From bf4e24619d23124e55a73e6487efda71489412de Mon Sep 17 00:00:00 2001
From: wolter <wolter@yourdomain.com>
Date: Fri, 2 Aug 2024 14:32:44 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=90=8E=E5=8F=B0=E8=B7=AF?=
 =?UTF-8?q?=E7=94=B1=EF=BC=8C=E6=B7=BB=E5=8A=A0auth=E6=A0=A1=E9=AA=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/constants/common/common.go |  7 ++++-
 app/http/middlewares/base.go   | 52 +++++++++++++++++++++++-----------
 app/http/routes/admin.go       |  2 +-
 app/utils/util.go              | 10 +++++++
 config/config.go               |  1 +
 5 files changed, 54 insertions(+), 18 deletions(-)

diff --git a/app/constants/common/common.go b/app/constants/common/common.go
index 5ddaf65..d763935 100644
--- a/app/constants/common/common.go
+++ b/app/constants/common/common.go
@@ -3,7 +3,7 @@ package common
 const (
 	TOKEN_PRE   = "player_token_"
 	TOKEN_Admin = "Admin_token_"
-	ADMIN_V1    = "/admin/pay/api/v1"
+	ADMIN_V1    = "/pay/admin/api/v1"
 
 	// 支付渠道枚举,1微信JSAPI，2微信H5，3微信app，4微信Native，5微信小程序，6支付宝网页&移动应用，7支付宝小程序，8支付宝JSAPI
 	PAY_CHANNEL_UNKNOWN       = 0
@@ -15,4 +15,9 @@ const (
 	PAY_CHANNEL_ALIPAY_WEB    = 6
 	PAY_CHANNEL_ALIPAY_MINI   = 7
 	PAY_CHANNEL_ALIPAY_JSAPI  = 8
+
+	// 统一登陆信息
+	ADMIN_USER_ID           = "User-Id"
+	ADMIN_USER_NAME         = "User-Name"
+	ADMIN_USER_INCLUDEUSERS = "Include-Users"
 )
diff --git a/app/http/middlewares/base.go b/app/http/middlewares/base.go
index c13dedd..728350d 100644
--- a/app/http/middlewares/base.go
+++ b/app/http/middlewares/base.go
@@ -6,10 +6,8 @@ import (
 	"PaymentCenter/app/http/controllers"
 	"PaymentCenter/app/http/requestmapping"
 	"PaymentCenter/app/utils"
-	"context"
-	"errors"
+	"PaymentCenter/config"
 	"github.com/gin-gonic/gin"
-	"github.com/qit-team/snow-core/redis"
 	"strings"
 )
 
@@ -59,20 +57,42 @@ func Cors() gin.HandlerFunc {
 
 func AdminAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		var token = c.GetHeader("token")
-		//将token放入redis
-		var playerId, err = redis.GetRedis().Get(context.Background(), utils.GetRealKey(common.TOKEN_Admin+token)).Result()
-		if rs, errRedis := redis.GetRedis().SIsMember(context.Background(), "disabled_uids", playerId).Result(); errRedis == nil && rs {
-			err = errors.New(errorcode.GetMsg(errorcode.NotFound, ""))
-			redis.GetRedis().SRem(context.Background(), "disabled_uids", playerId)
-		}
-		if err == nil {
-			c.Set("playerId", playerId)
-			c.Next()
-			return
-		} else {
-			controllers.HandCodeRes(c, nil, errorcode.Forbidden)
+		ip, _ := c.RemoteIP()
+		utils.Log(c, "请求地址RemoteIP()", ip.String(), config.GetConf().AdminGate)
+		clientIp := c.ClientIP()
+		utils.Log(c, "请求地址clientIp", clientIp)
+
+		if config.GetConf().Debug == false && !utils.SliceInStr(ip.String(), config.GetConf().AdminGate) {
 			c.Abort()
+			controllers.HandCodeRes(c, nil, errorcode.Forbidden)
+			return
+		}
+
+		var userName = c.GetHeader("User-Name")
+		if userName != "" {
+			c.Set(common.ADMIN_USER_NAME, userName)
+		}
+		var IncludeUsers = c.GetHeader("Include-Users")
+		if IncludeUsers != "" {
+			c.Set(common.ADMIN_USER_INCLUDEUSERS, IncludeUsers)
+		}
+
+		var adminId = c.GetHeader("User-Id")
+		// 测试环境直接放行
+		if config.GetConf().Debug == true {
+			c.Set(common.ADMIN_USER_ID, adminId)
+			c.Next()
+		} else {
+			utils.Log(c, "请求header信息", "adminId="+adminId, "IncludeUsers="+IncludeUsers)
+			// 正式环境校验
+			if adminId != "" {
+				c.Set(common.ADMIN_USER_ID, adminId)
+				c.Next()
+			} else {
+				c.Abort()
+				controllers.HandCodeRes(c, nil, errorcode.NotAuth)
+				return
+			}
 		}
 	}
 }
diff --git a/app/http/routes/admin.go b/app/http/routes/admin.go
index 7b531f8..9d81e75 100644
--- a/app/http/routes/admin.go
+++ b/app/http/routes/admin.go
@@ -23,7 +23,7 @@ func RegisterAdminRoute(router *gin.Engine) {
 		}
 	}
 
-	v1 := router.Group("/admin/pay/api/v1", middlewares.ValidateRequest())
+	v1 := router.Group("/pay/admin/api/v1", middlewares.AdminAuth(), middlewares.ValidateRequest())
 	{
 		// 商户管理
 		merchant := v1.Group("/merchant")
diff --git a/app/utils/util.go b/app/utils/util.go
index 42ef269..0810033 100644
--- a/app/utils/util.go
+++ b/app/utils/util.go
@@ -410,3 +410,13 @@ func ParseToken(tokenString string) (*jwt.Token, *Claims, error) {
 	})
 	return token, Claims, err
 }
+
+// 判断切片是否包含指定字符串
+func SliceInStr(s string, slice []string) bool {
+	for _, v := range slice {
+		if s == v {
+			return true
+		}
+	}
+	return false
+}
diff --git a/config/config.go b/config/config.go
index 9fdff6f..4db996c 100644
--- a/config/config.go
+++ b/config/config.go
@@ -36,6 +36,7 @@ type Config struct {
 	OpenApi                 OpenApi            `toml:"OpenApi"`
 	Jwt                     Jwt                `toml:"Jwt"`
 	AliOss                  AliOss             `toml:"AliOss"`
+	AdminGate               []string           `toml:"AdminGate"`
 }
 
 type AliOss struct {