jwt.go
2.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
package middleware
import (
"fmt"
"github.com/beego/beego/v2/server/web"
"github.com/beego/beego/v2/server/web/context"
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/domain"
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/infrastructure/cache"
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/log"
log1 "log"
"net/url"
)
type CtxKeyLoginToken struct{}
func JWTAuth(ctx *context.Context) {
}
func CheckAccessToken(next web.FilterFunc) web.FilterFunc {
return func(ctx *context.Context) {
tokenStr := ctx.Input.Header("x-mmm-accesstoken")
filterMap := map[string]string{
"/v1/auth/login/pwd": "",
"/v1/auth/login/sms": "",
"/v1/auth/login/qrcode": "",
"/v1/auth/org-switch": "",
"/v1/user/company-orgs": "",
"/v1/auth/captcha-init": "",
"/v1/auth/qrcode-init": "",
"/v1/auth/sms-code": "",
"/v1/auth/check-sms-code": "",
"/v1/auth/company-sign-up": "",
"/v1/auth/reset-password": "",
"/v1/auth/refresh-token": "",
"/v1/app/cooperation-projects/person/search": "",
}
var err error
if filterUrl, err := url.Parse(ctx.Request.RequestURI); err == nil {
// 不需要验证的接口
if _, ok := filterMap[filterUrl.Path]; ok {
next(ctx)
return
}
} else {
log.Logger.Error("parse url error:" + err.Error())
}
defer func() {
if err != nil {
ctx.Output.JSON(map[string]interface{}{
"msg": domain.ParseCodeMsg(domain.InvalidAccessToken),
"code": domain.InvalidAccessToken,
"data": struct{}{},
}, false, false)
}
}()
tk := &domain.LoginToken{}
err = tk.ParseToken(tokenStr)
if err != nil {
log.Logger.Error(err.Error())
return
}
platform := domain.ParsePlatform(ctx.Input.Header("x-mmm-devicetype"))
//redis缓存
tokenCache := cache.LoginTokenCache{}
token, err := tokenCache.GetAccessToken(tk.Account, platform)
if err != nil {
log.Logger.Error(err.Error())
return
}
if token != tokenStr {
log1.Println("token not equal \n" + tk.Account + "\n" + tokenStr + "\n" + token)
err = fmt.Errorf("access token not exists")
return
}
ctx.Input.SetData(CtxKeyLoginToken{}, tk)
next(ctx)
}
}
func NewCtxLoginToken(ctx *context.Context, tk domain.LoginToken) {
ctx.Input.SetData(CtxKeyLoginToken{}, domain.LoginToken{})
}
func FormCtxLoginToken(ctx *context.Context) (domain.LoginToken, bool) {
val := ctx.Input.GetData(CtxKeyLoginToken{})
if v, ok := val.(domain.LoginToken); ok {
return v, true
}
return domain.LoginToken{}, false
}