作者 yangfu

token 检查

... ... @@ -6,6 +6,8 @@ ARG PROJECT=core
WORKDIR /build
COPY . .
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
RUN apk update --no-cache && apk add --no-cache tzdata
RUN go env -w GO111MODULE=on \
&& go env -w GOPROXY=https://goproxy.cn,direct \
&& go env -w CGO_ENABLED=0 \
... ... @@ -28,7 +30,9 @@ LABEL org.opencontainers.image.authors=${AUTHOR}
WORKDIR /app
ENV PROJECT=${PROJECT}
ENV CONFIG_FILE=${CONFIG_FILE}
ENV TZ Asia/Shanghai
COPY --from=builder /usr/share/zoneinfo/Asia/Shanghai /usr/share/zoneinfo/Asia/Shanghai
COPY --from=builder /build/api/${PROJECT} ./
COPY --from=builder /build/cmd/chart-server/api/etc/${CONFIG_FILE} ./etc/
COPY --from=builder /build/cmd/chart-server/api/public ./public/
... ...
... ... @@ -5,7 +5,8 @@ ARG PROJECT=core
WORKDIR /build
COPY . .
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
RUN apk update --no-cache && apk add --no-cache tzdata
RUN go env -w GO111MODULE=on \
&& go env -w GOPROXY=https://goproxy.cn,direct \
&& go env -w CGO_ENABLED=0 \
... ... @@ -28,7 +29,9 @@ LABEL org.opencontainers.image.authors=${AUTHOR}
WORKDIR /app
ENV PROJECT=${PROJECT}
ENV CONFIG_FILE=${CONFIG_FILE}
ENV TZ Asia/Shanghai
COPY --from=builder /usr/share/zoneinfo/Asia/Shanghai /usr/share/zoneinfo/Asia/Shanghai
COPY --from=builder /build/api/${PROJECT} ./
COPY --from=builder /build/cmd/chart-server/api/etc/${CONFIG_FILE} ./etc/
COPY --from=builder /build/cmd/chart-server/api/public ./public/
... ...
Name: chart
Host: 0.0.0.0
Port: 8080
Verbose: true
Verbose: false
HostName: http://sumifcc-bchart-dev.sumifcc.com
Timeout: 30000
LogRequest: true # 记录详细请求日志
Log:
Mode: file
... ... @@ -15,6 +16,11 @@ JwtAuth:
AccessSecret: digital-platform
Expire: 360000
ApiAuth:
Name: ApiAuth
Host: http://digital-platform-dev.fjmaimaimai.com
Timeout: 0s
Redis:
Host: 192.168.0.243:6379
Type: node
... ...
... ... @@ -3,6 +3,7 @@ Host: 0.0.0.0
Port: 8080
Verbose: false
HostName: http://sumifcc-bchart.sumifcc.com
LogRequest: true # 记录详细请求日志
Log:
Mode: file
... ... @@ -13,6 +14,11 @@ JwtAuth:
AccessSecret: digital-platform
Expire: 360000
ApiAuth:
Name: ApiAuth
Host: https://digital-platform.sumifcc.com
Timeout: 0s
Redis:
Host: 192.168.0.243:6379
Type: node
... ...
Name: chart
Host: 0.0.0.0
Port: 8081
Verbose: true
Verbose: false
HostName: http://sumifcc-bchart-dev.sumifcc.com
Timeout: 30000
LogRequest: true # 记录详细请求日志
Log:
#Mode: file
Mode: file
Encoding: plain
Level: debug # info
MaxSize: 1 # 2MB
... ... @@ -17,6 +18,11 @@ JwtAuth:
AccessSecret: digital-platform
Expire: 360000
ApiAuth:
Name: ApiAuth
Host: http://digital-platform-dev.fjmaimaimai.com
Timeout: 0s
Redis:
Host: 127.0.0.1:6379
Type: node
... ...
... ... @@ -13,6 +13,8 @@ type Config struct {
config.Config
Redis redis.RedisConf `json:",optional"`
ByteMetadata ApiService
ApiAuth ApiService
LogRequest bool `json:",optional,default=true"`
HostName string // 服务域名
KqConsumerConf kq.KqConf
}
... ...
