package identification import ( "fmt" "hr_server/grocerystore" "hr_server/models" "hr_server/overall" "hr_server/overall/overallhandle" "github.com/gin-gonic/gin" "github.com/mitchellh/mapstructure" ) //验证器 func Validator() gin.HandlerFunc { return func(c *gin.Context) { userToken := c.Request.Header.Get("token") randomNumber := c.Request.Header.Get("number") ContentType := c.Request.Header.Get("Content-Type") Origin := c.Request.Header.Get("Origin") userAgent := c.Request.Header.Get("User-Agent") if ContentType == "" || userToken == "" || userAgent == "" || Origin == "" || randomNumber == "" { overallhandle.Result(2001, "对不起!您没有访问权限!", c) c.Abort() return } //设定redis Key名称 redisKey := fmt.Sprintf("Authentication:ApiAuthent_%v", userToken) redisClient := grocerystore.RunRedis(overall.CONSTANT_REDIS3) tokenInfo, isTrue := redisClient.HashGetAll(redisKey) if isTrue != true { overallhandle.Result(2002, "对不起您得令牌已经失效!请重新获取!", c) c.Abort() return } var validator ValidatorType identityErr := mapstructure.Decode(tokenInfo, &validator) if identityErr != nil { overallhandle.Result(2003, "对不起!身份验证失败!", c) c.Abort() return } //密码加密 var passWordMd5 overallhandle.Md5Encryption passWordMd5.Md5EncryptionInit(validator.PassWord) passWordMd5Str := passWordMd5.Md5EncryptionAlgorithm() var empowerUser models.EmpowerUser userErr := empowerUser.GetCont(map[string]interface{}{"userkey": validator.UserKey, "password": passWordMd5Str}, "verification_code") if userErr != nil { overallhandle.Result(2000, userErr, c) return } //头文件加密 //ContentType var ContentTypeMd5 overallhandle.Md5Encryption if empowerUser.VerificationCode != "" { ContentTypeMd5.AppKey = empowerUser.VerificationCode } ContentTypeMd5.Md5EncryptionInit(ContentType) ContentTypeMd5Str := ContentTypeMd5.Md5EncryptionAlgorithm() //Origin var OriginMd5 overallhandle.Md5Encryption if empowerUser.VerificationCode != "" { OriginMd5.AppKey = empowerUser.VerificationCode } OriginMd5.Md5EncryptionInit(Origin) originMd5Str := OriginMd5.Md5EncryptionAlgorithm() //userAgent var userAgentMd5 overallhandle.Md5Encryption if empowerUser.VerificationCode != "" { userAgentMd5.AppKey = empowerUser.VerificationCode } userAgentMd5.Md5EncryptionInit(userAgent) userAgentMd5Str := userAgentMd5.Md5EncryptionAlgorithm() //随机数加密 var randomNumberMd5 overallhandle.Md5Encryption if empowerUser.VerificationCode != "" { randomNumberMd5.AppKey = empowerUser.VerificationCode } randomNumberMd5.Md5EncryptionInit(validator.Number) numberMd5 := randomNumberMd5.Md5EncryptionAlgorithm() //用户名加密 var userKeyMd5 overallhandle.Md5Encryption if empowerUser.VerificationCode != "" { userKeyMd5.AppKey = empowerUser.VerificationCode } userKeyMd5.Md5EncryptionInit(validator.UserKey) userKeyMd5Str := userKeyMd5.Md5EncryptionAlgorithm() clearCodeToken := fmt.Sprintf("%v-%v-%v-%v-%v-%v", ContentTypeMd5Str, originMd5Str, userAgentMd5Str, numberMd5, userKeyMd5Str, passWordMd5Str) //token 加密 var tokenMd5 overallhandle.Md5Encryption tokenMd5.Md5EncryptionInit(clearCodeToken) tokenMd5Str := tokenMd5.Md5EncryptionAlgorithm() clearTokenStr := fmt.Sprintf("%v-%v", tokenMd5Str, numberMd5) var clearTokenMd5 overallhandle.Md5Encryption clearTokenMd5.Md5EncryptionInit(clearTokenStr) clearTokenMd5Str := clearTokenMd5.Md5EncryptionAlgorithm() //提交Token转化 submitTokenStr := fmt.Sprintf("%v-%v", userToken, randomNumber) var submitTokenMd5 overallhandle.Md5Encryption submitTokenMd5.Md5EncryptionInit(submitTokenStr) submitTokenMd5Str := submitTokenMd5.Md5EncryptionAlgorithm() if submitTokenMd5Str != clearTokenMd5Str { overallhandle.Result(2004, "对不起!非法令牌!不可访问系统", c) c.Abort() return } c.Next() } } //拦截器 func Interceptor() gin.HandlerFunc { return func(c *gin.Context) { } }