校验token时，增加对手机账号的检查

tangxuhui
services/auth/auth.go
services/auth/token.go
--- a/services/auth/auth.go
查看文件 @39c1fbb
+++ b/services/auth/auth.go
查看文件 @39c1fbb
@@ -136,7 +136,7 @@ func ChangeLoginToken(userid, companyid int64) (protocol.LoginAuthToken, error) 
 		log.Debug("无效公司")
 		return logintoken, protocol.NewErrWithMessage("10207")
 	}
-	logintoken, err = GenerateAuthToken(userid, companydata.Id, usercompany.Id)
+	logintoken, err = GenerateAuthToken(userid, companydata.Id, usercompany.Id, usercompany.Phone)
 	if err != nil {
 		log.Error("GenerateAuthToken err:%s", err)
 		return logintoken, protocol.NewErrWithMessage("1")
@@ -486,7 +486,7 @@ func LoginAuthBySmsCode(uclientReturn *ucenter.ResponseLoginSms) (
 		return logintoken, protocol.NewErrWithMessage("1")
 	}
 	usercompanyid = ucompany.Id
-	logintoken, _ = GenerateAuthToken(userdata.Id, companyid, usercompanyid)
+	logintoken, _ = GenerateAuthToken(userdata.Id, companyid, usercompanyid, userdata.Phone)
 	//更新用户数据
 	userdata.Accid = uclientReturn.Data.CsAccountID
 	userdata.Icon = uclientReturn.Data.Image.Path
@@ -639,7 +639,7 @@ func LoginAuthBySecretKey(secretKey string) (protocol.LoginAuthToken, error) {
 		log.Error("获取user_company失败；%s", err)
 		return logintoken, protocol.NewErrWithMessage("10202")
 	}
-	logintoken, _ = GenerateAuthToken(ucompany.UserId, ucompany.CompanyId, ucompany.Id)
+	logintoken, _ = GenerateAuthToken(ucompany.UserId, ucompany.CompanyId, ucompany.Id, ucompany.Phone)
 	//更新用户数据
 	//用户数据的更新 交由数据同步的接口处理
 	// var userdata *models.User
--- a/services/auth/token.go
查看文件 @39c1fbb
+++ b/services/auth/token.go
查看文件 @39c1fbb
@@ -17,13 +17,14 @@ var (
 //MyToken ...
 type MyToken struct {
 	jwt.StandardClaims
-	UID           int64 `json:"uid"`
-	CompanyID     int64 `json:"company_id"`
-	UserCompanyId int64 `json:"user_company_id"`
+	UID           int64  `json:"uid"`
+	CompanyID     int64  `json:"company_id"`
+	UserCompanyId int64  `json:"user_company_id"`
+	Account       string `json:"account"`
 }
 //CreateJWTToken ...
-func CreateJWTToken(uid int64, companyid int64, userCompanyId int64, expires int64) (string, error) {
+func CreateJWTToken(uid int64, companyid int64, userCompanyId int64, account string, expires int64) (string, error) {
 	nowTime := time.Now().Unix()
 	claims := MyToken{
 		StandardClaims: jwt.StandardClaims{
@@ -35,6 +36,7 @@ func CreateJWTToken(uid int64, companyid int64, userCompanyId int64, expires int
 		UID:           uid,
 		CompanyID:     companyid,
 		UserCompanyId: userCompanyId,
+		Account:       account,
 	}
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
@@ -60,8 +62,8 @@ func ValidJWTToken(tokenString string) (*MyToken, error) {
 			log.Error("获取userCompany数据失败，id=%d", claims.UserCompanyId)
 			return nil, fmt.Errorf("token Valid fail")
 		}
-		if userCompanyData.UserId != claims.UID {
-			log.Error("登录信息uid与用户数据不匹配， userCompanyData.UserId=%d, claims.UID=%d", userCompanyData.UserId, claims.UID)
+		if userCompanyData.Phone != claims.Account {
+			log.Error("登录信息Account与用户数据不匹配， userCompanyData.Phone=%d, claims.Account=%d", userCompanyData.Phone, claims.Account)
 			return nil, fmt.Errorf("token Valid fail")
 		}
 		return claims, nil
@@ -79,7 +81,7 @@ func IsJwtErrorExpired(err error) bool {
 	return false
 }
-func GenerateAuthToken(uid int64, companyid int64, usercompanyid int64) (protocol.LoginAuthToken, error) {
+func GenerateAuthToken(uid int64, companyid int64, usercompanyid int64, account string) (protocol.LoginAuthToken, error) {
 	var (
 		authToken   protocol.LoginAuthToken
 		accesstoken string               //主token，请求用
@@ -87,7 +89,7 @@ func GenerateAuthToken(uid int64, companyid int64, usercompanyid int64) (protoco
 		err         error
 		nowtime     = time.Now()
 	)
-	accesstoken, err = CreateJWTToken(uid, companyid, usercompanyid, nowtime.Unix()+expiresIn+1)
+	accesstoken, err = CreateJWTToken(uid, companyid, usercompanyid, account, nowtime.Unix()+expiresIn+1)
 	if err != nil {
 		return authToken, err
 	}