mirror of
https://github.com/yangjian102621/geekai.git
synced 2026-04-12 14:14:25 +08:00
110 lines
2.7 KiB
Go
110 lines
2.7 KiB
Go
package middleware
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"geekai/core/types"
|
|
"geekai/utils"
|
|
"geekai/utils/resp"
|
|
"time"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/go-redis/redis/v8"
|
|
"github.com/golang-jwt/jwt"
|
|
)
|
|
|
|
// 前端用户授权验证
|
|
func UserAuthMiddleware(secretKey string, redis *redis.Client) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
tokenString := c.GetHeader(types.UserAuthHeader)
|
|
if tokenString == "" {
|
|
resp.NotAuth(c, "无效的授权令牌")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
|
|
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
|
return nil, fmt.Errorf("不支持的令牌签名方法: %v", token.Header["alg"])
|
|
}
|
|
return []byte(secretKey), nil
|
|
})
|
|
|
|
if err != nil {
|
|
resp.NotAuth(c, fmt.Sprintf("解析授权令牌失败: %v", err))
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
claims, ok := token.Claims.(jwt.MapClaims)
|
|
if !ok || !token.Valid {
|
|
resp.NotAuth(c, "令牌无效")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
expr := utils.IntValue(utils.InterfaceToString(claims["expired"]), 0)
|
|
if expr > 0 && int64(expr) < time.Now().Unix() {
|
|
resp.NotAuth(c, "令牌过期")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
key := fmt.Sprintf("users/%v", claims["user_id"])
|
|
if _, err := redis.Get(context.Background(), key).Result(); err != nil {
|
|
resp.NotAuth(c, "当前用户已退出登录")
|
|
c.Abort()
|
|
return
|
|
}
|
|
c.Set(types.LoginUserID, claims["user_id"])
|
|
}
|
|
}
|
|
|
|
// 管理后台用户授权验证
|
|
func AdminAuthMiddleware(secretKey string, redis *redis.Client) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
tokenString := c.GetHeader(types.AdminAuthHeader)
|
|
if tokenString == "" {
|
|
resp.NotAuth(c, "无效的授权令牌")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
|
|
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
|
return nil, fmt.Errorf("不支持的令牌签名方法: %v", token.Header["alg"])
|
|
}
|
|
return []byte(secretKey), nil
|
|
})
|
|
|
|
if err != nil {
|
|
resp.NotAuth(c, fmt.Sprintf("解析授权令牌失败: %v", err))
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
claims, ok := token.Claims.(jwt.MapClaims)
|
|
if !ok || !token.Valid {
|
|
resp.NotAuth(c, "令牌无效")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
expr := utils.IntValue(utils.InterfaceToString(claims["expired"]), 0)
|
|
if expr > 0 && int64(expr) < time.Now().Unix() {
|
|
resp.NotAuth(c, "令牌过期")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
key := fmt.Sprintf("admin/%v", claims["user_id"])
|
|
if _, err := redis.Get(context.Background(), key).Result(); err != nil {
|
|
resp.NotAuth(c, "当前用户已退出登录")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
c.Set(types.AdminUserID, claims["user_id"])
|
|
}
|
|
}
|