You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
197 lines
6.6 KiB
197 lines
6.6 KiB
package middleware
|
|
|
|
import (
|
|
"encoding/json"
|
|
"strconv"
|
|
|
|
"github.com/flipped-aurora/gin-vue-admin/server/commonus"
|
|
"github.com/flipped-aurora/gin-vue-admin/server/global"
|
|
"github.com/flipped-aurora/gin-vue-admin/server/model/common/response"
|
|
"github.com/flipped-aurora/gin-vue-admin/server/service"
|
|
"github.com/flipped-aurora/gin-vue-admin/server/utils/redishandel"
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/mitchellh/mapstructure"
|
|
)
|
|
|
|
//鉴权
|
|
func MyAuthentication() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
userKey := c.Request.Header.Get("user-key")
|
|
userToken := c.Request.Header.Get("user-token")
|
|
userAgent := c.Request.Header.Get("User-Agent")
|
|
|
|
if userKey == "" || userToken == "" || userAgent == "" {
|
|
response.FailWithDetailed(gin.H{"reload": true, "code": 1}, "未登录或非法访问", c)
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
userKeyInt, userKeyIntErr := strconv.ParseInt(userKey, 10, 64)
|
|
if userKeyIntErr != nil {
|
|
response.FailWithDetailed(gin.H{"reload": true, "code": 2}, "未登录或非法访问", c)
|
|
c.Abort()
|
|
return
|
|
}
|
|
global.GVA_INDEX_USERKEY = userKeyInt
|
|
|
|
redisClient := redishandel.RunRedis()
|
|
tokenInfo, isTrues := redisClient.HashGetAll("system:Identification_" + global.GVA_CONFIG.RedisPrefix.Alias + "_" + userKey)
|
|
var myCustomIdentify commonus.MyCustomLogonIdentify
|
|
if isTrues != true {
|
|
response.FailWithDetailed(gin.H{"reload": true, "code": 3}, "您的帐户异地登陆或令牌失效", c)
|
|
c.Abort()
|
|
return
|
|
} else {
|
|
tokenErr := mapstructure.Decode(tokenInfo, &myCustomIdentify)
|
|
if tokenErr != nil {
|
|
response.FailWithDetailed(gin.H{"reload": true, "code": 4}, "您的帐户异地登陆或令牌失效", c)
|
|
c.Abort()
|
|
return
|
|
}
|
|
var md5JiaMi commonus.Md5Encryption
|
|
md5JiaMi.Md5EncryptionInit(userAgent)
|
|
md5Token := md5JiaMi.Md5EncryptionAlgorithm()
|
|
sha1Str := myCustomIdentify.UserKey + myCustomIdentify.UserNumber + myCustomIdentify.UserPwd + md5Token
|
|
sha1Token := commonus.Sha1Encryption(sha1Str)
|
|
// fmt.Printf("token=========>%v---->%v---->%v\n", md5Token, sha1Token, userAgent)
|
|
if sha1Token != userToken {
|
|
response.FailWithDetailed(gin.H{"reload": true, "code": 3}, "授权已过期", c)
|
|
c.Abort()
|
|
return
|
|
}
|
|
}
|
|
redisClient.SetRedisTime(10800)
|
|
writeRedisData := map[string]interface{}{
|
|
"userkey": myCustomIdentify.UserKey,
|
|
"usernumber": myCustomIdentify.UserNumber,
|
|
"userpwd": myCustomIdentify.UserPwd,
|
|
"usertoken": myCustomIdentify.UserToken,
|
|
}
|
|
|
|
redisClient.HashMsetAdd("system:Identification_"+global.GVA_CONFIG.RedisPrefix.Alias+"_"+userKey, writeRedisData)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
var mycasbinService = service.ServiceGroupApp.SystemServiceGroup.CasbinService
|
|
|
|
// 拦截器
|
|
func MyCasbinHandler() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
// waitUse, _ := utils.GetClaims(c)
|
|
// 获取请求的URI
|
|
// obj := c.Request.URL.RequestURI()
|
|
// 获取请求方法
|
|
// act := c.Request.Method
|
|
// 获取用户的角色
|
|
// sub := waitUse.AuthorityId
|
|
// e := mycasbinService.Casbin()
|
|
// 判断策略中是否存在
|
|
// success, _ := e.Enforce(sub, obj, act)
|
|
|
|
// fmt.Printf("=====>%v===========>%v===========>%v===========>%v\n", e, obj, act, e)
|
|
|
|
// if global.GVA_CONFIG.System.Env == "develop" || success {
|
|
// c.Next()
|
|
// } else {
|
|
// response.FailWithDetailed(gin.H{}, "权限不足", c)
