diff --git a/.gitignore b/.gitignore index 128c89e..0a5c6eb 100644 --- a/.gitignore +++ b/.gitignore @@ -43,4 +43,7 @@ luac.out .DS_Store # IDEA dir -.idea/ \ No newline at end of file +.idea/ + +# Local deploy bash script +auto_copy_config_and_lua_macos.sh \ No newline at end of file diff --git a/upload.lua b/upload.lua index 49b2bb1..f9f734b 100644 --- a/upload.lua +++ b/upload.lua @@ -1,6 +1,7 @@ -local upload = require "resty.upload" +local upload = require "resty.upload" local uuid = require "resty.jit-uuid" local cjson = require "cjson" +local jwt = require "resty.jwt" local chunk_size = 4096 local form = upload:new(chunk_size) @@ -17,6 +18,55 @@ local file local file_name local files = {} +function LuaReomve(str,remove) + local lcSubStrTab = {} + while true do + local lcPos = string.find(str,remove) + if not lcPos then + lcSubStrTab[#lcSubStrTab+1] = str + break + end + local lcSubStr = string.sub(str,1,lcPos-1) + lcSubStrTab[#lcSubStrTab+1] = lcSubStr + str = string.sub(str,lcPos+1,#str) + end + local lcMergeStr ="" + local lci = 1 + while true do + if lcSubStrTab[lci] then + lcMergeStr = lcMergeStr .. lcSubStrTab[lci] + lci = lci + 1 + else + break + end + end + return lcMergeStr +end + +function DecoderJwtToken(encrypted_token) + local jwt_key = "0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE" + local jwt_obj = jwt:verify(jwt_key, encrypted_token) + if jwt_obj.verified == false then + ngx.log(ngx.WARN, "Invalid token: ".. jwt_obj.reason) + ngx.status = ngx.HTTP_UNAUTHORIZED + ngx.header.content_type = "application/json; charset=utf-8" + ngx.say(cjson.encode(jwt_obj)) + ngx.exit(ngx.HTTP_UNAUTHORIZED) + end + + ngx.log(ngx.INFO, "JWT: " .. cjson.encode(jwt_obj)) + ngx.log(ngx.INFO, "jwt object : payload : sub " .. jwt_obj.payload.sub) + + local htytoken = cjson.decode(jwt_obj.payload.sub) + ngx.log(ngx.INFO, "htytoken : token_id " .. htytoken.token_id) + ngx.log(ngx.INFO, "htytoken : hty_id " .. htytoken.hty_id) + --ngx.log(ngx.INFO, "htytoken : app_id " .. htytoken.app_id) + ngx.log(ngx.INFO, "htytoken : ts " .. htytoken.ts) + --ngx.log(ngx.INFO, "htytoken : roles " .. htytoken.roles) + + return htytoken +end + while true do local typ, res, err = form:read() @@ -25,6 +75,26 @@ while true do return end + local authorization = ngx.req.get_headers().Authorization + if authorization then + ngx.log(ngx.INFO, 'Check request authorization Authorization -> ', authorization) + DecoderJwtToken(authorization) + else + ngx.log(ngx.ERR, 'Request header no authorization ! ') + ngx.status = 500 + ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) + end + + local authorization = ngx.req.get_headers()["HtySudoerToken"] + if authorization then + ngx.log(ngx.INFO, 'Check request authorization HtySudoerToken -> ', authorization) + DecoderJwtToken(authorization) + else + ngx.log(ngx.ERR, 'Request header no hty sudoer token ! ') + ngx.status = 500 + ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) + end + if typ == "header" then --"Content-Disposition","form-data; name=\"files[]\"; filename=\"Song-of-joy.png\"" @@ -63,11 +133,11 @@ while true do local http = require "resty.http" local httpc = http.new() local remote_url = string.format("%s/api/v1/ts/create_task", task_server) - + ngx.log(ngx.INFO, 'remote_url -> ', remote_url) ngx.log(ngx.INFO, 'Authorization -> ', ngx.req.get_headers().Authorization) ngx.log(ngx.INFO, 'HtySudoerToken -> ', ngx.req.get_headers().HtySudoerToken) - + local body_text = cjson.encode({task_type = TaskTypes.UPLOAD_PICTURE, data = {images = files}}) ngx.log(ngx.INFO, 'UPLOAD_PICTURE *body_text* ->', body_text)