2021-11-02 09:43:19 +08:00
|
|
|
package router
|
|
|
|
|
|
|
|
import (
|
2021-11-02 16:22:07 +08:00
|
|
|
"ArmedPolice/app/service"
|
|
|
|
"ArmedPolice/config"
|
|
|
|
"ArmedPolice/utils"
|
2021-11-02 09:43:19 +08:00
|
|
|
"github.com/gin-gonic/gin"
|
2021-11-08 15:52:46 +08:00
|
|
|
"net/http"
|
2021-11-02 09:43:19 +08:00
|
|
|
)
|
|
|
|
|
|
|
|
// SkipperURL 跳过验证
|
|
|
|
type SkipperURL func(*gin.Context) bool
|
|
|
|
|
|
|
|
// PermissionHandle 权限验证
|
|
|
|
type PermissionHandle func(key string) gin.HandlerFunc
|
|
|
|
|
|
|
|
// AddSkipperURL 添加路由
|
|
|
|
func AddSkipperURL(url ...string) SkipperURL {
|
|
|
|
return func(c *gin.Context) bool {
|
|
|
|
path := c.Request.URL.Path
|
|
|
|
return utils.InArray(path, url)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// NeedLogin 需要登录
|
|
|
|
func NeedLogin(skipperURL ...SkipperURL) gin.HandlerFunc {
|
|
|
|
return func(c *gin.Context) {
|
|
|
|
if len(skipperURL) > 0 && skipperURL[0](c) {
|
|
|
|
c.Next()
|
|
|
|
return
|
|
|
|
}
|
|
|
|
token := c.GetHeader(config.APIRequestToken)
|
|
|
|
|
|
|
|
if token == "" {
|
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{"message": "Token异常"})
|
|
|
|
c.Abort()
|
|
|
|
return
|
|
|
|
}
|
2021-11-08 15:52:46 +08:00
|
|
|
session, err := service.NewAuthToken(token).Auth()
|
2021-11-02 09:43:19 +08:00
|
|
|
|
2021-11-08 15:52:46 +08:00
|
|
|
if err != nil {
|
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{"message": err.Error()})
|
2021-11-02 09:43:19 +08:00
|
|
|
c.Abort()
|
|
|
|
return
|
|
|
|
}
|
|
|
|
c.Set(config.TokenForSession, session)
|
|
|
|
c.Next()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// NeedPermission 需要权限验证
|
|
|
|
func NeedPermission(skipperURL ...SkipperURL) PermissionHandle {
|
|
|
|
return func(key string) gin.HandlerFunc {
|
|
|
|
return func(c *gin.Context) {
|
|
|
|
if len(skipperURL) > 0 && skipperURL[0](c) {
|
|
|
|
c.Next()
|
|
|
|
return
|
|
|
|
}
|
|
|
|
//session, _ := c.Get(config.TokenForSession)
|
|
|
|
//_session := session.(*service.Session)
|
|
|
|
|
|
|
|
//if pass, _ := service.NewPermission(nil, &service.AuthRequest{
|
|
|
|
// Url: key,
|
|
|
|
// Method: c.Request.Method,
|
|
|
|
//})(_session.TenantKey, fmt.Sprintf("%d", _session.UID)).Enforce(); !pass {
|
|
|
|
// c.JSON(http.StatusOK, gin.H{"code": http.StatusForbidden, "msg": "无权限访问!"})
|
|
|
|
// c.Abort()
|
|
|
|
// return
|
|
|
|
//}
|
|
|
|
c.Next()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|