10 bulan lalu · d6140f544a
--- a/game/game_cluster/nodes/webadmin/router/middleware.go
+++ b/game/game_cluster/nodes/webadmin/router/middleware.go
@@ -26,57 +26,56 @@ func Auth(settingObj cfacade.ProfileJSON) gin.HandlerFunc {
 
				 			return
			
 
				 		}
			
 
				 
			
 
				-		result, err := mdb.RDB.Get(context.Background(), tokenString).Result()
			
 
				+		roleId, err := mdb.RDB.Get(context.Background(), tokenString).Result()
			
 
				 		if err != nil && err != redis.Nil {
			
 
				 			mhayaLogger.Warnf("Auth Get error: %s", err.Error())
			
 
				 			common.PackUnauthorizedResult(c, code.InternalError, "token is empty")
			
 
				 			return
			
 
				 		}
			
 
				-		if result == "" {
			
 
				+		if roleId == "" {
			
 
				 			common.PackUnauthorizedResult(c, code.UnauthorizedError, "token is invalid")
			
 
				 			return
			
 
				 		}
			
 
				 
			
 
				-		if result != constant.AdminAccess {
			
 
				-			// 获取请求URL
			
 
				-			url := c.Request.URL.Path
			
 
				-			s, err := mdb.RDB.HGet(context.Background(), common.GetTokenKey(tokenString), url).Result()
			
 
				+		if roleId != constant.AdminAccess {
			
 
				+			urlAccess, err := mdb.RDB.HGet(context.Background(), common.GetTokenKey(tokenString), c.Request.URL.Path).Result()
			
 
				 			if err != nil {
			
 
				 				mhayaLogger.Warnf("Auth HGet s error: %s", err.Error())
			
 
				 				common.PackUnauthorizedResult(c, code.InternalError, "")
			
 
				 				return
			
 
				 			}
			
 
				 
			
 
				-			// 检查是否有权限
			
 
				-			if s == "" {
			
 
				+			// 检查url权限
			
 
				+			if urlAccess == "" {
			
 
				 				common.PackUnauthorizedResult(c, code.UnauthorizedError, "token is no auth")
			
 
				 				return
			
 
				 			}
			
 
				+
			
 
				+			// 非管理员需要进行ip校验
			
 
				+			openIpWhitelist := settingObj.Get("open_ip_whitelist").ToBool()
			
 
				+			if openIpWhitelist {
			
 
				+				err = checkIPWhitelist(c)
			
 
				+				if err != nil {
			
 
				+					mhayaLogger.Warnf("Auth checkIPWhitelist error: %s", err.Error())
			
 
				+					common.PackForbiddenResult(c, code.ForbiddenError, "ip is no auth")
			
 
				+					return
			
 
				+				}
			
 
				+			}
			
 
				 		}
			
 
				 
			
 
				-		ss, err := mdb.RDB.HGet(context.Background(), common.GetTokenKey(tokenString), constant.AdminAccess).Result()
			
 
				+		adminAccess, err := mdb.RDB.HGet(context.Background(), common.GetTokenKey(tokenString), constant.AdminAccess).Result()
			
 
				 		if err != nil {
			
 
				 			mhayaLogger.Warnf("Auth HGet ss error: %s", err.Error())
			
 
				 			common.PackUnauthorizedResult(c, code.InternalError, "")
			
 
				 			return
			
 
				 		}
			
 
				 
			
 
				-		// 检查是否有权限
			
 
				-		if ss == "" {
			
 
				+		// 检查管理员权限
			
 
				+		if adminAccess == "" {
			
 
				 			common.PackUnauthorizedResult(c, code.UnauthorizedError, "token is no auth")
			
 
				 			return
			
 
				 		}
			
 
				 
			
 
				-		openIpWhitelist := settingObj.Get("open_ip_whitelist").ToBool()
			
 
				-		if openIpWhitelist {
			
 
				-			err = checkIPWhitelist(c)
			
 
				-			if err != nil {
			
 
				-				mhayaLogger.Warnf("Auth checkIPWhitelist error: %s", err.Error())
			
 
				-				common.PackForbiddenResult(c, code.ForbiddenError, "ip is no auth")
			
 
				-				return
			
 
				-			}
			
 
				-		}
			
 
				-
			
 
				 		c.Next()
			
 
				 	}
			
 
				 }