first commit
This commit is contained in:
Blizzard
@@ -0,0 +1,56 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"sundynix-go/global"
|
||||
"sundynix-go/model/commom/response"
|
||||
"sundynix-go/service"
|
||||
"sundynix-go/utils/auth"
|
||||
"sundynix-go/utils/timer"
|
||||
"time"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
)
|
||||
|
||||
var jwtService = service.GroupApp.SystemServiceGroup.JwtService
|
||||
|
||||
// AuthMiddleware 验证token有效性
|
||||
func AuthMiddleware() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
token := auth.GetToken(c)
|
||||
if token == "" {
|
||||
response.NoAuth("未登录或非法访问", c)
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
userId := auth.GetUserId(c)
|
||||
if jwtService.IsInBlacklist(userId, token) {
|
||||
response.NoAuth("未登录或令牌失效", c)
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
j := auth.NewJWT()
|
||||
// 解析token信息
|
||||
claims, err := j.ParseToken(token)
|
||||
if err != nil {
|
||||
if errors.Is(err, auth.TokenExpired) {
|
||||
response.NoAuth("登录过期", c)
|
||||
auth.ClearToken(c)
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
response.NoAuth(err.Error(), c)
|
||||
auth.ClearToken(c)
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
c.Set("claims", claims)
|
||||
if claims.ExpiresAt.Unix()-time.Now().Unix() < claims.BufferTime {
|
||||
dr, _ := timer.ParseDuration(global.Config.JWT.ExpiresTime)
|
||||
claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(dr))
|
||||
}
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,77 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strings"
|
||||
"sundynix-go/global"
|
||||
"sundynix-go/model/system"
|
||||
"sundynix-go/service"
|
||||
"sundynix-go/utils/auth"
|
||||
"sync"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
var operationService = service.GroupApp.SystemServiceGroup.OperationRecordService
|
||||
|
||||
var respPool sync.Pool
|
||||
var bufferSize = 1024
|
||||
|
||||
func init() {
|
||||
respPool = sync.Pool{
|
||||
New: func() interface{} {
|
||||
return make([]byte, bufferSize)
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func OperationRecord() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
var body []byte
|
||||
var userId string
|
||||
if c.Request.Method != http.MethodGet {
|
||||
var err error
|
||||
body, err = io.ReadAll(c.Request.Body)
|
||||
if err != nil {
|
||||
global.Logger.Error("read body from request error:", zap.Error(err))
|
||||
} else {
|
||||
c.Request.Body = io.NopCloser(bytes.NewBuffer(body))
|
||||
}
|
||||
} else {
|
||||
query := c.Request.URL.RawQuery
|
||||
query, _ = url.QueryUnescape(query)
|
||||
split := strings.Split(query, "&")
|
||||
m := make(map[string]string)
|
||||
for _, v := range split {
|
||||
kv := strings.Split(v, "=")
|
||||
if len(kv) == 2 {
|
||||
m[kv[0]] = kv[1]
|
||||
}
|
||||
}
|
||||
body, _ = json.Marshal(&m)
|
||||
}
|
||||
claims, _ := auth.GetClaims(c)
|
||||
if claims != nil && claims.BaseClaims.ID != "" {
|
||||
userId = claims.BaseClaims.ID
|
||||
} else {
|
||||
userId = c.Request.Header.Get("x-user-id")
|
||||
}
|
||||
record := system.SysOperationRecord{
|
||||
Ip: c.ClientIP(),
|
||||
Method: c.Request.Method,
|
||||
Path: c.Request.URL.Path,
|
||||
Agent: c.Request.UserAgent(),
|
||||
Body: string(body),
|
||||
UserId: userId,
|
||||
}
|
||||
|
||||
if err := operationService.CreateOperationRecord(record); err != nil {
|
||||
global.Logger.Error("create operation record error:", zap.Error(err))
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user