mmm-go / oppmg · 提交

转到一个项目

作者 tangxuhui
提交 39c1fbba251e891deb1e7182a3c62b5db6162f6c 1 个父辈 1513e222

校验token时,增加对手机账号的检查

内嵌 并排对比
正在显示 2 个修改的文件 包含 13 行增加11 行删除
... ... @@ -136,7 +136,7 @@ func ChangeLoginToken(userid, companyid int64) (protocol.LoginAuthToken, error)
log.Debug("无效公司")
return logintoken, protocol.NewErrWithMessage("10207")
}
logintoken, err = GenerateAuthToken(userid, companydata.Id, usercompany.Id)
logintoken, err = GenerateAuthToken(userid, companydata.Id, usercompany.Id, usercompany.Phone)
if err != nil {
log.Error("GenerateAuthToken err:%s", err)
return logintoken, protocol.NewErrWithMessage("1")
... ... @@ -486,7 +486,7 @@ func LoginAuthBySmsCode(uclientReturn *ucenter.ResponseLoginSms) (
return logintoken, protocol.NewErrWithMessage("1")
}
usercompanyid = ucompany.Id
logintoken, _ = GenerateAuthToken(userdata.Id, companyid, usercompanyid)
logintoken, _ = GenerateAuthToken(userdata.Id, companyid, usercompanyid, userdata.Phone)
//更新用户数据
userdata.Accid = uclientReturn.Data.CsAccountID
userdata.Icon = uclientReturn.Data.Image.Path
... ... @@ -639,7 +639,7 @@ func LoginAuthBySecretKey(secretKey string) (protocol.LoginAuthToken, error) {
log.Error("获取user_company失败;%s", err)
return logintoken, protocol.NewErrWithMessage("10202")
}
logintoken, _ = GenerateAuthToken(ucompany.UserId, ucompany.CompanyId, ucompany.Id)
logintoken, _ = GenerateAuthToken(ucompany.UserId, ucompany.CompanyId, ucompany.Id, ucompany.Phone)
//更新用户数据
//用户数据的更新 交由数据同步的接口处理
// var userdata *models.User
... ...
... ... @@ -17,13 +17,14 @@ var (
//MyToken ...
type MyToken struct {
jwt.StandardClaims
UID int64 `json:"uid"`
CompanyID int64 `json:"company_id"`
UserCompanyId int64 `json:"user_company_id"`
UID int64 `json:"uid"`
CompanyID int64 `json:"company_id"`
UserCompanyId int64 `json:"user_company_id"`
Account string `json:"account"`
}
//CreateJWTToken ...
func CreateJWTToken(uid int64, companyid int64, userCompanyId int64, expires int64) (string, error) {
func CreateJWTToken(uid int64, companyid int64, userCompanyId int64, account string, expires int64) (string, error) {
nowTime := time.Now().Unix()
claims := MyToken{
StandardClaims: jwt.StandardClaims{
... ... @@ -35,6 +36,7 @@ func CreateJWTToken(uid int64, companyid int64, userCompanyId int64, expires int
UID: uid,
CompanyID: companyid,
UserCompanyId: userCompanyId,
Account: account,
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
... ... @@ -60,8 +62,8 @@ func ValidJWTToken(tokenString string) (*MyToken, error) {
log.Error("获取userCompany数据失败,id=%d", claims.UserCompanyId)
return nil, fmt.Errorf("token Valid fail")
}
if userCompanyData.UserId != claims.UID {
log.Error("登录信息uid与用户数据不匹配, userCompanyData.UserId=%d, claims.UID=%d", userCompanyData.UserId, claims.UID)
if userCompanyData.Phone != claims.Account {
log.Error("登录信息Account与用户数据不匹配, userCompanyData.Phone=%d, claims.Account=%d", userCompanyData.Phone, claims.Account)
return nil, fmt.Errorf("token Valid fail")
}
return claims, nil
... ... @@ -79,7 +81,7 @@ func IsJwtErrorExpired(err error) bool {
return false
}
func GenerateAuthToken(uid int64, companyid int64, usercompanyid int64) (protocol.LoginAuthToken, error) {
func GenerateAuthToken(uid int64, companyid int64, usercompanyid int64, account string) (protocol.LoginAuthToken, error) {
var (
authToken protocol.LoginAuthToken
accesstoken string //主token,请求用
... ... @@ -87,7 +89,7 @@ func GenerateAuthToken(uid int64, companyid int64, usercompanyid int64) (protoco
err error
nowtime = time.Now()
)
accesstoken, err = CreateJWTToken(uid, companyid, usercompanyid, nowtime.Unix()+expiresIn+1)
accesstoken, err = CreateJWTToken(uid, companyid, usercompanyid, account, nowtime.Unix()+expiresIn+1)
if err != nil {
return authToken, err
}
... ...