package auth
|
|
import (
|
"github.com/gin-gonic/gin"
|
"net/http"
|
"strings"
|
"sync"
|
"vamicro/extend/util"
|
)
|
|
const (
|
TokenKey = "abc123456789"
|
)
|
|
type Auth interface {
|
Check(c *gin.Context)bool
|
User(c *gin.Context)map[string]interface{}
|
Login(http *http.Request,w http.ResponseWriter,user map[string]interface{})interface{}
|
Logout(http *http.Request,w http.ResponseWriter) bool
|
}
|
|
func GenerateAuthDriver() *Auth {
|
var authDriver Auth
|
authDriver = NewJwtAuthDriver()
|
return &authDriver
|
}
|
|
var outUserM = make(map[string]string,0)
|
var lock sync.RWMutex
|
|
func SetOutUser(userId string) {
|
lock.Lock()
|
defer lock.Unlock()
|
outUserM[userId] = userId
|
}
|
|
func OutUser(userId string) bool {
|
lock.Lock()
|
defer lock.Unlock()
|
if _,ok := outUserM[userId];ok{
|
return true
|
}
|
return false
|
}
|
|
func RemoveOutUser(userId string) {
|
lock.Lock()
|
defer lock.Unlock()
|
if _,ok := outUserM[userId];ok{
|
delete(outUserM,userId)
|
}
|
}
|
|
var noTokenUrls = []string{
|
"/data/api-v/gb28181/findAreaByParentId",
|
"/data/api-v/sysinit/getInitInfo",
|
"/data/api-v/sysinit/savePassword",
|
"/data/api-v/sysinit/networkList",
|
"/data/api-v/sysinit/initNetwork",
|
"/data/api-v/sysinit/saveRegInfo",
|
"/data/api-v/sysinit/getRegInfo",
|
"/data/api-u/sys/logout",
|
}
|
|
func AuthHandler() gin.HandlerFunc {
|
return func(c *gin.Context) {
|
urlPath := c.Request.URL.Path
|
|
if strings.Contains(urlPath,"/data/api-") &&
|
!strings.Contains(urlPath,"login") &&
|
!strings.Contains(urlPath, "/data/api-v/license") &&
|
!strings.Contains(urlPath, "/data/api-v/info/") &&
|
!util.ArrayContains(noTokenUrls, urlPath) &&
|
!strings.Contains(urlPath, "/data/api-v/token") {
|
//Oauth2检查
|
token,err := Oauth2Serv.ValidationBearerToken(c.Request)
|
if nil == err {
|
if !CheckAcl(urlPath) {
|
c.JSON(401, gin.H{
|
"code": 401,
|
"success": false,
|
"msg": "接口暂未开放",
|
"data": "",
|
})
|
c.Abort()
|
return
|
}
|
c.Request.Header.Set("Login_user_id", token.GetUserID())
|
c.Next()
|
//fmt.Print(token.GetUserID())
|
return
|
} else {
|
//fmt.Println(err.Error())
|
}
|
jwtDriver :=NewJwtAuthDriver()
|
if !jwtDriver.Check(c) {
|
c.JSON(401, gin.H{
|
"code": 401,
|
"success": false,
|
"msg": "请求未携带Token,无权访问",
|
"data": "",
|
})
|
c.Abort()
|
return
|
}
|
userM := (*jwtDriver).User(c)
|
if userM == nil {
|
c.JSON(401, gin.H{
|
"code": 401,
|
"success": false,
|
"msg": "请求未携带Token,无权访问",
|
"data": "",
|
})
|
c.Abort()
|
return
|
}
|
userId := userM["id"].(string)
|
if OutUser(userId) {
|
c.JSON(401, gin.H{
|
"code": 401,
|
"success": false,
|
"msg": "请求未携带Token,无权访问",
|
"data": "",
|
})
|
c.Abort()
|
return
|
}
|
c.Request.Header.Set("Login_user_id", userId)
|
c.Next()
|
} else {
|
c.Next()
|
}
|
}
|
}
|
|
func GetCurUser(c *gin.Context)map[string]interface{}{
|
return (*GenerateAuthDriver()).User(c)
|
}
|
