demo-3/gin/auth-filter.go

package gin

import (
	"encoding/json"
	"errors"
	"fmt"

	"github.com/gin-gonic/gin"
	"myschools.me/campus/campus-core/campus"
	"myschools.me/campus/demo-3/consul"
	"myschools.me/campus/demo-3/tools"
	"myschools.me/suguo/snippet/redis"
)

// 从redis中认证用户
func AuthUser() gin.HandlerFunc {
	return func(c *gin.Context) {
		token := c.GetHeader("Authorization")
		claims := cacheGet(&token)
		if claims == nil {
			c.Abort()
			return
		}
		c.Set("user", claims)
		c.Next()
	}
}

// 从redis中获取用户信息，最佳实践经验建议把此代码放service层
func cacheGet(token *string) interface{} {
	var user interface{}
	b, err := redis.GetBytes(token)
	if err != nil {
		return nil
	}
	if err := json.Unmarshal(*b, &user); err != nil {
		return nil
	}
	return &user
}

// gin拦截，基于微服务的拦截
// func AuthUserBS() gin.HandlerFunc {
// 	return func(c *gin.Context) {
// 		token := c.GetHeader("Authorization")
// 		claims := userAuthWithGrpc(&token)
// 		if claims == nil {
// 			yy.RespUnauth(c, "token无效或过期，请重新登录", nil, nil)
// 			c.Abort()
// 		}
// 		c.Set("user", claims)
// 		c.Next()
// 	}
// }

// func userAuthWithGrpc(token *string) *yy.UserClaims {
// 	srv, err := consul.FindService("oauth", "v1")
// 	if err != nil {
// 		logrus.WithFields(logrus.Fields{
// 			"func": "userAuthWithGrpc",
// 		}).Errorf("consul.FindServer: %s", err.Error())
// 		return nil
// 	}
// 	defer srv.Close()
// 	client := pb.NewCertificationClient(srv)
// 	resp, err := client.Auth(context.Background(), &pb.CertificationAuthRequest{
// 		Token: *token,
// 	})
// 	if err != nil {
// 		logrus.WithFields(logrus.Fields{
// 			"func": "userAuthWithGrpc",
// 		}).Errorf("client.Auth: %s", err.Error())
// 		return nil
// 	}
// 	if resp.Result == "ok" {
// 		r := &yy.UserClaims{}
// 		if err := json.Unmarshal(resp.Data.Value, r); err != nil {
// 			logrus.WithFields(logrus.Fields{
// 				"func": "userAuthWithGrpc",
// 			}).Errorf("json.Unmarshal: %s", err.Error())
// 			return nil
// 		}
// 		return r
// 	}
// 	logrus.WithFields(logrus.Fields{
// 		"func": "userAuthWithGrpc",
// 	}).Warnln("nil")
// 	return nil
// }

func getPort(key string) (string, error) {
	client, err := consul.New()
	if err != nil {
		fmt.Println(err.Error())
	}
	service, _, err := client.Health().Service(key, "", true, nil)
	if err != nil {
		return "", err
	}
	fmt.Println("Service", service[0].Service.Address, "port", service[0].Service.Port)
	if len(service) > 0 {
		return service[0].Service.Address + ":" + fmt.Sprintf("%v", service[0].Service.Port), nil
	} else {
		return "", nil
	}

}

func AuthUserByDemo1() gin.HandlerFunc {
	return func(c *gin.Context) {

		reqid := campus.NewRequestID(nil)

		token := c.GetHeader("Authorization")
		url, err := getPort("demo1")
		url = "http://" + url + "/token/verify"
		fmt.Println("URL:", url)
		if err != nil {
			panic(err)
		}
		headerMap := make(map[string]string, 0)
		headerMap["Authorization"] = token
		headerMap["Content-Type"] = "application/json"
		fmt.Println("Authorization:" + token)
		err2, bytes := tools.GetPost(url, "get", headerMap, nil)
		if err2 != nil {
			panic(err2)
		}

		base := struct {
			Code      int    `json:"code"`
			Msg       string `json:"msg"`
			Requestid string `json:"requestid"`
			Data      struct{}
		}{}

		_ = json.Unmarshal(bytes, &base)
		if base.Code != 0 {
			campus.RespBadRequest(c, "请求头错误", errors.New("请求头错误"), &reqid)

			return
		} else {
			c.Next()
		}

	}
}