package middleware import ( "Cold_Logistic/internal/pkg/common/codex" "Cold_Logistic/internal/pkg/common/constant" "Cold_Logistic/internal/pkg/common/global" "Cold_Logistic/internal/pkg/utils/headutil" "Cold_Logistic/internal/server/infra/dao" "Cold_Logistic/internal/server/infra/models" "Cold_Logistic/internal/server/infra/thirdparty/internalservice/clod" "context" "github.com/gin-gonic/gin" "gogs.baozhida.cn/Cold_Logistic_libs/pkg/contrib/core" "gogs.baozhida.cn/Cold_Logistic_libs/pkg/contrib/errors" "gogs.baozhida.cn/Cold_Logistic_libs/pkg/contrib/log" ) // ManageAuth 平台验证 func ManageAuth() gin.HandlerFunc { return func(c *gin.Context) { _, token, err := headutil.ParseAuthHead(c) if err != nil { core.WriteResponse(c, errors.WrapC(err, codex.ErrSignatureInvalid, "Parse Authorization token fail."), nil) c.Abort() return } if token == "" { core.WriteResponse(c, errors.WithCodeOnce(err, codex.ErrSignatureInvalid, ""), nil) c.Abort() return } tokenInfo, err := Verification(c, token) if err != nil { core.WriteResponse(c, errors.WithCodeOnce(err, codex.ErrLoginFailed, "验证失败,请重新登陆"), nil) c.Abort() return } c.Set(constant.TokenInfoKey, tokenInfo) AccountIdLogger := c.Value(log.GetContextKey()).(log.Logger) AccountIdLogger = AccountIdLogger.WithValues("accountId", tokenInfo.AccountId) c.Set(log.GetContextKey(), AccountIdLogger) c.Next() } } func ManageAuthV2() gin.HandlerFunc { return func(c *gin.Context) { userToken, err := c.Cookie("User_tokey") if err != nil { core.WriteResponse(c, errors.WithCodeOnce(err, codex.ErrLoginFailed, "验证失败,请重新登陆"), nil) c.Abort() return } if userToken == "" { userToken = c.PostForm("User_tokey") } if userToken == "" { core.WriteResponse(c, errors.WithCodeOnce(err, codex.ErrSignatureInvalid, ""), nil) c.Abort() return } tokenInfo, err := Verification(c, userToken) if err != nil { core.WriteResponse(c, errors.WithCodeOnce(err, codex.ErrLoginFailed, "验证失败,请重新登陆"), nil) c.Abort() return } c.Set(constant.TokenInfoKey, tokenInfo) AccountIdLogger := c.Value(log.GetContextKey()).(log.Logger) AccountIdLogger = AccountIdLogger.WithValues("accountId", tokenInfo.AccountId) c.Set(log.GetContextKey(), AccountIdLogger) c.Next() } } func ManagePermis() gin.HandlerFunc { return func(c *gin.Context) { tokenInfo := global.GetTokenInfoFromContext(c) hasPermis, err := clod.NewBzdClodService().CheckUserPermissions(c, clod.PermisParam{ Power_Id: tokenInfo.PowerId, Req_Url: c.FullPath(), }) if err != nil { core.WriteResponse(c, errors.WithCodeOnce(err, codex.ErrOpPermissionFailed, ""), nil) c.Abort() return } if !hasPermis { core.WriteResponse(c, errors.WithCode(codex.ErrOperationForbideen, ""), nil) c.Abort() return } c.Next() } } func Verification(c *gin.Context, token string) (info global.TokenInfo, err error) { ok, pid, user, err := clod.NewBzdClodService().LoginVerification(c, token) if err != nil { return info, err } if !ok { return info, errors.New("验证失败,请重新登陆") } accInfo := models.Account{} store := dao.NewDataStore(global.CommonConnectRepoInst.StoreDB) err = store.InTx(c, func(ctx context.Context) error { accInfo, err = store.Account().FindByUuid(c, user.T_uuid) if err != nil { return err } accInfo.UsePid = user.T_pid accInfo.PowerId = user.T_power accInfo.Phone = user.T_phone accInfo.Name = user.T_name if pid == 0 { accInfo.UsePid = pid } if accInfo.Id == 0 { accInfo.Uuid = user.T_uuid accInfo.Pid = user.T_pid accInfo.AccountType = constant.AccountPlatform accInfo.FirstLogin = constant.NO if err = store.Account().Create(c, &accInfo); err != nil { return err } } else { if err = store.Account().UpdateById(c, &accInfo); err != nil { return err } } return nil }) if err != nil { return info, err } info = global.TokenInfo{ AccountId: accInfo.Id, AccountUuid: accInfo.Uuid, AccountType: constant.AccountPlatform, Pid: accInfo.Pid, Name: accInfo.Name, Phone: accInfo.Phone, PowerId: accInfo.PowerId, UsePid: accInfo.UsePid, } return info, nil }