127 lines
3.3 KiB
Go
127 lines
3.3 KiB
Go
package middlewares
|
|
|
|
import (
|
|
"PaymentCenter/app/constants/common"
|
|
"PaymentCenter/app/constants/errorcode"
|
|
"PaymentCenter/app/http/controllers"
|
|
"PaymentCenter/app/http/requestmapping"
|
|
"PaymentCenter/app/utils"
|
|
"PaymentCenter/config"
|
|
"github.com/gin-gonic/gin"
|
|
"strings"
|
|
)
|
|
|
|
func Auth() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
c.ClientIP()
|
|
var tokens = strings.SplitN(c.GetHeader("Authorization"), " ", 2)
|
|
if len(tokens) != 2 || tokens[0] != "Bearer" {
|
|
controllers.HandCodeRes(c, nil, errorcode.NotLogin)
|
|
c.Abort()
|
|
return
|
|
}
|
|
// 验证token
|
|
token, claims, err := utils.ParseToken(tokens[1])
|
|
if err != nil || !token.Valid {
|
|
controllers.HandCodeRes(c, nil, errorcode.NotAuth)
|
|
c.Abort()
|
|
return
|
|
}
|
|
if err == nil {
|
|
c.Set("userId", claims.Id)
|
|
c.Set("phone", claims.Phone)
|
|
c.Next()
|
|
return
|
|
} else {
|
|
controllers.HandCodeRes(c, nil, errorcode.NotAuth)
|
|
c.Abort()
|
|
}
|
|
}
|
|
}
|
|
|
|
func Cors() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
|
|
c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
|
|
c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, platform,Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control,token, X-Requested-With")
|
|
c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE")
|
|
|
|
if c.Request.Method == "OPTIONS" {
|
|
c.AbortWithStatus(204)
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func AdminAuth() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
ip, _ := c.RemoteIP()
|
|
utils.Log(c, "请求地址RemoteIP()", ip.String(), config.GetConf().AdminGate)
|
|
clientIp := c.ClientIP()
|
|
utils.Log(c, "请求地址clientIp", clientIp)
|
|
|
|
if config.GetConf().Debug == false && !utils.SliceInStr(ip.String(), config.GetConf().AdminGate) {
|
|
c.Abort()
|
|
controllers.HandCodeRes(c, nil, errorcode.Forbidden)
|
|
return
|
|
}
|
|
|
|
var userName = c.GetHeader("User-Name")
|
|
if userName != "" {
|
|
c.Set(common.ADMIN_USER_NAME, userName)
|
|
}
|
|
var IncludeUsers = c.GetHeader("Include-Users")
|
|
if IncludeUsers != "" {
|
|
c.Set(common.ADMIN_USER_INCLUDEUSERS, IncludeUsers)
|
|
}
|
|
|
|
var adminId = c.GetHeader("User-Id")
|
|
// 测试环境直接放行
|
|
if config.GetConf().Debug == true {
|
|
c.Set(common.ADMIN_USER_ID, adminId)
|
|
c.Next()
|
|
} else {
|
|
utils.Log(c, "请求header信息", "adminId="+adminId, "IncludeUsers="+IncludeUsers)
|
|
// 正式环境校验
|
|
if adminId != "" {
|
|
c.Set(common.ADMIN_USER_ID, adminId)
|
|
c.Next()
|
|
} else {
|
|
c.Abort()
|
|
controllers.HandCodeRes(c, nil, errorcode.NotAuth)
|
|
return
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func ValidateRequest() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
var path = c.FullPath()
|
|
var handler func() interface{}
|
|
if strings.Index(path, "admin") >= 0 {
|
|
handler = requestmapping.BackendRequestMap[path]
|
|
} else {
|
|
handler = requestmapping.FrontRequestMap[path]
|
|
}
|
|
if handler == nil {
|
|
utils.Log(c, "path", path)
|
|
controllers.HandCodeRes(c, nil, errorcode.NotFound)
|
|
} else {
|
|
v := handler()
|
|
msg, err := controllers.GenRequest(c, v)
|
|
if err != nil {
|
|
utils.Log(c, "参数错误", "path=", path, "err=", err.Error(), "msg=", msg)
|
|
controllers.Error(c, errorcode.ParamError, msg...)
|
|
c.Abort()
|
|
} else {
|
|
c.Set("request", v)
|
|
c.Next()
|
|
}
|
|
|
|
}
|
|
}
|
|
}
|