williamet/cas_tt_cloud_backend
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
cas_tt_cloud_backend/router/auth.go
henry 851a2c1784 feat:完善入驻信息管理
2021-12-03 14:18:06 +08:00

90 lines
2.2 KiB
Go
Raw Blame History

package router
import (
"SciencesServer/app/logic"
"SciencesServer/app/service"
"SciencesServer/config"
"SciencesServer/utils"
"github.com/gin-gonic/gin"
"net/http"
)
// SkipperURL 跳过验证
type SkipperURL func(*gin.Context) bool
// PermissionHandle 权限验证
type PermissionHandle func(key string) gin.HandlerFunc
// AddSkipperURL 添加路由
func AddSkipperURL(url ...string) SkipperURL {
return func(c *gin.Context) bool {
path := c.Request.URL.Path
return utils.InArray(path, url)
}
}
// NeedLogin 需要登录
func NeedLogin(session logic.ISession, skipperURL ...SkipperURL) gin.HandlerFunc {
return func(c *gin.Context) {
if len(skipperURL) > 0 && skipperURL[0](c) {
c.Next()
return
}
token := c.GetHeader(config.APIRequestToken)
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{"message": "Token异常"})
c.Abort()
return
}
err := service.NewAuthToken(token).Auth(session)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{"message": err.Error()})
c.Abort()
return
}
c.Set(config.TokenForSession, session)
c.Next()
}
}
func NeedHaveIdentity() gin.HandlerFunc {
return func(c *gin.Context) {
}
}
// NeedPermission 需要权限验证
func NeedPermission(skipperURL ...SkipperURL) PermissionHandle {
return func(key string) gin.HandlerFunc {
return func(c *gin.Context) {
if len(skipperURL) > 0 && skipperURL[0](c) {
c.Next()
return
}
session, _ := c.Get(config.TokenForSession)
_session := session.(*service.Session)
if !_session.IsAdmin {
if _session.TenantID > 0 {
//if isExist, _ := cache.Cache.SIsMember(config.RedisKeyForTenant, _session.TenantKey); !isExist {
// c.JSON(http.StatusForbidden, gin.H{"message": "租户/公司信息协议已到期或已被禁用,无权限访问!"})
// c.Abort()
// return
//}
}
//if pass, _ := service.NewPermission(nil, &service.AuthRequest{
// Url: key,
// Method: c.Request.Method,
//})(_session.TenantKey, fmt.Sprintf("%d", _session.UID)).Enforce(); !pass {
// c.JSON(http.StatusOK, gin.H{"code": http.StatusForbidden, "msg": "无权限访问!"})
// c.Abort()
// return
//}
}
c.Next()
}
}
}
Reference in New Issue View Git Blame Copy Permalink