huangjiajun
/
community_team
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
附近小店
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
63 Commits
1 Branch
2.3 MiB
 
 
 
Tree: e43f8e6fca
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e43f8e6fca'
${ noResults }
community_team/app/mw/mw_auth_jwt.go

123 lines
2.9 KiB
Raw Blame History 

  1. package mw

  2. 

  3. import (

  4. 	"applet/app/db"

  5. 	"applet/app/db/model"

  6. 	"applet/app/e"

  7. 	"applet/app/lib/auth"

  8. 	"applet/app/md"

  9. 	"applet/app/svc"

  10. 	"applet/app/utils"

  11. 	"applet/app/utils/cache"

  12. 	"applet/app/utils/logx"

  13. 	"errors"

  14. 	"fmt"

  15. 	"strings"

  16. 

  17. 	"github.com/gin-gonic/gin"

  18. )

  19. 

  20. // AuthJWT is jwt middleware

  21. func AuthJWT(c *gin.Context) {

  22. 	authHeader := c.Request.Header.Get("Authorization")

  23. 	if authHeader == "" {

  24. 		e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 不能为空"))

  25. 		return

  26. 	}

  27. 

  28. 	// 按空格分割

  29. 	parts := strings.SplitN(authHeader, " ", 2)

  30. 	if !(len(parts) == 2 && parts[0] == "Bearer") {

  31. 		e.OutErr(c, e.ERR_TOKEN_FORMAT, errors.New("token 格式不对"))

  32. 		return

  33. 	}

  34. 

  35. 	// parts[1]是token

  36. 	mc, err := utils.ParseToken(parts[1])

  37. 	if err != nil {

  38. 		e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 过期或无效"))

  39. 		return

  40. 	}

  41. 

  42. 	// 获取user

  43. 	u, err := db.UserFindByID(db.DBs[c.GetString("mid")], mc.UID)

  44. 	if err != nil {

  45. 		e.OutErr(c, e.ERR_DB_ORM, err)

  46. 		return

  47. 	}

  48. 	if u == nil {

  49. 		e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 过期或无效"))

  50. 		return

  51. 	}

  52. 

  53. 	// 检验账号是否未激活或被冻结

  54. 	switch u.State {

  55. 	case 0:

  56. 		e.OutErr(c, e.ERR_USER_NO_ACTIVE)

  57. 		return

  58. 	case 2:

  59. 		if c.GetString("mid") == "31585332" {

  60. 			utils.FilePutContents("ERR_USER_IS_BAN", utils.SerializeStr(map[string]interface{}{

  61. 				"token": parts[1],

  62. 				"mc":    mc,

  63. 				"user":  u,

  64. 			}))

  65. 		}

  66. 		e.OutErr(c, e.ERR_USER_IS_BAN)

  67. 		return

  68. 	}

  69. 

  70. 	// 校验是否和缓存的token一致,只能有一个token 是真实有效

  71. 	key := fmt.Sprintf("%s:token:%s", c.GetString("mid"), u.Username)

  72. 	cjwt, err := cache.GetString(key)

  73. 	fmt.Println("====================token", u.Username, key, cjwt, parts[1])

  74. 	if err != nil {

  75. 		fmt.Println("====================token", err)

  76. 		logx.Warn(err)

  77. 		NOCACHE(c, parts, mc, u, false)

  78. 		return

  79. 	}

  80. 	if parts[1] != cjwt {

  81. 		e.OutErr(c, e.ERR_TOKEN_AUTH, errors.New("token expired"))

  82. 		return

  83. 	}

  84. 	NOCACHE(c, parts, mc, u, true)

  85. }

  86. 

  87. func NOCACHE(c *gin.Context, parts []string, mc *auth.JWTUser, u *model.User, isTrue bool) {

  88. 	// 获取user profile

  89. 	up, err := db.UserProfileFindByID(db.DBs[c.GetString("mid")], mc.UID)

  90. 	if err != nil || up == nil {

  91. 		e.OutErr(c, e.ERR_DB_ORM, err)

  92. 		return

  93. 	}

  94. 	if parts[1] != up.ArkidToken && isTrue == false || up.ArkidToken == "" {

  95. 		e.OutErr(c, e.ERR_TOKEN_AUTH, errors.New("token expired"))

  96. 		return

  97. 	}

  98. 	if parts[1] != up.ArkidToken && isTrue {

  99. 		up.ArkidToken = parts[1]

  100. 		db.UserProfileUpdate(svc.MasterDb(c), up.Uid, up, "arkid_token")

  101. 	}

  102. 	if up.AvatarUrl == "" {

  103. 		up.AvatarUrl = c.GetString("appUserDefaultAvatar")

  104. 	}

  105. 	// 获取user 等级

  106. 	ul, err := db.UserLevelByID(db.DBs[c.GetString("mid")], u.Level)

  107. 	if err != nil {

  108. 		e.OutErr(c, e.ERR_DB_ORM, err)

  109. 		return

  110. 	}

  111. 

  112. 	user := &md.User{

  113. 		Info:    u,

  114. 		Profile: up,

  115. 		Level:   ul,

  116. 	}

  117. 

  118. 	// 将当前请求的username信息保存到请求的上下文c上

  119. 	c.Set("user", user)

  120. 	c.Next() // 后续的处理函数可以用过c.Get("user")来获取当前请求的用户信息

  121. 

  122. }