package middlewares import ( "PaymentCenter/app/constants/common" "PaymentCenter/app/constants/errorcode" "PaymentCenter/app/http/controllers" "PaymentCenter/app/http/entities" "PaymentCenter/app/http/entities/front" "PaymentCenter/app/http/requestmapping" "PaymentCenter/app/services" "PaymentCenter/app/utils" "context" "errors" "github.com/gin-gonic/gin" "github.com/qit-team/snow-core/redis" "strings" ) func Auth() gin.HandlerFunc { return func(c *gin.Context) { c.ClientIP() var tokens = strings.SplitN(c.GetHeader("Authorization"), " ", 2) if len(tokens) != 2 || tokens[0] != "Bearer" { controllers.HandCodeRes(c, nil, errorcode.NotLogin) c.Abort() return } // 验证token token, claims, err := utils.ParseToken(tokens[1]) if err != nil || !token.Valid { controllers.HandCodeRes(c, nil, errorcode.NotAuth) c.Abort() return } if err == nil { c.Set("userId", claims.Id) c.Set("phone", claims.Phone) c.Next() return } else { controllers.HandCodeRes(c, nil, errorcode.NotAuth) c.Abort() } } } func Cors() gin.HandlerFunc { return func(c *gin.Context) { c.Writer.Header().Set("Access-Control-Allow-Origin", "*") c.Writer.Header().Set("Access-Control-Allow-Credentials", "true") c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, platform,Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control,token, X-Requested-With") c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE") if c.Request.Method == "OPTIONS" { c.AbortWithStatus(204) return } c.Next() } } func AdminAuth() gin.HandlerFunc { return func(c *gin.Context) { var token = c.GetHeader("token") //将token放入redis var playerId, err = redis.GetRedis().Get(context.Background(), utils.GetRealKey(common.TOKEN_Admin+token)).Result() if rs, errRedis := redis.GetRedis().SIsMember(context.Background(), "disabled_uids", playerId).Result(); errRedis == nil && rs { err = errors.New(errorcode.GetMsg(errorcode.NotFound, "")) redis.GetRedis().SRem(context.Background(), "disabled_uids", playerId) } if err == nil { c.Set("playerId", playerId) c.Next() return } else { controllers.HandCodeRes(c, nil, errorcode.Forbidden) c.Abort() } } } func ValidateRequest() gin.HandlerFunc { return func(c *gin.Context) { var path = c.FullPath() var handler func() interface{} if strings.Index(path, "admin") >= 0 { handler = requestmapping.BackendRequestMap[path] } else { handler = requestmapping.FrontRequestMap[path] } if handler == nil { utils.Log(c, "path", path) controllers.HandCodeRes(c, nil, errorcode.NotFound) return } v := handler() msg, err := controllers.GenRequest(c, v) if err != nil { utils.Log(c, "参数错误", "path=", path, "err=", err.Error(), "msg=", msg) controllers.Error(c, errorcode.ParamError, msg...) c.Abort() } c.Set("request", v) c.Next() } } func ValidatePayRequest() gin.HandlerFunc { return func(c *gin.Context) { com, err := utils.SonicApiDataToStruct(controllers.GetRequest(c), &front.PayCommonBody{}) if err != nil { controllers.ErrWithCode(c, errorcode.ParamError) } comStruct := com.(*front.PayCommonBody) //判断时间 //now := time.Now().UnixNano() / 1000000 //if comStruct.Timestamp > now || (config.GetConf().TimeOut != 0 && (now-comStruct.Timestamp) > config.GetConf().TimeOut) { // controllers.ErrWithCode(c, errorcode.RequestTimeOut) // return //} //获取app信息 app, errCode := services.AppFindOne(entities.IdRequest{Id: comStruct.AppId}) if errCode != errorcode.Success { controllers.ErrWithCode(c, errCode) return } //检查app可用性 appCheck := services.NewAppCheck(app).Check() if appCheck.GetCode() != errorcode.Success { controllers.ErrWithCode(c, appCheck.GetCode()) return } //检查白名单 if !appCheck.IpCheck(c.ClientIP()) { controllers.ErrWithCode(c, appCheck.GetCode()) return } c.Next() } }