|
- package mw
-
- import (
- "applet/app/comm/db"
- "applet/app/comm/db/model"
- "applet/app/comm/e"
- "applet/app/comm/md"
- "applet/app/comm/svc"
- "applet/app/comm/utils"
- "applet/app/comm/utils/cache"
- "applet/app/comm/utils/logx"
- "applet/app/lib/auth"
- "errors"
- "fmt"
- "strings"
-
- "github.com/gin-gonic/gin"
- )
-
- // AuthJWT is jwt middleware
- func AuthJWT(c *gin.Context) {
- requestType := c.Request.Header.Get("Request-Type")
- requestUid := c.Request.Header.Get("Request-uid")
- var mc = new(auth.JWTUser)
- var err error
- var parts = make([]string, 2)
- if requestType != "mq_consume" {
- authHeader := c.Request.Header.Get("Authorization")
- fmt.Println("test================,", authHeader)
- if authHeader == "" {
- e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 不能为空"))
- return
- }
-
- // 按空格分割
- parts = strings.SplitN(authHeader, " ", 2)
- fmt.Println("test1================,", parts)
-
- if !(len(parts) == 2 && parts[0] == "Bearer") {
- e.OutErr(c, e.ERR_TOKEN_FORMAT, errors.New("token 格式不对"))
- return
- }
- // parts[1]是token
- mc, err = utils.ParseToken(parts[1])
- fmt.Println("test3================,", mc)
-
- if err != nil {
- e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 过期或无效"))
- return
- }
- } else {
- mc.UID = utils.StrToInt(requestUid)
- }
- //fmt.Println(mc.UID)
- // 获取user
- u, err := db.UserFindByID(db.DBs[c.GetString("mid")], mc.UID)
- fmt.Println("test4================,", u)
- fmt.Println("test5================,", mc.UID)
-
- if err != nil {
- e.OutErr(c, e.ERR_DB_ORM, err)
- return
- }
-
- if u == nil {
- e.OutErr(c, e.ERR_UNAUTHORIZED, errors.New("token 过期或无效"))
- return
- }
- // 检验账号是否未激活或被冻结
- switch u.State {
- case 0:
- e.OutErr(c, e.ERR_USER_NO_ACTIVE)
- return
- case 2:
- e.OutErr(c, e.ERR_USER_IS_BAN)
- return
- }
- if requestType != "mq_consume" {
- // 校验是否和缓存的token一致,只能有一个token 是真实有效
- key := fmt.Sprintf("%s:token:%s", c.GetString("mid"), u.Username)
- //fmt.Println(key)
- cjwt, err := cache.GetString(key)
- fmt.Println("====================token", u.Username, key, cjwt, parts[1])
- if err != nil {
- fmt.Println("====================token", err)
- if c.GetString("mid") == "58919110" {
- utils.FilePutContents("token0", u.Username+" "+cjwt+" "+err.Error())
- }
- logx.Warn(err)
- NOCACHE(c, parts, mc, u, false)
- return
- }
- if parts[1] != cjwt {
- if c.GetString("mid") == "58919110" {
- utils.FilePutContents("token1", u.Username+" "+cjwt+" "+parts[1]+" false")
- }
- e.OutErr(c, e.ERR_TOKEN_AUTH, errors.New("token expired"))
- return
- }
- }
- NOCACHE(c, parts, mc, u, true)
- }
-
- func NOCACHE(c *gin.Context, parts []string, mc *auth.JWTUser, u *model.User, isTrue bool) {
- // 获取user profile
- up, err := db.UserProfileFindByID(db.DBs[c.GetString("mid")], mc.UID)
- if err != nil || up == nil {
- e.OutErr(c, e.ERR_DB_ORM, err)
- return
- }
- if parts[1] != up.ArkidToken && isTrue == false {
- if c.GetString("mid") == "58919110" {
- utils.FilePutContents("token2", u.Username+" "+up.ArkidToken+" "+parts[1]+" false")
- }
- e.OutErr(c, e.ERR_TOKEN_AUTH, errors.New("token expired"))
- return
- }
- if parts[1] != up.ArkidToken && isTrue {
- up.ArkidToken = parts[1]
- db.UserProfileUpdate(svc.MasterDb(c), up.Uid, up, "arkid_token")
- }
- if up.AvatarUrl == "" {
- up.AvatarUrl = c.GetString("appUserDefaultAvatar")
- }
- // 获取user 等级
- ul, err := db.UserLevelByID(db.DBs[c.GetString("mid")], u.Level)
- if err != nil {
- e.OutErr(c, e.ERR_DB_ORM, err)
- return
- }
-
- user := &md.User{
- Info: u,
- Profile: up,
- Level: ul,
- }
-
- // 将当前请求的username信息保存到请求的上下文c上
- c.Set("user", user)
- // 异步处理 有效会员和新会员
- c.Next() // 后续的处理函数可以用过c.Get("user")来获取当前请求的用户信息
-
- }
|
