init

2021-11-02 09:43:19 +08:00
parent 570bb3c772
commit 4734344985
78 changed files with 4798 additions and 0 deletions
--- a/router/auth.go
+++ b/router/auth.go
@ -0,0 +1,127 @@
+package router
+
+import (
+	"Edu/app/service"
+	"Edu/config"
+	cache2 "Edu/serve/cache"
+	"Edu/utils"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/gin-gonic/gin"
+)
+
+// SkipperURL 跳过验证
+type SkipperURL func(*gin.Context) bool
+
+// PermissionHandle 权限验证
+type PermissionHandle func(key string) gin.HandlerFunc
+
+// AddSkipperURL 添加路由
+func AddSkipperURL(url ...string) SkipperURL {
+	return func(c *gin.Context) bool {
+		path := c.Request.URL.Path
+		return utils.InArray(path, url)
+	}
+}
+
+// NeedLogin 需要登录
+func NeedLogin(skipperURL ...SkipperURL) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		if len(skipperURL) > 0 && skipperURL[0](c) {
+			c.Next()
+			return
+		}
+		token := c.GetHeader(config.APIRequestToken)
+
+		if token == "" {
+			c.JSON(http.StatusUnauthorized, gin.H{"message": "Token异常"})
+			c.Abort()
+			return
+		}
+		tokenInfo := utils.JWTDecrypt(token)
+
+		if tokenInfo == nil || len(tokenInfo) <= 0 {
+			c.JSON(http.StatusUnauthorized, gin.H{"message": "Token无效"})
+			c.Abort()
+			return
+		}
+		expTimestamp := utils.StringToInt64(fmt.Sprintf("%v", tokenInfo["exp"]))
+		expTime := time.Unix(expTimestamp, 0)
+		ok := expTime.After(time.Now())
+
+		if !ok {
+			c.JSON(http.StatusUnauthorized, gin.H{"message": "Token过期"})
+			c.Abort()
+			return
+		}
+		cache, _ := cache2.Cache.HGet(config.RedisKeyForAccount, fmt.Sprintf("%v", tokenInfo[config.TokenForUID]))
+
+		if cache == "" {
+			c.JSON(http.StatusUnauthorized, gin.H{"message": "用户未登录或已退出"})
+			c.Abort()
+			return
+		}
+		session := new(service.Session)
+		_ = session.UnmarshalBinary([]byte(cache))
+
+		if !config.SettingInfo.MultipleLogin && session.Token != token {
+			c.JSON(http.StatusUnauthorized, gin.H{"message": "登录失效，已在其他地方登录！"})
+			c.Abort()
+			return
+		}
+		c.Set(config.TokenForSession, session)
+		c.Next()
+	}
+}
+
+// NeedGradeParam 需要年级参数
+func NeedGradeParam(skipperURL ...SkipperURL) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		if len(skipperURL) > 0 && skipperURL[0](c) {
+			c.Next()
+			return
+		}
+		param := c.GetHeader(config.APIRequestGrade)
+
+		if param == "" {
+			c.JSON(http.StatusBadRequest, gin.H{"message": "参数异常"})
+			c.Abort()
+			return
+		}
+		grade := utils.StringToInt(param)
+
+		if grade <= 0 {
+			c.JSON(http.StatusBadRequest, gin.H{"message": "Grade异常"})
+			c.Abort()
+			return
+		}
+		c.Set(config.TokenForGrade, grade)
+		c.Next()
+	}
+}
+
+// NeedPermission 需要权限验证
+func NeedPermission(skipperURL ...SkipperURL) PermissionHandle {
+	return func(key string) gin.HandlerFunc {
+		return func(c *gin.Context) {
+			if len(skipperURL) > 0 && skipperURL[0](c) {
+				c.Next()
+				return
+			}
+			//session, _ := c.Get(config.TokenForSession)
+			//_session := session.(*service.Session)
+
+			//if pass, _ := service.NewPermission(nil, &service.AuthRequest{
+			//	Url:    key,
+			//	Method: c.Request.Method,
+			//})(_session.TenantKey, fmt.Sprintf("%d", _session.UID)).Enforce(); !pass {
+			//	c.JSON(http.StatusOK, gin.H{"code": http.StatusForbidden, "msg": "无权限访问！"})
+			//	c.Abort()
+			//	return
+			//}
+			c.Next()
+		}
+	}
+}