package router import ( "SciencesServer/app/logic" "SciencesServer/app/service" "SciencesServer/config" "SciencesServer/utils" "github.com/gin-gonic/gin" "net/http" ) // SkipperURL 跳过验证 type SkipperURL func(*gin.Context) bool // PermissionHandle 权限验证 type PermissionHandle func(key string) gin.HandlerFunc // AddSkipperURL 添加路由 func AddSkipperURL(url ...string) SkipperURL { return func(c *gin.Context) bool { path := c.Request.URL.Path return utils.InArray(path, url) } } // NeedLogin 需要登录 func NeedLogin(session logic.ISession, skipperURL ...SkipperURL) gin.HandlerFunc { return func(c *gin.Context) { if len(skipperURL) > 0 && skipperURL[0](c) { c.Next() return } token := c.GetHeader(config.APIRequestToken) if token == "" { c.JSON(http.StatusUnauthorized, gin.H{"message": "Token异常"}) c.Abort() return } err := service.NewAuthToken(token).Auth(session) if err != nil { c.JSON(http.StatusUnauthorized, gin.H{"message": err.Error()}) c.Abort() return } c.Set(config.TokenForSession, session) c.Next() } } func NeedHaveIdentity() gin.HandlerFunc { return func(c *gin.Context) { } } // NeedPermission 需要权限验证 func NeedPermission(skipperURL ...SkipperURL) PermissionHandle { return func(key string) gin.HandlerFunc { return func(c *gin.Context) { if len(skipperURL) > 0 && skipperURL[0](c) { c.Next() return } session, _ := c.Get(config.TokenForSession) _session := session.(*service.Session) if !_session.IsAdmin { if _session.TenantID > 0 { //if isExist, _ := cache.Cache.SIsMember(config.RedisKeyForTenant, _session.TenantKey); !isExist { // c.JSON(http.StatusForbidden, gin.H{"message": "租户/公司信息协议已到期或已被禁用,无权限访问!"}) // c.Abort() // return //} } //if pass, _ := service.NewPermission(nil, &service.AuthRequest{ // Url: key, // Method: c.Request.Method, //})(_session.TenantKey, fmt.Sprintf("%d", _session.UID)).Enforce(); !pass { // c.JSON(http.StatusOK, gin.H{"code": http.StatusForbidden, "msg": "无权限访问!"}) // c.Abort() // return //} } c.Next() } } }