middle.go 3.7 KB
package middleware

import (
	"fmt"
	"github.com/astaxie/beego"
	"oppmg/common/log"
	"oppmg/protocol"
	serveauth "oppmg/services/auth"
	"oppmg/storage/redisdata"

	"github.com/astaxie/beego"

	"github.com/astaxie/beego/plugins/cors"

	"github.com/astaxie/beego/context"
)

//LogRequestData Before Router
var LogRequestData = func(ctx *context.Context) {
	log.Info("====>Recv Request:%s", ctx.Input.URI())
	hmap := map[string]string{
		protocol.HeaderAccessToken:  ctx.Input.Header(protocol.HeaderAccessToken),
		protocol.HeaderRefreshToken: ctx.Input.Header(protocol.HeaderRefreshToken),
	}
	if ctx.Input.RequestBody != nil {
		log.Info("====>Recv data from client:\nHeadData: %v \nBodyData: %s", hmap, string(ctx.Input.RequestBody))
	} else {
		log.Info("====>Recv data from client:\nHeadData: %v ", hmap)
	}
}

//CheckSign Before Router
// var CheckSign = func(ctx *context.Context) {
// 	var (
// 		headTimeStamp   string
// 		headUuid        string
// 		headAccessToken string
// 		headSign        string
// 		signHex         string
// 	)
// 	headTimeStamp = ctx.Input.Header(protocol.HeaderTimestamp)
// 	headUuid = ctx.Input.Header(protocol.HeaderUUID)
// 	headSign = ctx.Input.Header(protocol.HeaderSign)
// 	setsign := fmt.Sprintf("v!(MmM%v%v%vMmM)i^", headTimeStamp, headUuid, headAccessToken)
// 	sha256 := sha256.New()
// 	sha256.Write([]byte(setsign))
// 	signHex = hex.EncodeToString(sha256.Sum(nil))
// 	if strings.Compare(signHex, headSign) != 0 {
// 		msg := protocol.BadRequestParam("113")
// 		ctx.Output.JSON(msg, false, false)
// 		return
// 	}
// 	return
// }

//AuthToken Before Router
var AuthToken = func(ctx *context.Context) {
	log.Debug("执行中间件AuthToken")
	if beego.BConfig.RunMode != "prod" {
		return
	}
	var (
		storetoken redisdata.RedisLoginToken
		msg        *protocol.ResponseMessage
		err        error
		mtoken     *serveauth.MyToken
	)
	accesstoken := ctx.Input.Header(protocol.HeaderAccessToken)
	refreshToken := ctx.Input.Header(protocol.HeaderRefreshToken)
	mtoken, err = serveauth.ValidJWTToken(accesstoken)
	if err == nil {
		storetoken, err = redisdata.GetLoginToken(mtoken.UID)
		if err != nil {
			log.Error("redisdata.GetLoginToken err:%s", err)
			msg = protocol.NewMesage("10024")
			ctx.Output.JSON(msg, false, false)
			return
		}
		if beego.BConfig.RunMode == "prod" {
			//校验是否是单客户端操作
			if storetoken.AccessToken != accesstoken {
				msg = protocol.NewMesage("10025")
				ctx.Output.JSON(msg, false, false)
				return
			}
		}
		ctx.Input.SetData(protocol.HeaderCompanyid, mtoken.CompanyID)
		ctx.Input.SetData(protocol.HeaderUserid, mtoken.UID)
		return
	}
	if ok := serveauth.IsJwtErrorExpired(err); ok {
		//token过期,刷新
		logintoken, err := serveauth.RefreshLoginToken(refreshToken)
		msg = protocol.NewReturnResponse(logintoken, err)
		ctx.Output.JSON(msg, false, false)
		return
	}
	msg = protocol.NewMesage("10024")
	ctx.Output.JSON(msg, false, false)
	return
}

//AllowOption 允许跨域请求
var AllowOption = func(ctx *context.Context) {
	if ctx.Request.Method != "OPTIONS" {
		return
	}
	f := cors.Allow(&cors.Options{
		AllowOrigins:     []string{"*"},                                       //允许的请求来源
		AllowMethods:     []string{"POST", "GET", "OPTIONS", "PUT", "DELETE"}, //允许的请求类型
		AllowHeaders:     []string{"*"},                                       //允许的头部信息
		ExposeHeaders:    []string{"Content-Length"},                          //允许暴露的头信息
		AllowCredentials: false,                                               //不允许共享AuthTuffic证书
	})
	f(ctx)
	ctx.Output.Body([]byte("{}"))
	return
}

var LogRouter = func(ctx *context.Context) {
	// RouterPattern
	p := ctx.Input.GetData("RouterPattern")
	fmt.Println("====>r:", p)
	return
}

//登录失效