... ... @@ -16,65 +16,71 @@ import (
func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) {
server.AddRoutes(
[]rest.Route{
{
Method: http.MethodPost,
Path: "/chart",
Handler: chart.SaveChartHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/chart/saveas",
Handler: chart.SaveAsChartHandler(serverCtx),
},
{
Method: http.MethodDelete,
Path: "/chart/:id",
Handler: chart.DeleteChartHandler(serverCtx),
},
{
Method: http.MethodPut,
Path: "/chart/:id",
Handler: chart.UpdateChartHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/chart/search",
Handler: chart.SearchChartHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/chart/move",
Handler: chart.UpdateChartSortHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/chart/rename",
Handler: chart.RenameChartSortHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/chart/components/search",
Handler: chart.SearchChartComponentsHandler(serverCtx),
},
},
rest.WithMiddlewares(
[]rest.Middleware{serverCtx.LoginStatusCheck, serverCtx.LogRequest},
[]rest.Route{
{
Method: http.MethodPost,
Path: "/chart",
Handler: chart.SaveChartHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/chart/saveas",
Handler: chart.SaveAsChartHandler(serverCtx),
},
{
Method: http.MethodDelete,
Path: "/chart/:id",
Handler: chart.DeleteChartHandler(serverCtx),
},
{
Method: http.MethodPut,
Path: "/chart/:id",
Handler: chart.UpdateChartHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/chart/search",
Handler: chart.SearchChartHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/chart/move",
Handler: chart.UpdateChartSortHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/chart/rename",
Handler: chart.RenameChartSortHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/chart/components/search",
Handler: chart.SearchChartComponentsHandler(serverCtx),
},
}...,
),
rest.WithJwt(serverCtx.Config.JwtAuth.AccessSecret),
rest.WithPrefix("/v1"),
)
server.AddRoutes(
[]rest.Route{
{
Method: http.MethodPost,
Path: "/chart/load-data",
Handler: chart.LoadChartDataHandler(serverCtx),
},
{
Method: http.MethodGet,
Path: "/chart/:id",
Handler: chart.GetChartHandler(serverCtx),
},
},
rest.WithMiddlewares(
[]rest.Middleware{serverCtx.LogRequest},
[]rest.Route{
{
Method: http.MethodPost,
Path: "/chart/load-data",
Handler: chart.LoadChartDataHandler(serverCtx),
},
{
Method: http.MethodGet,
Path: "/chart/:id",
Handler: chart.GetChartHandler(serverCtx),
},
}...,
),
rest.WithPrefix("/v1"),
)
... ... @@ -105,67 +111,76 @@ func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) {
)
server.AddRoutes(
[]rest.Route{
{
Method: http.MethodPost,
Path: "/table/search-by-module",
Handler: table.SearchTableByModuleHandler(serverCtx),
},
},
rest.WithMiddlewares(
[]rest.Middleware{serverCtx.LoginStatusCheck, serverCtx.LogRequest},
[]rest.Route{
{
Method: http.MethodPost,
Path: "/table/search-by-module",
Handler: table.SearchTableByModuleHandler(serverCtx),
},
}...,
),
rest.WithJwt(serverCtx.Config.JwtAuth.AccessSecret),
rest.WithPrefix("/v1"),
)
server.AddRoutes(
[]rest.Route{
{
Method: http.MethodPost,
Path: "/app-page",
Handler: page.SaveAppPageHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/app-page/saveas",
Handler: page.SaveAsAppPageHandler(serverCtx),
},
{
Method: http.MethodDelete,
Path: "/app-page/:id",
Handler: page.DeleteAppPageHandler(serverCtx),
},
{
Method: http.MethodPut,
Path: "/app-page/:id",
Handler: page.UpdateAppPageHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/app-page/search",
Handler: page.SearchAppPageHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/app-page/create-share",
Handler: page.CreateAppPageShareUrlHandler(serverCtx),
},
},
rest.WithMiddlewares(
[]rest.Middleware{serverCtx.LoginStatusCheck, serverCtx.LogRequest},
[]rest.Route{
{
Method: http.MethodPost,
Path: "/app-page",
Handler: page.SaveAppPageHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/app-page/saveas",
Handler: page.SaveAsAppPageHandler(serverCtx),
},
{
Method: http.MethodDelete,
Path: "/app-page/:id",
Handler: page.DeleteAppPageHandler(serverCtx),
},
{
Method: http.MethodPut,
Path: "/app-page/:id",
Handler: page.UpdateAppPageHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/app-page/search",
Handler: page.SearchAppPageHandler(serverCtx),
},
{
Method: http.MethodPost,
Path: "/app-page/create-share",
Handler: page.CreateAppPageShareUrlHandler(serverCtx),
},
}...,
),
rest.WithJwt(serverCtx.Config.JwtAuth.AccessSecret),
rest.WithPrefix("/v1"),
)
server.AddRoutes(
[]rest.Route{
{
Method: http.MethodGet,
Path: "/app-page/:id",
Handler: page.GetAppPageHandler(serverCtx),
},
{
Method: http.MethodGet,
Path: "/api/app-page/get-share-detail/:key",
Handler: page.GetAppPageShareDetailHandler(serverCtx),
},
},
rest.WithMiddlewares(
[]rest.Middleware{serverCtx.LogRequest},
[]rest.Route{
{
Method: http.MethodGet,
Path: "/app-page/:id",
Handler: page.GetAppPageHandler(serverCtx),
},
{
Method: http.MethodGet,
Path: "/api/app-page/get-share-detail/:key",
Handler: page.GetAppPageShareDetailHandler(serverCtx),
},
}...,
),
rest.WithPrefix("/v1"),
)
... ...
