作者 陈志颖

合并分支 'dev' 到 'test'

fix:过滤路由



查看合并请求 !18
@@ -6,6 +6,7 @@ import ( @@ -6,6 +6,7 @@ import (
6 "gitlab.fjmaimaimai.com/mmm-go/partner/pkg/constant" 6 "gitlab.fjmaimaimai.com/mmm-go/partner/pkg/constant"
7 "gitlab.fjmaimaimai.com/mmm-go/partner/pkg/infrastructure/utils" 7 "gitlab.fjmaimaimai.com/mmm-go/partner/pkg/infrastructure/utils"
8 "gitlab.fjmaimaimai.com/mmm-go/partner/pkg/protocol" 8 "gitlab.fjmaimaimai.com/mmm-go/partner/pkg/protocol"
  9 + "net/url"
9 "strconv" 10 "strconv"
10 "strings" 11 "strings"
11 ) 12 )
@@ -16,44 +17,58 @@ func CheckJWTToken(ctx *context.Context) { @@ -16,44 +17,58 @@ func CheckJWTToken(ctx *context.Context) {
16 msg *protocol.ResponseMessage 17 msg *protocol.ResponseMessage
17 ) 18 )
18 19
19 - token := ctx.Input.Header("x-mmm-accesstoken")  
20 -  
21 - if strings.HasSuffix(ctx.Request.RequestURI, "login") ||  
22 - strings.HasSuffix(ctx.Request.RequestURI, "accessToken") ||  
23 - strings.HasSuffix(ctx.Request.RequestURI, "refreshToken") ||  
24 - strings.HasSuffix(ctx.Request.RequestURI, "smsCode") ||  
25 - strings.HasSuffix(ctx.Request.RequestURI, "centerCompanys") ||  
26 - strings.HasSuffix(ctx.Request.RequestURI, "companys") ||  
27 - strings.HasSuffix(ctx.Request.RequestURI, "loginV2") ||  
28 - strings.HasSuffix(ctx.Request.RequestURI, "checkSmsCode") ||  
29 - strings.HasSuffix(ctx.Request.RequestURI, "changePhone") ||  
30 - strings.HasSuffix(ctx.Request.RequestURI, "resetPassword") ||  
31 - strings.HasSuffix(ctx.Request.RequestURI, "changePassword") {  
32 - return 20 + // 需要被过滤的地址 一定要写键值
  21 + filterMap := map[string]string{
  22 + "/v1/auth/checkPassword": "校验密码",
33 } 23 }
34 24
35 - defer func() {  
36 - if msg != nil {  
37 - ctx.Output.JSON(msg, false, false) 25 + urlStr := ""
  26 + tmpUrl, err := url.Parse(ctx.Request.RequestURI)
  27 + if err == nil {
  28 + urlStr = tmpUrl.Path
  29 + }
  30 +
  31 + if res := filterMap[urlStr]; res == "" {
  32 + /** 不在 Map 内对请求进行处理 **/
  33 + token := ctx.Input.Header("x-mmm-accesstoken")
  34 +
  35 + if strings.HasSuffix(ctx.Request.RequestURI, "login") ||
  36 + strings.HasSuffix(ctx.Request.RequestURI, "accessToken") ||
  37 + strings.HasSuffix(ctx.Request.RequestURI, "refreshToken") ||
  38 + strings.HasSuffix(ctx.Request.RequestURI, "smsCode") ||
  39 + strings.HasSuffix(ctx.Request.RequestURI, "centerCompanys") ||
  40 + strings.HasSuffix(ctx.Request.RequestURI, "companys") ||
  41 + strings.HasSuffix(ctx.Request.RequestURI, "loginV2") ||
  42 + strings.HasSuffix(ctx.Request.RequestURI, "checkSmsCode") ||
  43 + strings.HasSuffix(ctx.Request.RequestURI, "changePhone") ||
  44 + strings.HasSuffix(ctx.Request.RequestURI, "resetPassword") ||
  45 + strings.HasSuffix(ctx.Request.RequestURI, "changePassword") {
  46 + return
38 } 47 }
39 - }()  
40 -  
41 - if u, err := utils.ParseJWTToken(token); err != nil {  
42 - msg = protocol.NewMesage(4141)  
43 - return  
44 - } else {  
45 - ctx.Input.SetData("UserId", u.UserId)  
46 -  
47 - if constant.DISENABLE_MULTI_DEVICE_LOGIN {  
48 - // valid token  
49 - userPhone, _ := strconv.Atoi(u.Phone)  
50 - tokenAuth := userAuth.NewRedisUserAuth(userAuth.WithUserId(int64(userPhone)))  
51 - err := tokenAuth.Check(  
52 - userAuth.NewOptions(userAuth.WithAccessToken(token)),  
53 - )  
54 - if err != nil {  
55 - msg = protocol.NewMesage(4141)  
56 - return 48 +
  49 + defer func() {
  50 + if msg != nil {
  51 + ctx.Output.JSON(msg, false, false)
  52 + }
  53 + }()
  54 +
  55 + if u, err := utils.ParseJWTToken(token); err != nil {
  56 + msg = protocol.NewMesage(4141)
  57 + return
  58 + } else {
  59 + ctx.Input.SetData("UserId", u.UserId)
  60 +
  61 + if constant.DISENABLE_MULTI_DEVICE_LOGIN {
  62 + // valid token
  63 + userPhone, _ := strconv.Atoi(u.Phone)
  64 + tokenAuth := userAuth.NewRedisUserAuth(userAuth.WithUserId(int64(userPhone)))
  65 + err := tokenAuth.Check(
  66 + userAuth.NewOptions(userAuth.WithAccessToken(token)),
  67 + )
  68 + if err != nil {
  69 + msg = protocol.NewMesage(4141)
  70 + return
  71 + }
57 } 72 }
58 } 73 }
59 } 74 }
@@ -6,10 +6,9 @@ import ( @@ -6,10 +6,9 @@ import (
6 ) 6 )
7 7
8 func init() { 8 func init() {
9 - beego.Router("/auth/checkPassword", &controllers.AuthController{}, "Post:CheckPassword")  
10 nsV1 := beego.NewNamespace("v1") //, beego.NSBefore(middleware.CheckJWTToken) 9 nsV1 := beego.NewNamespace("v1") //, beego.NSBefore(middleware.CheckJWTToken)
11 nsV1.Router("/auth/login", &controllers.AuthController{}, "Post:Login") 10 nsV1.Router("/auth/login", &controllers.AuthController{}, "Post:Login")
12 - //nsV1.Router("/auth/checkPassword", &controllers.AuthController{}, "Post:CheckPassword") // 校验密码 11 + nsV1.Router("/auth/checkPassword", &controllers.AuthController{}, "Post:CheckPassword") // 校验密码
13 nsV1.Router("/auth/smsCode", &controllers.AuthController{}, "Post:SmsCode") 12 nsV1.Router("/auth/smsCode", &controllers.AuthController{}, "Post:SmsCode")
14 nsV1.Router("/auth/accessToken", &controllers.AuthController{}, "Post:AccessToken") 13 nsV1.Router("/auth/accessToken", &controllers.AuthController{}, "Post:AccessToken")
15 nsV1.Router("/auth/refreshToken", &controllers.AuthController{}, "Post:RefreshToken") 14 nsV1.Router("/auth/refreshToken", &controllers.AuthController{}, "Post:RefreshToken")