作者 陈志颖

合并分支 'dev' 到 'test'

fix:过滤路由



查看合并请求 !18
... ... @@ -6,6 +6,7 @@ import (
"gitlab.fjmaimaimai.com/mmm-go/partner/pkg/constant"
"gitlab.fjmaimaimai.com/mmm-go/partner/pkg/infrastructure/utils"
"gitlab.fjmaimaimai.com/mmm-go/partner/pkg/protocol"
"net/url"
"strconv"
"strings"
)
... ... @@ -16,44 +17,58 @@ func CheckJWTToken(ctx *context.Context) {
msg *protocol.ResponseMessage
)
token := ctx.Input.Header("x-mmm-accesstoken")
if strings.HasSuffix(ctx.Request.RequestURI, "login") ||
strings.HasSuffix(ctx.Request.RequestURI, "accessToken") ||
strings.HasSuffix(ctx.Request.RequestURI, "refreshToken") ||
strings.HasSuffix(ctx.Request.RequestURI, "smsCode") ||
strings.HasSuffix(ctx.Request.RequestURI, "centerCompanys") ||
strings.HasSuffix(ctx.Request.RequestURI, "companys") ||
strings.HasSuffix(ctx.Request.RequestURI, "loginV2") ||
strings.HasSuffix(ctx.Request.RequestURI, "checkSmsCode") ||
strings.HasSuffix(ctx.Request.RequestURI, "changePhone") ||
strings.HasSuffix(ctx.Request.RequestURI, "resetPassword") ||
strings.HasSuffix(ctx.Request.RequestURI, "changePassword") {
return
// 需要被过滤的地址 一定要写键值
filterMap := map[string]string{
"/v1/auth/checkPassword": "校验密码",
}
defer func() {
if msg != nil {
ctx.Output.JSON(msg, false, false)
urlStr := ""
tmpUrl, err := url.Parse(ctx.Request.RequestURI)
if err == nil {
urlStr = tmpUrl.Path
}
if res := filterMap[urlStr]; res == "" {
/** 不在 Map 内对请求进行处理 **/
token := ctx.Input.Header("x-mmm-accesstoken")
if strings.HasSuffix(ctx.Request.RequestURI, "login") ||
strings.HasSuffix(ctx.Request.RequestURI, "accessToken") ||
strings.HasSuffix(ctx.Request.RequestURI, "refreshToken") ||
strings.HasSuffix(ctx.Request.RequestURI, "smsCode") ||
strings.HasSuffix(ctx.Request.RequestURI, "centerCompanys") ||
strings.HasSuffix(ctx.Request.RequestURI, "companys") ||
strings.HasSuffix(ctx.Request.RequestURI, "loginV2") ||
strings.HasSuffix(ctx.Request.RequestURI, "checkSmsCode") ||
strings.HasSuffix(ctx.Request.RequestURI, "changePhone") ||
strings.HasSuffix(ctx.Request.RequestURI, "resetPassword") ||
strings.HasSuffix(ctx.Request.RequestURI, "changePassword") {
return
}
}()
if u, err := utils.ParseJWTToken(token); err != nil {
msg = protocol.NewMesage(4141)
return
} else {
ctx.Input.SetData("UserId", u.UserId)
if constant.DISENABLE_MULTI_DEVICE_LOGIN {
// valid token
userPhone, _ := strconv.Atoi(u.Phone)
tokenAuth := userAuth.NewRedisUserAuth(userAuth.WithUserId(int64(userPhone)))
err := tokenAuth.Check(
userAuth.NewOptions(userAuth.WithAccessToken(token)),
)
if err != nil {
msg = protocol.NewMesage(4141)
return
defer func() {
if msg != nil {
ctx.Output.JSON(msg, false, false)
}
}()
if u, err := utils.ParseJWTToken(token); err != nil {
msg = protocol.NewMesage(4141)
return
} else {
ctx.Input.SetData("UserId", u.UserId)
if constant.DISENABLE_MULTI_DEVICE_LOGIN {
// valid token
userPhone, _ := strconv.Atoi(u.Phone)
tokenAuth := userAuth.NewRedisUserAuth(userAuth.WithUserId(int64(userPhone)))
err := tokenAuth.Check(
userAuth.NewOptions(userAuth.WithAccessToken(token)),
)
if err != nil {
msg = protocol.NewMesage(4141)
return
}
}
}
}
... ...
... ... @@ -6,10 +6,9 @@ import (
)
func init() {
beego.Router("/auth/checkPassword", &controllers.AuthController{}, "Post:CheckPassword")
nsV1 := beego.NewNamespace("v1") //, beego.NSBefore(middleware.CheckJWTToken)
nsV1.Router("/auth/login", &controllers.AuthController{}, "Post:Login")
//nsV1.Router("/auth/checkPassword", &controllers.AuthController{}, "Post:CheckPassword") // 校验密码
nsV1.Router("/auth/checkPassword", &controllers.AuthController{}, "Post:CheckPassword") // 校验密码
nsV1.Router("/auth/smsCode", &controllers.AuthController{}, "Post:SmsCode")
nsV1.Router("/auth/accessToken", &controllers.AuthController{}, "Post:AccessToken")
nsV1.Router("/auth/refreshToken", &controllers.AuthController{}, "Post:RefreshToken")
... ...