package middleware
import (
"github.com/zeromicro/go-zero/rest/httpx"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/interanl/pkg/gateway"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/interanl/pkg/gateway/authlib"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/pkg/result"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/pkg/xerr"
"net/http"
)
type LoginStatusCheckMiddleware struct {
apiAuth authlib.ApiAuthService
}
func NewLoginStatusCheckMiddleware(apiAuth authlib.ApiAuthService) *LoginStatusCheckMiddleware {
return &LoginStatusCheckMiddleware{
apiAuth: apiAuth,
}
}
func (m *LoginStatusCheckMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("x-mmm-accesstoken")
if len(token) > 0 {
_, err := m.apiAuth.LoginCheck(r.Context(), authlib.RequestLoginCheck{
Token: token,
})
if err != nil {
gatewayError, ok := err.(gateway.HttpError)
if ok {
unAuthResponse(w, gatewayError.Base.Code, gatewayError.Base.Msg)
return
}
result.HttpResult(r, w, struct{}{}, xerr.NewErr(err))
return
}
}
next(w, r)
}
}
func unAuthResponse(w http.ResponseWriter, code int, msg string) {
data := map[string]interface{}{
"msg": msg,
"code": code,
"data": struct{}{},
}
httpx.WriteJson(w, http.StatusUnauthorized, data)
}
... ...
package middleware
import (
"github.com/zeromicro/go-zero/rest/handler"
"net/http"
)
type LogRequestMiddleware struct {
logRequest bool
}
// NewLogRequestMiddleware 记录请求
// logRequest true开启记录,false关闭记录
func NewLogRequestMiddleware(logRequest bool) *LogRequestMiddleware {
return &LogRequestMiddleware{
logRequest: logRequest,
}
}
func (m *LogRequestMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
if !m.logRequest {
return func(writer http.ResponseWriter, request *http.Request) {
next(writer, request)
}
}
return handler.DetailedLogHandler(next).(http.HandlerFunc)
}
... ...
... ... @@ -3,11 +3,14 @@ package svc
import (
"github.com/tiptok/gocomm/pkg/cache/gzcache"
"github.com/zeromicro/go-zero/core/stores/redis"
"github.com/zeromicro/go-zero/rest"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/api/internal/config"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/api/internal/middleware"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/interanl/pkg/db/repository"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/interanl/pkg/db/transaction"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/interanl/pkg/domain"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/interanl/pkg/gateway"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/interanl/pkg/gateway/authlib"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/interanl/pkg/gateway/bytelib"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/pkg/cache"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/pkg/database"
... ... @@ -27,6 +30,10 @@ type ServiceContext struct {
ObjectFieldRepository domain.ObjectFieldRepository
ObjectTableDataRepository domain.ObjectTableDataRepository
ApiAuthService authlib.ApiAuthService
LoginStatusCheck rest.Middleware
LogRequest rest.Middleware
ByteMetadataService bytelib.ByteMetadataService
}
... ... @@ -35,12 +42,17 @@ func NewServiceContext(c config.Config) *ServiceContext {
mlCache := cache.NewMultiLevelCache([]string{c.Redis.Host}, c.Redis.Pass)
redisCache := gzcache.NewClusterCache([]string{c.Redis.Host}, c.Redis.Pass)
redis, _ := redis.NewRedis(redis.RedisConf{Host: c.Redis.Host, Pass: c.Redis.Pass, Type: "node"})
apiAuth := authlib.ApiAuthService{
Service: gateway.NewService(c.ApiAuth.Name, c.ApiAuth.Host, c.ApiAuth.Timeout),
}
return &ServiceContext{
Config: c,
DB: db,
RedisCache: redisCache,
Redis: redis,
ApiAuthService: apiAuth,
LoginStatusCheck: middleware.NewLoginStatusCheckMiddleware(apiAuth).Handle,
LogRequest: middleware.NewLogRequestMiddleware(c.LogRequest).Handle,
ChartRepository: repository.NewChartRepository(cache.NewCachedRepository(mlCache)),
ChartSettingRepository: repository.NewChartSettingRepository(cache.NewCachedRepository(mlCache)),
AppPageRepository: repository.NewAppPageRepository(cache.NewCachedRepository(mlCache)),
... ...
