package middleware import ( "encoding/json" "strconv" "github.com/flipped-aurora/gin-vue-admin/server/commonus" "github.com/flipped-aurora/gin-vue-admin/server/global" "github.com/flipped-aurora/gin-vue-admin/server/model/common/response" "github.com/flipped-aurora/gin-vue-admin/server/service" "github.com/flipped-aurora/gin-vue-admin/server/utils/redishandel" "github.com/gin-gonic/gin" "github.com/mitchellh/mapstructure" ) //鉴权 func MyAuthentication() gin.HandlerFunc { return func(c *gin.Context) { userKey := c.Request.Header.Get("user-key") userToken := c.Request.Header.Get("user-token") userAgent := c.Request.Header.Get("User-Agent") if userKey == "" || userToken == "" || userAgent == "" { response.FailWithDetailed(gin.H{"reload": true, "code": 1}, "未登录或非法访问", c) c.Abort() return } userKeyInt, userKeyIntErr := strconv.ParseInt(userKey, 10, 64) if userKeyIntErr != nil { response.FailWithDetailed(gin.H{"reload": true, "code": 2}, "未登录或非法访问", c) c.Abort() return } global.GVA_INDEX_USERKEY = userKeyInt redisClient := redishandel.RunRedis() tokenInfo, isTrues := redisClient.HashGetAll("system:Identification_" + global.GVA_CONFIG.RedisPrefix.Alias + "_" + userKey) var myCustomIdentify commonus.MyCustomLogonIdentify if isTrues != true { response.FailWithDetailed(gin.H{"reload": true, "code": 3}, "您的帐户异地登陆或令牌失效", c) c.Abort() return } else { tokenErr := mapstructure.Decode(tokenInfo, &myCustomIdentify) if tokenErr != nil { response.FailWithDetailed(gin.H{"reload": true, "code": 3}, "您的帐户异地登陆或令牌失效", c) c.Abort() return } var md5JiaMi commonus.Md5Encryption md5JiaMi.Md5EncryptionInit(userAgent) md5Token := md5JiaMi.Md5EncryptionAlgorithm() sha1Str := myCustomIdentify.UserKey + myCustomIdentify.UserNumber + myCustomIdentify.UserPwd + md5Token sha1Token := commonus.Sha1Encryption(sha1Str) // fmt.Printf("token=========>%v---->%v---->%v\n", md5Token, sha1Token, userAgent) if sha1Token != userToken { response.FailWithDetailed(gin.H{"reload": true, "code": 3}, "授权已过期", c) c.Abort() return } } redisClient.SetRedisTime(10800) // redisClient.SetRedisTime(60) writeRedisData := map[string]interface{}{ "userkey": myCustomIdentify.UserKey, "usernumber": myCustomIdentify.UserNumber, "userpwd": myCustomIdentify.UserPwd, "usertoken": myCustomIdentify.UserToken, } redisClient.HashMsetAdd("system:Identification_"+global.GVA_CONFIG.RedisPrefix.Alias+"_"+userKey, writeRedisData) c.Next() } } var mycasbinService = service.ServiceGroupApp.SystemServiceGroup.CasbinService // 拦截器 func MyCasbinHandler() gin.HandlerFunc { return func(c *gin.Context) { // waitUse, _ := utils.GetClaims(c) // 获取请求的URI // obj := c.Request.URL.RequestURI() // 获取请求方法 // act := c.Request.Method // 获取用户的角色 // sub := waitUse.AuthorityId // e := mycasbinService.Casbin() // 判断策略中是否存在 // success, _ := e.Enforce(sub, obj, act) // fmt.Printf("=====>%v===========>%v===========>%v===========>%v\n", e, obj, act, e) // if global.GVA_CONFIG.System.Env == "develop" || success { // c.Next() // } else { // response.FailWithDetailed(gin.H{}, "权限不足", c) // c.Abort() // return // } } } func SystemAuthentication() gin.HandlerFunc { return func(c *gin.Context) { userKey := c.Request.Header.Get("user-key") userToken := c.Request.Header.Get("user-token") userAgent := c.Request.Header.Get("User-Agent") if userKey == "" || userToken == "" || userAgent == "" { response.FailWithDetailed(gin.H{"reload": true, "code": 101}, "未登录或非法访问", c) c.Abort() return } userKeyInt, userKeyIntErr := strconv.ParseInt(userKey, 10, 64) if userKeyIntErr != nil { response.FailWithDetailed(gin.H{"reload": true, "code": 2}, "未登录或非法访问", c) c.Abort() return } global.GVA_ADMIN_USERKEY = userKeyInt redisClient := redishandel.RunRedis() tokenInfo, isTrues := redisClient.HashGetAll("system:SystemIdentification_" + global.GVA_CONFIG.RedisPrefix.Alias + "_" + userKey) var myCustomIdentify commonus.MyCustomAdminLogonIdentify if isTrues != true { response.FailWithDetailed(gin.H{"reload": true, "code": 102}, "您的帐户异地登陆或令牌失效", c) c.Abort() return } else { tokenErr := mapstructure.Decode(tokenInfo, &myCustomIdentify) if tokenErr != nil { response.FailWithDetailed(gin.H{"reload": true, "code": 103, "tokenErr": tokenErr}, "您的帐户异地登陆或令牌失效", c) c.Abort() return } var md5JiaMi commonus.Md5Encryption md5JiaMi.Md5EncryptionInit(userAgent) md5Token := md5JiaMi.Md5EncryptionAlgorithm() sha1Str := myCustomIdentify.UserKey + myCustomIdentify.UserNumber + myCustomIdentify.UserPwd + md5Token sha1Token := commonus.Sha1Encryption(sha1Str) // fmt.Printf("token=========>%v---->%v---->%v\n", md5Token, sha1Token, userAgent) if sha1Token != userToken { response.FailWithDetailed(gin.H{"reload": true, "code": 104}, "授权已过期", c) c.Abort() return } } redisClient.SetRedisTime(10800) writeRedisData := map[string]interface{}{ "userkey": myCustomIdentify.UserKey, "usernumber": myCustomIdentify.UserNumber, "userpwd": myCustomIdentify.UserPwd, "usertoken": myCustomIdentify.UserToken, "jurisdiction": myCustomIdentify.Jurisdiction, "menuOper": myCustomIdentify.MenuOper, "wand": myCustomIdentify.Wand, } var surisdictionStr []string var surisdictionInt []int64 jsonErr := json.Unmarshal([]byte(myCustomIdentify.Jurisdiction), &surisdictionStr) if jsonErr == nil { for _, jurVal := range surisdictionStr { jurValInt, jurValErr := strconv.ParseInt(jurVal, 10, 64) if jurValErr == nil { surisdictionInt = append(surisdictionInt, jurValInt) } } } global.Gva_Authority_Authentication = surisdictionInt var menuOperStr []string var menuOperInts []int64 jsonErrSun := json.Unmarshal([]byte(myCustomIdentify.MenuOper), &menuOperStr) if jsonErrSun == nil { for _, menuOperVal := range menuOperStr { menuOperInt, menuOperErr := strconv.ParseInt(menuOperVal, 10, 64) if menuOperErr == nil { menuOperInts = append(menuOperInts, menuOperInt) } } } global.Gva_Authority_Authentication_Subsidiary = menuOperInts redisClient.HashMsetAdd("system:SystemIdentification_"+global.GVA_CONFIG.RedisPrefix.Alias+"_"+userKey, writeRedisData) c.Next() } } // 拦截器 func SystemCasbinHandler() gin.HandlerFunc { return func(c *gin.Context) { } }