williamet/cas_tt_cloud_backend
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
cas_tt_cloud_backend/router/auth.go
henry da7b3130fe feat:完善项目
2021-09-28 11:47:19 +08:00

112 lines
2.9 KiB
Go
Raw Blame History

package router
import (
"SciencesServer/app/service"
"SciencesServer/config"
"SciencesServer/serve/cache"
cache2 "SciencesServer/serve/cache"
"SciencesServer/utils"
"fmt"
"net/http"
"time"
"github.com/gin-gonic/gin"
)
// SkipperURL 跳过验证
type SkipperURL func(*gin.Context) bool
// PermissionHandle 权限验证
type PermissionHandle func(key string) gin.HandlerFunc
// AddSkipperURL 添加路由
func AddSkipperURL(url ...string) SkipperURL {
return func(c *gin.Context) bool {
path := c.Request.URL.Path
return utils.InArray(path, url)
}
}
// NeedLogin 需要登录
func NeedLogin(skipperURL ...SkipperURL) gin.HandlerFunc {
return func(c *gin.Context) {
if len(skipperURL) > 0 && skipperURL[0](c) {
c.Next()
return
}
token := c.GetHeader(config.APIRequestToken)
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{"message": "Token异常"})
c.Abort()
return
}
tokenInfo := utils.JWTDecrypt(token)
if tokenInfo == nil || len(tokenInfo) <= 0 {
c.JSON(http.StatusUnauthorized, gin.H{"message": "Token无效"})
c.Abort()
return
}
expTimestamp := utils.StringToInt64(fmt.Sprintf("%v", tokenInfo["exp"]))
expTime := time.Unix(expTimestamp, 0)
ok := expTime.After(time.Now())
if !ok {
c.JSON(http.StatusUnauthorized, gin.H{"message": "Token过期"})
c.Abort()
return
}
cache, _ := cache2.Cache.HGet(config.RedisKeyForAccount, fmt.Sprintf("%v", tokenInfo[config.TokenForUID]))
if cache == "" {
c.JSON(http.StatusUnauthorized, gin.H{"message": "用户未登录或已退出"})
c.Abort()
return
}
session := new(service.Session)
_ = session.UnmarshalBinary([]byte(cache))
if !config.SettingInfo.MultipleLogin && session.Token != token {
c.JSON(http.StatusUnauthorized, gin.H{"message": "登录失效,已在其他地方登录!"})
c.Abort()
return
}
c.Set(config.TokenForSession, session)
c.Next()
}
}
// NeedPermission 需要权限验证
func NeedPermission(skipperURL ...SkipperURL) PermissionHandle {
return func(key string) gin.HandlerFunc {
return func(c *gin.Context) {
if len(skipperURL) > 0 && skipperURL[0](c) {
c.Next()
return
}
session, _ := c.Get(config.TokenForSession)
_session := session.(*service.Session)
if !_session.IsAdmin {
if _session.TenantID > 0 {
if isExist, _ := cache.Cache.SIsMember(config.RedisKeyForTenant, _session.TenantKey); !isExist {
c.JSON(http.StatusForbidden, gin.H{"message": "租户/公司信息协议已到期或已被禁用,无权限访问!"})
c.Abort()
return
}
}
//if pass, _ := service.NewPermission(nil, &service.AuthRequest{
// Url: key,
// Method: c.Request.Method,
//})(_session.TenantKey, fmt.Sprintf("%d", _session.UID)).Enforce(); !pass {
// c.JSON(http.StatusOK, gin.H{"code": http.StatusForbidden, "msg": "无权限访问!"})
// c.Abort()
// return
//}
}
c.Next()
}
}
}
Reference in New Issue View Git Blame Copy Permalink