huangjiajun
1 month ago
6 changed files with 26 additions and 16 deletions
Unified View
Diff Options
-
+1 -1app/hdl/hdl_sms.go
-
+12 -5app/lib/auth/auth.go
-
+1 -1app/lib/auth/base.go
-
+1 -1app/md/app_redis_key.go
-
+4 -1app/mw/mw_auth.go
-
+7 -7app/svc/svc_auth.go
+ 1
- 1
app/hdl/hdl_sms.go
View File
| @@ -48,7 +48,7 @@ func Sms(c *gin.Context) { | |||||
| } | } | ||||
| } | } | ||||
| if args.Type == "update_password" { | if args.Type == "update_password" { | ||||
| admin, _ := svc.CheckUser(c) | |||||
| admin, _, _ := svc.CheckUser(c) | |||||
| if admin == nil { | if admin == nil { | ||||
| e.OutErr(c, 400, e.NewErr(400, "账号未注册")) | e.OutErr(c, 400, e.NewErr(400, "账号未注册")) | ||||
| return | return | ||||
+ 12
- 5
app/lib/auth/auth.go
View File
| @@ -24,16 +24,23 @@ func GenToken(admId int, username string) (string, error) { | |||||
| } | } | ||||
| // ParseToken 解析JWT | // ParseToken 解析JWT | ||||
| func ParseToken(tokenString string) (*JWTUser, error) { | |||||
| func ParseToken(tokenString string) (*JWTUser, string, error) { | |||||
| // 解析token | // 解析token | ||||
| token, err := jwt.ParseWithClaims(tokenString, &JWTUser{}, func(token *jwt.Token) (i interface{}, err error) { | token, err := jwt.ParseWithClaims(tokenString, &JWTUser{}, func(token *jwt.Token) (i interface{}, err error) { | ||||
| return Secret, nil | return Secret, nil | ||||
| }) | }) | ||||
| if err != nil { | if err != nil { | ||||
| return nil, err | |||||
| return nil, "", err | |||||
| } | } | ||||
| if claims, ok := token.Claims.(*JWTUser); ok && token.Valid { // 校验token | |||||
| return claims, nil | |||||
| if claims, ok := token.Claims.(*JWTUser); ok && token.Valid { // 校验token正确性 | |||||
| if claims.StandardClaims.ExpiresAt < time.Now().Unix() { // 校验token时效性 | |||||
| return nil, "", errors.New("token is expired") | |||||
| } | |||||
| if !claims.VerifyExpiresAt(time.Now().Add(time.Minute*30).Unix(), false) { // TODO::判断Token快过期,就创建新的token(30分钟) | |||||
| newToken, _ := GenToken(claims.AdmId, claims.Username) | |||||
| return claims, newToken, nil | |||||
| } | |||||
| return claims, "", err | |||||
| } | } | ||||
| return nil, errors.New("invalid token") | |||||
| return nil, "", errors.New("invalid token") | |||||
| } | } | ||||
+ 1
- 1
app/lib/auth/base.go
View File
| @@ -7,7 +7,7 @@ import ( | |||||
| ) | ) | ||||
| // TokenExpireDuration is jwt 过期时间 | // TokenExpireDuration is jwt 过期时间 | ||||
| const TokenExpireDuration = time.Hour * 24 | |||||
| const TokenExpireDuration = time.Hour * 2 | |||||
| var Secret = []byte("micro_group_admin") | var Secret = []byte("micro_group_admin") | ||||
+ 1
- 1
app/md/app_redis_key.go
View File
| @@ -4,7 +4,7 @@ package md | |||||
| const ( | const ( | ||||
| JwtTokenKey = "%s:advertisement_agent_jwt_token:%s" // jwt, 占位符:ip, admin:id | JwtTokenKey = "%s:advertisement_agent_jwt_token:%s" // jwt, 占位符:ip, admin:id | ||||
| JwtTokenCacheTime = 3600 * 24 | |||||
| JwtTokenCacheTime = 3600 * 2 | |||||
| AppCfgCacheKey = "%s:cfg_cache:%s" // 占位符: masterId, key的第一个字母 | AppCfgCacheKey = "%s:cfg_cache:%s" // 占位符: masterId, key的第一个字母 | ||||
+ 4
- 1
app/mw/mw_auth.go
View File
| @@ -8,7 +8,7 @@ import ( | |||||
| // 检查权限, 签名等等 | // 检查权限, 签名等等 | ||||
| func Auth(c *gin.Context) { | func Auth(c *gin.Context) { | ||||
| admin, err := svc.CheckUser(c) | |||||
| admin, newToken, err := svc.CheckUser(c) | |||||
| if err != nil { | if err != nil { | ||||
| switch err.(type) { | switch err.(type) { | ||||
| case e.E: | case e.E: | ||||
| @@ -22,5 +22,8 @@ func Auth(c *gin.Context) { | |||||
| } | } | ||||
| // 将当前请求的username信息保存到请求的上下文c上 | // 将当前请求的username信息保存到请求的上下文c上 | ||||
| c.Set("admin", admin) | c.Set("admin", admin) | ||||
| if len(newToken) > 0 { | |||||
| c.Header("new-token", newToken) // TODO::将新Token添加到返回的Header里,方便前端使用 | |||||
| } | |||||
| c.Next() | c.Next() | ||||
| } | } | ||||
+ 7
- 7
app/svc/svc_auth.go
View File
| @@ -27,27 +27,27 @@ func GetUser(c *gin.Context) *model.Agent { | |||||
| return user.(*model.Agent) | return user.(*model.Agent) | ||||
| } | } | ||||
| func CheckUser(c *gin.Context) (*model.Agent, error) { | |||||
| func CheckUser(c *gin.Context) (*model.Agent, string, error) { | |||||
| token := c.GetHeader("Authorization") | token := c.GetHeader("Authorization") | ||||
| if token == "" { | if token == "" { | ||||
| return nil, errors.New("token not exist") | |||||
| return nil, "", errors.New("token not exist") | |||||
| } | } | ||||
| // 按空格分割 | // 按空格分割 | ||||
| parts := strings.SplitN(token, " ", 2) | parts := strings.SplitN(token, " ", 2) | ||||
| if !(len(parts) == 2 && parts[0] == "Bearer") { | if !(len(parts) == 2 && parts[0] == "Bearer") { | ||||
| return nil, errors.New("token format error") | |||||
| return nil, "", errors.New("token format error") | |||||
| } | } | ||||
| // parts[1]是获取到的tokenString,我们使用之前定义好的解析JWT的函数来解析它 | // parts[1]是获取到的tokenString,我们使用之前定义好的解析JWT的函数来解析它 | ||||
| mc, err := auth.ParseToken(parts[1]) | |||||
| mc, newToken, err := auth.ParseToken(parts[1]) | |||||
| if err != nil { | if err != nil { | ||||
| return nil, err | |||||
| return nil, "", err | |||||
| } | } | ||||
| // 获取admin | // 获取admin | ||||
| adminDb := implement.NewAgentDb(db.DBs[GetMasterId(c)]) | adminDb := implement.NewAgentDb(db.DBs[GetMasterId(c)]) | ||||
| admin, err := adminDb.GetAgent(mc.AdmId) | admin, err := adminDb.GetAgent(mc.AdmId) | ||||
| if err != nil { | if err != nil { | ||||
| return nil, err | |||||
| return nil, "", err | |||||
| } | } | ||||
| return admin, nil | |||||
| return admin, newToken, nil | |||||
| } | } | ||||