From c1a6b191b4b3ffc9749976e974a1c1e4c511e903 Mon Sep 17 00:00:00 2001
From: liujiandao <274878379@qq.com>
Date: 星期五, 03 十一月 2023 14:57:59 +0800
Subject: [PATCH] 添加登录验证

---
 middleware/jwt.go |  101 +++++++++++---------------------------------------
 1 files changed, 23 insertions(+), 78 deletions(-)

diff --git a/middleware/jwt.go b/middleware/jwt.go
index 48686f2..d9d7dd4 100644
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@@ -1,94 +1,39 @@
 package middleware
 
 import (
-	"errors"
-	"fmt"
-	"strings"
-	"time"
-	"wms/conf"
-
-	jwt "github.com/dgrijalva/jwt-go"
 	"github.com/gin-gonic/gin"
-	"wms/extend/util"
+	"strings"
+	"wms/pkg/contextx"
+	"wms/pkg/ecode"
 )
 
-func validateToken(tokenString string) (util.JSON, error) {
-	secretKey := []byte(conf.WebConf.JWTSecret)
-
-	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
-		// Don't forget to validate the alg is what you expect:
-		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
-			return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
-		}
-
-		return secretKey, nil
-	})
-
-	if err != nil {
-		return util.JSON{}, err
-	}
-
-	if !token.Valid {
-		return util.JSON{}, errors.New("invalid token")
-	}
-
-	return token.Claims.(jwt.MapClaims), nil
-}
-
-// JWTMiddleware parses JWT token from cookie and stores data and expires date to the context
-// JWT Token can be passed as cookie, or Authorization header
-func JWTMiddleware() gin.HandlerFunc {
+func JWTAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		tokenString, err := c.Cookie("token")
-		// failed to read cookie
-		if err != nil {
-			// try reading HTTP Header
-			authorization := c.Request.Header.Get("Authorization")
-			if authorization == "" {
-				c.Next()
-				return
-			}
-			sp := strings.Split(authorization, "Bearer ")
-			// invalid token
-			if len(sp) < 1 {
-				c.Next()
-				return
-			}
-			tokenString = sp[1]
+		ctx := new(contextx.Context).SetCtx(c)
+		// 鎴戜滑杩欓噷jwt閴存潈鍙栧ご閮ㄤ俊鎭� Authorization 鐧诲綍鏃跺洖杩斿洖token淇℃伅 杩欓噷鍓嶇闇�瑕佹妸token瀛樺偍鍒癱ookie鎴栬�呮湰鍦發ocalStorage涓� 涓嶈繃闇�瑕佽窡鍚庣鍗忓晢杩囨湡鏃堕棿 鍙互绾﹀畾鍒锋柊浠ょ墝鎴栬�呴噸鏂扮櫥褰�
+		token := c.Request.Header.Get("Authorization")
+		if token == "" {
+			ctx.Fail(ecode.JWTEmpty)
+			c.Abort()
+			return
 		}
-
-		tokenData, err := validateToken(tokenString)
+		slices := strings.Split(token, " ")
+		if len(slices) == 2 {
+			token = slices[1]
+		}
+		j := NewJWT()
+		// parseToken 瑙ｆ瀽token鍖呭惈鐨勪俊鎭�
+		claims, err := j.ParseToken(token)
 		if err != nil {
-			fmt.Println(err.Error())
+			if err == TokenExpired {
+				c.Next()
+				return
+			}
 			c.Next()
 			return
 		}
 
-		userParentId := tokenData["parentId"].(string)
-		if userParentId == conf.WebConf.NodeId {
-			c.Set("parentId", userParentId)
-		} else {
-			c.Next()
-			return
-		}
-
-		c.Set("token_expire", tokenData["exp"])
+		c.Set("claims", claims)
 		c.Next()
 	}
-}
-
-func GenerateToken(data interface{}) (string, error) {
-	//  token is valid for 1 hour
-	date := time.Now().Add(time.Hour * 12)
-
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
-		"user": data,
-		"exp":  date.Unix(),
-	})
-
-	secretKey := []byte(conf.WebConf.JWTSecret)
-
-	tokenString, err := token.SignedString(secretKey)
-
-	return tokenString, err
 }

--
Gitblit v1.8.0