package authlib
import (
"context"
"gitlab.fjmaimaimai.com/allied-creation/sumifcc-bchart/cmd/chart-server/interanl/pkg/gateway"
"net/http"
)
type ApiAuthService struct {
gateway.Service
}
func (svc *ApiAuthService) MeInfo(ctx context.Context, request RequestUserMeQuery) (*DataUserMe, error) {
var result DataUserMe
if err := svc.Do(ctx, "/v1/user/me", http.MethodGet, request, &result); err != nil {
return nil, err
}
return &result, nil
}
func (svc *ApiAuthService) MeAppInfo(ctx context.Context, request RequestUserMeQuery) (*DataUserAppInfo, error) {
var result DataUserAppInfo
if err := svc.Do(ctx, "/v1/user/me-app-info", http.MethodGet, request, &result); err != nil {
return nil, err
}
return &result, nil
}
func (svc *ApiAuthService) LoginCheck(ctx context.Context, request RequestLoginCheck) (*DataLoginCheck, error) {
var (
result DataLoginCheck
err error
)
if err = svc.Do(ctx, "/v1/login/check?token="+request.Token, http.MethodGet, request, &result); err != nil {
return nil, err
}
if errCodeMsg, ok := err.(gateway.HttpError); ok {
return &DataLoginCheck{
Code: errCodeMsg.Base.Code,
Msg: errCodeMsg.Base.Msg,
}, nil
}
return &result, nil
}
func (svc *ApiAuthService) AppLogin(ctx context.Context, request RequestAppLogin) (*DataAppLogin, error) {
var result DataAppLogin
if err := svc.Do(ctx, "/v1/login/check?token="+request.Token, http.MethodGet, request, &result); err != nil {
return nil, err
}
return &result, nil
}
... ...
package authlib
type RequestUserMeQuery struct {
Token string `header:"x-mmm-accesstoken"`
//UserId int
//CompanyId int
}
type DataUserMe struct {
User *struct {
ID string `json:"id"`
Phone string `json:"phone"`
NickName string `json:"nickName"`
Avatar string `json:"avatar"`
} `json:"user,optional"`
CompanyList []*struct {
ID string `json:"id"`
Name string `json:"name"`
Logo string `json:"logo"`
DefaultLogin int `json:"defaultLogin"`
Types int `json:"types"`
} `json:"companyList,optional"`
CurrentCompany *struct {
ID string `json:"id"`
Name string `json:"name"`
Logo string `json:"logo"`
DefaultLogin int `json:"defaultLogin"`
Types int `json:"types"`
} `json:"currentCompany,optional"`
Workbench []*struct {
ID int `json:"id"`
Name string `json:"name"`
Code string `json:"code"`
CoverImage string `json:"coverImage"`
URL string `json:"url"`
} `json:"workbench,optional"`
Menus []*struct {
MenuID int `json:"menuId"`
ParentID int `json:"parentId"`
MenuName string `json:"menuName"`
Code string `json:"code"`
Types string `json:"types"`
} `json:"menus,optional"`
}
type RequestLoginCheck struct {
Token string
}
type DataLoginCheck struct {
Code int `json:"code,optional"`
Msg string `json:"msg,optional"`
}
type (
RequestAppLogin struct {
AppKey string `json:"appKey" valid:"Required"` // 应用键值
Token string `json:"token" valid:"Required"` // 凭证
}
DataAppLogin struct {
AppEnabled bool `json:"appEnabled"`
}
)
type (
DataUserAppInfo struct {
Apps []AppItem `json:"apps"`
}
AppItem struct {
AppId int64
AppKey string
AppName string
}
)
... ...
... ... @@ -13,6 +13,7 @@ info(
prefix: v1
group: page
jwt: JwtAuth
middleware: LoginStatusCheck,LogRequest
)
service Core {
@doc "保存应用页"
... ... @@ -108,6 +109,7 @@ type (
@server(
prefix: v1
group: page
middleware: LogRequest
)
service Core {
@doc "获取应用页详情"
... ...
... ... @@ -12,7 +12,7 @@ info(
prefix: v1
group: chart
jwt: JwtAuth
//middleware: Authority
middleware: LoginStatusCheck,LogRequest
)
service Core {
@doc "保存图表"
... ... @@ -45,6 +45,7 @@ service Core {
@server(
prefix: v1
group: chart
middleware: LogRequest
)
service Core {
@doc "加载图表数据"
... ...
... ... @@ -13,6 +13,7 @@ info(
prefix: v1
group: chart-setting
jwt: JwtAuth
middleware: LoginStatusCheck,LogRequest
)
service Core {
@handler getChartSetting
... ...
... ... @@ -36,6 +36,7 @@ service Core {
prefix: v1
group: table
jwt: JwtAuth
middleware: LoginStatusCheck,LogRequest
//middleware: Authority
)
service Core {
... ...