 appKey 改为 scope,权限ID格式为 scope:resource:action - 新增 AddRole(roleCode, roleName, policies...) 方法,支持动态添加角色 - 简化 Factory.New() 只保留 scope 参数,移除 models.AppConfig 依赖 - PermAny/PermAll 改为变长参数 ...string 形式,使用更简洁 - AuthMiddleware 添加 Redis 缓存组织成员身份和角色信息(5分钟过期) - 移除 models.AppConfig 和 models.RoleDefinition 结构体 - 更新测试和文档 BREAKING CHANGE: Factory.New() 签名变更,需要使用新的 AddRole API
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
VBase Router 已内置所有 API 路由(`/api/auth`、`/api/users`、`/api/roles`、`/api/oauth`、`/api/settings` 等)和 UI 路由(`/vb/`、`/v/`、`/vhtml/`)。
update
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
如果你的应用需要自定义路由,将 VBase Router 挂载到你的 Router 上:
```go
var Router = vigo.NewRouter()
func init() {
// 将 VBase 挂载到 /vb 前缀
Router.Extend("/vb", vbase.Router)
update
4 months ago
}
```
docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
## 3. 使用权限系统
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
VBase 通过 `cfg.Auth` 提供全局权限管理实例。所有中间件方法前缀为 `Require*`
update
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
### 3.1 定义路由权限
update
4 months ago
```go
docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
func init() {
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
// 所有路由需要登录
Router.Use(cfg.Auth.Login())
update
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
// 资源操作示例
// 创建文章 (需要 "article" 的创建权限 Level 1)
Router.Post("/articles", cfg.Auth.RequireCreate("article"), CreateArticle)
update
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
// 读取文章 (需要对特定实例的读取权限 Level 2)
Router.Get("/articles/{id}", cfg.Auth.RequireRead("article:{id}"), GetArticle)
update
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
// 更新文章 (需要对特定实例的写入权限 Level 4)
Router.Put("/articles/{id}", cfg.Auth.RequireWrite("article:{id}"), UpdateArticle)
update
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
// 删除文章 (需要对特定实例的管理员权限 Level 7)
Router.Delete("/articles/{id}", cfg.Auth.RequireAdmin("article:{id}"), DeleteArticle)
update
4 months ago
}
```
fix bug
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
### 3.2 权限码动态解析
权限码支持动态占位符,从不同来源获取值:
| 语法 | 来源 | 示例 |
|------|------|------|
| `{key}``{key@ctx}` | Context | `{appID}` |
| `{key@path}` | 路径参数 | `{appID@path}` |
| `{key@query}` | Query 参数 | `{appID@query}` |
| `{key@header}` | Header | `{Authorization@header}` |
fix bug
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
### 3.3 业务逻辑授权
在创建资源时,授予创建者管理权限:
fix bug
4 months ago
```go
docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
func CreateArticle(x *vigo.X, req *ArticleReq) (*Article, error) {
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
userID := cfg.Auth.UserID(x)
article := &Article{Title: req.Title, AuthorID: userID}
cfg.DB().Create(article)
// 授予用户对该文章的管理员权限 (Level 7)
permID := "article:" + article.ID
cfg.Auth.Grant(x.Context(), userID, permID, auth.LevelAdmin)
return article, nil
docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
}
fix bug
4 months ago
```
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
### 3.4 多 Scope 权限隔离
fix bug
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
不同业务模块通过 Scope 实现权限隔离:
fix bug
4 months ago
```go
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
// 为不同应用创建独立的 Provider
var AppA_Auth = auth.Factory.New("app_a")
var AppB_Auth = auth.Factory.New("app_b")
// AppA 的用户权限不会影响 AppB
fix bug
4 months ago
```
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
## 4. Session 管理
VBase 使用 Session + JWT 双 Token 机制:
- **Access Token**:短期有效(默认 15 分钟),用于 API 认证
- **Refresh Token**:长期有效(默认 30 天),用于刷新 Access Token
- **Session**:记录登录设备信息和 IP支持版本号轮换防止并发刷新互踢
fix bug
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
Token 默认通过 HttpOnly Cookie 传送。Session 可通过 `auth.RevokeSession`、`auth.RevokeOtherSessions`、`auth.RevokeAllSessions` 管理。
fix bug
4 months ago
chore: bump version to v1.2.0 and update all docs - Bump version from v1.1.1 to v1.2.0 - Add CHANGELOG.md summarizing 20 commits since v1.1.1 - Rewrite docs to match current code: Session auth, Require* APIs, nested config (db.dsn/db.type/jwt.*), Cookie-based token delivery - Update method names uniformly: Perm* -> Require* - Fix README license badge (Apache -> MIT), port and build commands - Update auth design docs to reflect Provider + Auth SPI pattern - Update CLAUDE.md with current architecture and directory structure Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4 days ago
## 5. 配置说明
VBase 默认使用 SQLite 内存数据库(`/tmp/vbase.db`),无需任何外部依赖即可运行。
配置文件示例(`config.yaml`
```yaml
db:
type: "sqlite"
dsn: "/tmp/vbase.db"
redis:
addr: "memory"
key: "your-secret-key-min-32-characters"
jwt:
access_expiry: 900
refresh_expiry: 2592000
issuer: "vbase"
cookie_prefix: "vb_"
```
fix bug
4 months ago
docs: Update documentation to reflect scoped RBAC and remove org system - Update CLAUDE.md to describe scoped RBAC instead of multi-tenant org - Simplify README.md removing org-related features - Update auth.md with comprehensive scoped permission documentation - Remove configuration.md (merged into other docs) - Update design.md with new architecture decisions - Update integration.md with scoped auth examples - Update UI documentation removing org references - Update test README removing org test references
3 months ago
更多配置详情请参考 [配置文档](./configuration.md)。