package mw import ( "applet/app/comm/db" "applet/app/comm/db/model" "applet/app/comm/e" "applet/app/comm/md" "applet/app/comm/svc" "applet/app/comm/utils" "applet/app/comm/utils/cache" "applet/app/comm/utils/logx" "applet/app/lib/auth" "errors" "fmt" "strings" "github.com/gin-gonic/gin" ) // AuthJWT is jwt middleware func AuthJWT(c *gin.Context) { requestType := c.Request.Header.Get("Request-Type") requestUid := c.Request.Header.Get("Request-uid") var mc = new(auth.JWTUser) var err error var parts = make([]string, 2) if requestType != "mq_consume" { authHeader := c.Request.Header.Get("Authorization") fmt.Println("test================,", authHeader) if authHeader == "" { e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 不能为空")) return } // 按空格分割 parts = strings.SplitN(authHeader, " ", 2) fmt.Println("test1================,", parts) if !(len(parts) == 2 && parts[0] == "Bearer") { e.OutErr(c, e.ERR_TOKEN_FORMAT, errors.New("token 格式不对")) return } // parts[1]是token mc, err = utils.ParseToken(parts[1]) fmt.Println("test3================,", mc) if err != nil { e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 过期或无效")) return } } else { mc.UID = utils.StrToInt(requestUid) } //fmt.Println(mc.UID) // 获取user u, err := db.UserFindByID(db.DBs[c.GetString("mid")], mc.UID) fmt.Println("test4================,", u) fmt.Println("test5================,", mc.UID) if err != nil { e.OutErr(c, e.ERR_DB_ORM, err) return } if u == nil { e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 过期或无效")) return } // 检验账号是否未激活或被冻结 switch u.State { case 0: e.OutErr(c, e.ERR_USER_NO_ACTIVE) return case 2: e.OutErr(c, e.ERR_USER_IS_BAN) return } if requestType != "mq_consume" { // 校验是否和缓存的token一致,只能有一个token 是真实有效 key := fmt.Sprintf("%s:token:%s", c.GetString("mid"), u.Username) //fmt.Println(key) cjwt, err := cache.GetString(key) fmt.Println("====================token", u.Username, key, cjwt, parts[1]) if err != nil { fmt.Println("====================token", err) if c.GetString("mid") == "58919110" { utils.FilePutContents("token0", u.Username+" "+cjwt+" "+err.Error()) } logx.Warn(err) NOCACHE(c, parts, mc, u, false) return } if parts[1] != cjwt { if c.GetString("mid") == "58919110" { utils.FilePutContents("token1", u.Username+" "+cjwt+" "+parts[1]+" false") } e.OutErr(c, e.ERR_TOKEN_AUTH, errors.New("token expired")) return } } NOCACHE(c, parts, mc, u, true) } func NOCACHE(c *gin.Context, parts []string, mc *auth.JWTUser, u *model.User, isTrue bool) { // 获取user profile up, err := db.UserProfileFindByID(db.DBs[c.GetString("mid")], mc.UID) if err != nil || up == nil { e.OutErr(c, e.ERR_DB_ORM, err) return } if parts[1] != up.ArkidToken && isTrue == false { if c.GetString("mid") == "58919110" { utils.FilePutContents("token2", u.Username+" "+up.ArkidToken+" "+parts[1]+" false") } e.OutErr(c, e.ERR_TOKEN_AUTH, errors.New("token expired")) return } if parts[1] != up.ArkidToken && isTrue { up.ArkidToken = parts[1] db.UserProfileUpdate(svc.MasterDb(c), up.Uid, up, "arkid_token") } if up.AvatarUrl == "" { up.AvatarUrl = c.GetString("appUserDefaultAvatar") } // 获取user 等级 ul, err := db.UserLevelByID(db.DBs[c.GetString("mid")], u.Level) if err != nil { e.OutErr(c, e.ERR_DB_ORM, err) return } user := &md.User{ Info: u, Profile: up, Level: ul, } // 将当前请求的username信息保存到请求的上下文c上 c.Set("user", user) // 异步处理 有效会员和新会员 c.Next() // 后续的处理函数可以用过c.Get("user")来获取当前请求的用户信息 }