|
@@ -26,56 +26,57 @@ func Auth(settingObj cfacade.ProfileJSON) gin.HandlerFunc {
|
|
|
return
|
|
return
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- roleId, err := mdb.RDB.Get(context.Background(), tokenString).Result()
|
|
|
|
|
|
|
+ result, err := mdb.RDB.Get(context.Background(), tokenString).Result()
|
|
|
if err != nil && err != redis.Nil {
|
|
if err != nil && err != redis.Nil {
|
|
|
mhayaLogger.Warnf("Auth Get error: %s", err.Error())
|
|
mhayaLogger.Warnf("Auth Get error: %s", err.Error())
|
|
|
common.PackUnauthorizedResult(c, code.InternalError, "token is empty")
|
|
common.PackUnauthorizedResult(c, code.InternalError, "token is empty")
|
|
|
return
|
|
return
|
|
|
}
|
|
}
|
|
|
- if roleId == "" {
|
|
|
|
|
|
|
+ if result == "" {
|
|
|
common.PackUnauthorizedResult(c, code.UnauthorizedError, "token is invalid")
|
|
common.PackUnauthorizedResult(c, code.UnauthorizedError, "token is invalid")
|
|
|
return
|
|
return
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- if roleId != constant.AdminAccess {
|
|
|
|
|
- urlAccess, err := mdb.RDB.HGet(context.Background(), common.GetTokenKey(tokenString), c.Request.URL.Path).Result()
|
|
|
|
|
|
|
+ if result != constant.AdminAccess {
|
|
|
|
|
+ // 获取请求URL
|
|
|
|
|
+ url := c.Request.URL.Path
|
|
|
|
|
+ s, err := mdb.RDB.HGet(context.Background(), common.GetTokenKey(tokenString), url).Result()
|
|
|
if err != nil {
|
|
if err != nil {
|
|
|
mhayaLogger.Warnf("Auth HGet s error: %s", err.Error())
|
|
mhayaLogger.Warnf("Auth HGet s error: %s", err.Error())
|
|
|
common.PackUnauthorizedResult(c, code.InternalError, "")
|
|
common.PackUnauthorizedResult(c, code.InternalError, "")
|
|
|
return
|
|
return
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- // 检查url权限
|
|
|
|
|
- if urlAccess == "" {
|
|
|
|
|
|
|
+ // 检查是否有权限
|
|
|
|
|
+ if s == "" {
|
|
|
common.PackUnauthorizedResult(c, code.UnauthorizedError, "token is no auth")
|
|
common.PackUnauthorizedResult(c, code.UnauthorizedError, "token is no auth")
|
|
|
return
|
|
return
|
|
|
}
|
|
}
|
|
|
-
|
|
|
|
|
- // 非管理员需要进行ip校验
|
|
|
|
|
- openIpWhitelist := settingObj.Get("open_ip_whitelist").ToBool()
|
|
|
|
|
- if openIpWhitelist {
|
|
|
|
|
- err = checkIPWhitelist(c)
|
|
|
|
|
- if err != nil {
|
|
|
|
|
- mhayaLogger.Warnf("Auth checkIPWhitelist error: %s", err.Error())
|
|
|
|
|
- common.PackForbiddenResult(c, code.ForbiddenError, "ip is no auth")
|
|
|
|
|
- return
|
|
|
|
|
- }
|
|
|
|
|
- }
|
|
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- adminAccess, err := mdb.RDB.HGet(context.Background(), common.GetTokenKey(tokenString), constant.AdminAccess).Result()
|
|
|
|
|
|
|
+ ss, err := mdb.RDB.HGet(context.Background(), common.GetTokenKey(tokenString), constant.AdminAccess).Result()
|
|
|
if err != nil {
|
|
if err != nil {
|
|
|
mhayaLogger.Warnf("Auth HGet ss error: %s", err.Error())
|
|
mhayaLogger.Warnf("Auth HGet ss error: %s", err.Error())
|
|
|
common.PackUnauthorizedResult(c, code.InternalError, "")
|
|
common.PackUnauthorizedResult(c, code.InternalError, "")
|
|
|
return
|
|
return
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- // 检查管理员权限
|
|
|
|
|
- if adminAccess == "" {
|
|
|
|
|
|
|
+ // 检查是否有权限
|
|
|
|
|
+ if ss == "" {
|
|
|
common.PackUnauthorizedResult(c, code.UnauthorizedError, "token is no auth")
|
|
common.PackUnauthorizedResult(c, code.UnauthorizedError, "token is no auth")
|
|
|
return
|
|
return
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+ openIpWhitelist := settingObj.Get("open_ip_whitelist").ToBool()
|
|
|
|
|
+ if openIpWhitelist {
|
|
|
|
|
+ err = checkIPWhitelist(c)
|
|
|
|
|
+ if err != nil {
|
|
|
|
|
+ mhayaLogger.Warnf("Auth checkIPWhitelist error: %s", err.Error())
|
|
|
|
|
+ common.PackForbiddenResult(c, code.ForbiddenError, "ip is no auth")
|
|
|
|
|
+ return
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
c.Next()
|
|
c.Next()
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