|
|
// c.Abort()
|
|
// return
|
|
// }
|
|
}
|
|
}
|
|
|
|
func SystemAuthentication() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
userKey := c.Request.Header.Get("user-key")
|
|
userToken := c.Request.Header.Get("user-token")
|
|
userAgent := c.Request.Header.Get("User-Agent")
|
|
|
|
if userKey == "" || userToken == "" || userAgent == "" {
|
|
response.FailWithDetailed(gin.H{"reload": true, "code": 101}, "未登录或非法访问", c)
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
userKeyInt, userKeyIntErr := strconv.ParseInt(userKey, 10, 64)
|
|
if userKeyIntErr != nil {
|
|
response.FailWithDetailed(gin.H{"reload": true, "code": 2}, "未登录或非法访问", c)
|
|
c.Abort()
|
|
return
|
|
}
|
|
global.GVA_ADMIN_USERKEY = userKeyInt
|
|
|
|
redisClient := redishandel.RunRedis()
|
|
tokenInfo, isTrues := redisClient.HashGetAll("system:SystemIdentification_" + global.GVA_CONFIG.RedisPrefix.Alias + "_" + userKey)
|
|
var myCustomIdentify commonus.MyCustomAdminLogonIdentify
|
|
if isTrues != true {
|
|
response.FailWithDetailed(gin.H{"reload": true, "code": 102}, "您的帐户异地登陆或令牌失效", c)
|
|
c.Abort()
|
|
return
|
|
} else {
|
|
tokenErr := mapstructure.Decode(tokenInfo, &myCustomIdentify)
|
|
if tokenErr != nil {
|
|
response.FailWithDetailed(gin.H{"reload": true, "code": 103, "tokenErr": tokenErr}, "您的帐户异地登陆或令牌失效", c)
|
|
c.Abort()
|
|
return
|
|
}
|
|
var md5JiaMi commonus.Md5Encryption
|
|
md5JiaMi.Md5EncryptionInit(userAgent)
|
|
md5Token := md5JiaMi.Md5EncryptionAlgorithm()
|
|
sha1Str := myCustomIdentify.UserKey + myCustomIdentify.UserNumber + myCustomIdentify.UserPwd + md5Token
|
|
sha1Token := commonus.Sha1Encryption(sha1Str)
|
|
// fmt.Printf("token=========>%v---->%v---->%v\n", md5Token, sha1Token, userAgent)
|
|
if sha1Token != userToken {
|
|
response.FailWithDetailed(gin.H{"reload": true, "code": 104}, "授权已过期", c)
|
|
c.Abort()
|
|
return
|
|
}
|
|
}
|
|
redisClient.SetRedisTime(10800)
|
|
writeRedisData := map[string]interface{}{
|
|
"userkey": myCustomIdentify.UserKey,
|
|
"usernumber": myCustomIdentify.UserNumber,
|
|
"userpwd": myCustomIdentify.UserPwd,
|
|
"usertoken": myCustomIdentify.UserToken,
|
|
"jurisdiction": myCustomIdentify.Jurisdiction,
|
|
"menuOper": myCustomIdentify.MenuOper,
|
|
"wand": myCustomIdentify.Wand,
|
|
}
|
|
var surisdictionStr []string
|
|
var surisdictionInt []int64
|
|
jsonErr := json.Unmarshal([]byte(myCustomIdentify.Jurisdiction), &surisdictionStr)
|
|
if jsonErr == nil {
|
|
for _, jurVal := range surisdictionStr {
|
|
jurValInt, jurValErr := strconv.ParseInt(jurVal, 10, 64)
|
|
if jurValErr == nil {
|
|
surisdictionInt = append(surisdictionInt, jurValInt)
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
global.Gva_Authority_Authentication = surisdictionInt
|
|
var menuOperStr []string
|
|
var menuOperInts []int64
|
|
jsonErrSun := json.Unmarshal([]byte(myCustomIdentify.MenuOper), &menuOperStr)
|
|
if jsonErrSun == nil {
|
|
for _, menuOperVal := range menuOperStr {
|
|
menuOperInt, menuOperErr := strconv.ParseInt(menuOperVal, 10, 64)
|
|
if menuOperErr == nil {
|
|
menuOperInts = append(menuOperInts, menuOperInt)
|
|
}
|
|
|
|
}
|
|
}
|
|
global.Gva_Authority_Authentication_Subsidiary = menuOperInts
|
|
redisClient.HashMsetAdd("system:SystemIdentification_"+global.GVA_CONFIG.RedisPrefix.Alias+"_"+userKey, writeRedisData)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
// 拦截器
|
|
func SystemCasbinHandler() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
|
|
}
|
|
}
|
|
|