feat:完善项目
This commit is contained in:
henry
@ -50,7 +50,12 @@ func registerAPI(app *gin.Engine) {
|
||||
userV1.POST("/collect/launch", _api.Collect)
|
||||
}
|
||||
// Activity 活动信息管理
|
||||
activityV1 := v1.Group("/activity")
|
||||
activityV1 := v1.Group("/activity").Use(NeedLogin(config.RedisKeyForAccountEnterprise,
|
||||
session.NewEnterprise(), AddSkipperURL([]string{
|
||||
apiPrefix + "/v1/activity",
|
||||
apiPrefix + "/v1/activity/detail",
|
||||
apiPrefix + "/v1/account",
|
||||
}...)))
|
||||
{
|
||||
_api := new(api2.Activity)
|
||||
activityV1.POST("", _api.Instance)
|
||||
@ -62,6 +67,7 @@ func registerAPI(app *gin.Engine) {
|
||||
{
|
||||
_api := new(api2.Sys)
|
||||
sysV1.GET("/platform", _api.Platform)
|
||||
sysV1.GET("/banner", _api.Banner)
|
||||
sysV1.GET("/navigation", _api.Navigation)
|
||||
sysV1.GET("/agreement", _api.Agreement)
|
||||
sysV1.GET("/agreement/detail", _api.AgreementDetail)
|
||||
@ -84,7 +90,7 @@ func registerAPI(app *gin.Engine) {
|
||||
serviceV1 := v1.Group("/service")
|
||||
{
|
||||
_api := new(api2.Service)
|
||||
serviceV1.GET("/solution_case", _api.SolutionCase)
|
||||
serviceV1.POST("/solution_case", _api.SolutionCase)
|
||||
serviceV1.POST("/solution_case/list", _api.SolutionCaseList)
|
||||
serviceV1.POST("/solution_case/detail", _api.SolutionCaseDetail)
|
||||
serviceV1.POST("/innovate", _api.Innovate)
|
||||
@ -141,11 +147,11 @@ func registerAdminAPI(app *gin.Engine) {
|
||||
apiPrefix + "/v1/account/logout",
|
||||
}...)))
|
||||
// 权限验证
|
||||
//g.Use(NeedPermission(AddSkipperURL([]string{
|
||||
// apiPrefix + "/captcha",
|
||||
// apiPrefix + "/account/login",
|
||||
// apiPrefix + "/account/logout",
|
||||
//}...)))
|
||||
v1.Use(NeedPermission(AddSkipperURL([]string{
|
||||
apiPrefix + "/v1/captcha",
|
||||
apiPrefix + "/v1/account/login",
|
||||
apiPrefix + "/v1/account/logout",
|
||||
}...)))
|
||||
// Captcha 验证码
|
||||
v1.GET("/captcha", new(api1.Captcha).Captcha)
|
||||
// Upload 上传管理
|
||||
@ -347,6 +353,8 @@ func registerEnterpriseAPI(app *gin.Engine) {
|
||||
apiPrefix + "/v1/account/authorize",
|
||||
}...)))
|
||||
|
||||
v1.Use(NeedAuthIdentity())
|
||||
|
||||
// Upload 上传管理
|
||||
v1.POST("/upload", new(api.Upload).Upload)
|
||||
// Config 配置管理
|
||||
|
||||
@ -6,6 +6,7 @@ import (
|
||||
"SciencesServer/app/session"
|
||||
"SciencesServer/config"
|
||||
"SciencesServer/utils"
|
||||
"fmt"
|
||||
"github.com/gin-gonic/gin"
|
||||
"net/http"
|
||||
)
|
||||
@ -27,6 +28,7 @@ func AddSkipperURL(url ...string) SkipperURL {
|
||||
// NeedLogin 需要登录
|
||||
func NeedLogin(key string, session logic.ISession, skipperURL ...SkipperURL) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
fmt.Println(c.Request.URL.Path)
|
||||
if len(skipperURL) > 0 && skipperURL[0](c) {
|
||||
c.Next()
|
||||
return
|
||||
@ -50,41 +52,48 @@ func NeedLogin(key string, session logic.ISession, skipperURL ...SkipperURL) gin
|
||||
}
|
||||
}
|
||||
|
||||
func NeedHaveIdentity() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
// NeedPermission 需要权限验证
|
||||
func NeedPermission(skipperURL ...SkipperURL) PermissionHandle {
|
||||
return func(key string) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
if len(skipperURL) > 0 && skipperURL[0](c) {
|
||||
c.Next()
|
||||
return
|
||||
}
|
||||
value, _ := c.Get(config.TokenForSession)
|
||||
_session := value.(*session.Admin)
|
||||
|
||||
if !_session.IsAdmin {
|
||||
if _session.TenantID > 0 {
|
||||
//if isExist, _ := cache.Cache.SIsMember(config.RedisKeyForTenant, _session.TenantKey); !isExist {
|
||||
// c.JSON(http.StatusForbidden, gin.H{"message": "租户/公司信息协议已到期或已被禁用,无权限访问!"})
|
||||
// c.Abort()
|
||||
// return
|
||||
//}
|
||||
}
|
||||
//if pass, _ := service.NewPermission(nil, &service.AuthRequest{
|
||||
// Url: key,
|
||||
// Method: c.Request.Method,
|
||||
//})(_session.TenantKey, fmt.Sprintf("%d", _session.UID)).Enforce(); !pass {
|
||||
// c.JSON(http.StatusOK, gin.H{"code": http.StatusForbidden, "msg": "无权限访问!"})
|
||||
// c.Abort()
|
||||
// return
|
||||
//}
|
||||
}
|
||||
func NeedPermission(skipperURL ...SkipperURL) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
if len(skipperURL) > 0 && skipperURL[0](c) {
|
||||
c.Next()
|
||||
return
|
||||
}
|
||||
value, _ := c.Get(config.TokenForSession)
|
||||
_session := value.(*session.Admin)
|
||||
|
||||
if _session.IsAdmin && _session.TenantID <= 0 {
|
||||
c.Next()
|
||||
return
|
||||
}
|
||||
pass, err := service.NewPermission(
|
||||
service.WithAuthTenant(_session.TenantIDFormat()),
|
||||
service.WithAuthUser(_session.UIDFormat()),
|
||||
service.WithAuthRequest([]*service.AuthRequest{
|
||||
&service.AuthRequest{
|
||||
Url: c.Request.URL.Path,
|
||||
Method: c.Request.Method,
|
||||
},
|
||||
}),
|
||||
).Enforce()
|
||||
|
||||
if err != nil {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{
|
||||
"message": fmt.Sprintf("权限验证错误【%v】,请联系管理员!", err),
|
||||
})
|
||||
c.Abort()
|
||||
return
|
||||
} else if !pass {
|
||||
c.JSON(http.StatusForbidden, gin.H{"message": "无权限访问!"})
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
|
||||
func NeedAuthIdentity() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,7 +4,6 @@ import (
|
||||
"SciencesServer/config"
|
||||
"SciencesServer/serve/logger"
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
@ -86,7 +85,7 @@ func RecoveryHandler() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
defer func() {
|
||||
if err := recover(); err != nil {
|
||||
fmt.Printf("Recover:request【%s】 error:【%v】\n", c.Request.URL, err)
|
||||
//fmt.Printf("Recover:request【%s】 error:【%v】\n", c.Request.URL, err)
|
||||
c.JSON(http.StatusInternalServerError, gin.H{
|
||||
"message": "Internal Server Error!",
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user