修改后台路由，添加auth校验

app/constants/common/common.go

@@ -3,7 +3,7 @@ package common
 const (
 	TOKEN_PRE   = "player_token_"
 	TOKEN_Admin = "Admin_token_"
-	ADMIN_V1    = "/admin/pay/api/v1"
+	ADMIN_V1    = "/pay/admin/api/v1"
 
 	// 支付渠道枚举,1微信JSAPI，2微信H5，3微信app，4微信Native，5微信小程序，6支付宝网页&移动应用，7支付宝小程序，8支付宝JSAPI
 	PAY_CHANNEL_UNKNOWN       = 0
@@ -15,4 +15,9 @@ const (
 	PAY_CHANNEL_ALIPAY_WEB    = 6
 	PAY_CHANNEL_ALIPAY_MINI   = 7
 	PAY_CHANNEL_ALIPAY_JSAPI  = 8
+
+	// 统一登陆信息
+	ADMIN_USER_ID           = "User-Id"
+	ADMIN_USER_NAME         = "User-Name"
+	ADMIN_USER_INCLUDEUSERS = "Include-Users"
 )

app/http/middlewares/base.go

@@ -6,10 +6,8 @@ import (
 	"PaymentCenter/app/http/controllers"
 	"PaymentCenter/app/http/requestmapping"
 	"PaymentCenter/app/utils"
-	"context"
-	"errors"
+	"PaymentCenter/config"
 	"github.com/gin-gonic/gin"
-	"github.com/qit-team/snow-core/redis"
 	"strings"
 )
 
@@ -59,20 +57,42 @@ func Cors() gin.HandlerFunc {
 
 func AdminAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		var token = c.GetHeader("token")
-		//将token放入redis
-		var playerId, err = redis.GetRedis().Get(context.Background(), utils.GetRealKey(common.TOKEN_Admin+token)).Result()
-		if rs, errRedis := redis.GetRedis().SIsMember(context.Background(), "disabled_uids", playerId).Result(); errRedis == nil && rs {
-			err = errors.New(errorcode.GetMsg(errorcode.NotFound, ""))
-			redis.GetRedis().SRem(context.Background(), "disabled_uids", playerId)
-		}
-		if err == nil {
-			c.Set("playerId", playerId)
-			c.Next()
-			return
-		} else {
-			controllers.HandCodeRes(c, nil, errorcode.Forbidden)
+		ip, _ := c.RemoteIP()
+		utils.Log(c, "请求地址RemoteIP()", ip.String(), config.GetConf().AdminGate)
+		clientIp := c.ClientIP()
+		utils.Log(c, "请求地址clientIp", clientIp)
+
+		if config.GetConf().Debug == false && !utils.SliceInStr(ip.String(), config.GetConf().AdminGate) {
 			c.Abort()
+			controllers.HandCodeRes(c, nil, errorcode.Forbidden)
+			return
+		}
+
+		var userName = c.GetHeader("User-Name")
+		if userName != "" {
+			c.Set(common.ADMIN_USER_NAME, userName)
+		}
+		var IncludeUsers = c.GetHeader("Include-Users")
+		if IncludeUsers != "" {
+			c.Set(common.ADMIN_USER_INCLUDEUSERS, IncludeUsers)
+		}
+
+		var adminId = c.GetHeader("User-Id")
+		// 测试环境直接放行
+		if config.GetConf().Debug == true {
+			c.Set(common.ADMIN_USER_ID, adminId)
+			c.Next()
+		} else {
+			utils.Log(c, "请求header信息", "adminId="+adminId, "IncludeUsers="+IncludeUsers)
+			// 正式环境校验
+			if adminId != "" {
+				c.Set(common.ADMIN_USER_ID, adminId)
+				c.Next()
+			} else {
+				c.Abort()
+				controllers.HandCodeRes(c, nil, errorcode.NotAuth)
+				return
+			}
 		}
 	}
 }

app/http/routes/admin.go

@@ -23,7 +23,7 @@ func RegisterAdminRoute(router *gin.Engine) {
 		}
 	}
 
-	v1 := router.Group("/admin/pay/api/v1", middlewares.ValidateRequest())
+	v1 := router.Group("/pay/admin/api/v1", middlewares.AdminAuth(), middlewares.ValidateRequest())
 	{
 		// 商户管理
 		merchant := v1.Group("/merchant")

app/utils/util.go

@@ -410,3 +410,13 @@ func ParseToken(tokenString string) (*jwt.Token, *Claims, error) {
 	})
 	return token, Claims, err
 }
+
+// 判断切片是否包含指定字符串
+func SliceInStr(s string, slice []string) bool {
+	for _, v := range slice {
+		if s == v {
+			return true
+		}
+	}
+	return false
+}

config/config.go

@@ -36,6 +36,7 @@ type Config struct {
 	OpenApi                 OpenApi            `toml:"OpenApi"`
 	Jwt                     Jwt                `toml:"Jwt"`
 	AliOss                  AliOss             `toml:"AliOss"`
+	AdminGate               []string           `toml:"AdminGate"`
 }
 
 type AliOss struct {