2023-06-07 03:35:04 +00:00
|
|
|
package auth
|
|
|
|
|
|
|
|
import (
|
2023-06-28 11:32:41 +00:00
|
|
|
"crypto/sha256"
|
|
|
|
"encoding/base64"
|
2023-07-27 02:18:49 +00:00
|
|
|
"encoding/binary"
|
2023-06-12 07:17:42 +00:00
|
|
|
"errors"
|
|
|
|
"fmt"
|
2023-10-17 09:25:48 +00:00
|
|
|
"log"
|
|
|
|
"reflect"
|
2023-06-12 07:17:42 +00:00
|
|
|
|
|
|
|
"github.com/golang-jwt/jwt"
|
2023-06-07 03:35:04 +00:00
|
|
|
"github.com/zeromicro/go-zero/core/logx"
|
|
|
|
)
|
|
|
|
|
2023-06-14 10:17:45 +00:00
|
|
|
type IDTYPE int
|
|
|
|
|
|
|
|
const (
|
|
|
|
// 白板用户, 以观众身份命名, 没有接收Cookie, 没有拿到guest_id的用户
|
|
|
|
IDTYPE_Onlooker IDTYPE = 0
|
|
|
|
// 登录用户
|
|
|
|
IDTYPE_User IDTYPE = 1
|
|
|
|
// 游客 接收授权拿到guest_id的用户
|
|
|
|
IDTYPE_Guest IDTYPE = 2
|
|
|
|
)
|
|
|
|
|
2023-10-18 03:48:32 +00:00
|
|
|
// DebugData
|
|
|
|
type DebugData struct {
|
|
|
|
DiffTimeLogoCombine int64 `json:"diff_time_logo_combine"` // 合图算法时间
|
|
|
|
DiffTimeUploadFile int64 `json:"diff_time_upload_file"` // 合图上传时间
|
|
|
|
}
|
|
|
|
|
2023-10-17 09:25:48 +00:00
|
|
|
// Debug 相关的结构
|
|
|
|
type Debug struct {
|
|
|
|
Exp *int64 `json:"exp"`
|
|
|
|
IsCache int64 `json:"is_cache"` // 是否缓存
|
|
|
|
IsAllTemplateTag int64 `json:"is_all_template_tag"` // 是开启全部模板
|
|
|
|
}
|
|
|
|
|
|
|
|
// UserInfo 用户的信息
|
2023-06-07 03:35:04 +00:00
|
|
|
type UserInfo struct {
|
2023-10-17 09:25:48 +00:00
|
|
|
UserId int64 `json:"user_id"`
|
|
|
|
GuestId int64 `json:"guest_id"`
|
|
|
|
Exp int64 `json:"exp"` //截止有效时间
|
|
|
|
Debug *Debug `json:"debug,omitempty"`
|
2023-06-14 10:17:45 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// GetIdType 用户确认用户身份类型
|
|
|
|
func (info *UserInfo) GetIdType() IDTYPE {
|
|
|
|
if info.UserId != 0 {
|
|
|
|
return IDTYPE_User
|
|
|
|
}
|
|
|
|
|
|
|
|
if info.GuestId != 0 {
|
|
|
|
return IDTYPE_Guest
|
|
|
|
}
|
|
|
|
|
|
|
|
return IDTYPE_Onlooker
|
2023-06-07 03:35:04 +00:00
|
|
|
}
|
|
|
|
|
2023-06-15 08:08:43 +00:00
|
|
|
// IsUser 用户是不是登录用户
|
|
|
|
func (info *UserInfo) IsUser() bool {
|
|
|
|
return info.UserId != 0
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsGuest 用户是不是游客
|
|
|
|
func (info *UserInfo) IsGuest() bool {
|
|
|
|
// 必须判断登录用户在前, 用户可能会携带以前是游客到注册的身份
|
|
|
|
if info.UserId != 0 {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
if info.GuestId != 0 {
|
|
|
|
return true
|
2023-06-07 03:35:04 +00:00
|
|
|
}
|
2023-06-15 08:08:43 +00:00
|
|
|
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsOnlooker 白板用户: 非登录用户, 非游客, 判断为白板用户
|
|
|
|
func (info *UserInfo) IsOnlooker() bool {
|
2023-07-07 09:49:12 +00:00
|
|
|
return info.UserId == 0 && info.GuestId == 0
|
2023-06-07 03:35:04 +00:00
|
|
|
}
|
2023-06-12 07:17:42 +00:00
|
|
|
|
2023-06-25 10:30:39 +00:00
|
|
|
type BackendUserInfo struct {
|
|
|
|
UserId int64 `json:"user_id"`
|
|
|
|
DepartmentId int64 `json:"department_id"`
|
|
|
|
}
|
|
|
|
|
2023-07-24 09:22:06 +00:00
|
|
|
type OAuthInfo struct {
|
|
|
|
Id int64 `json:"id"`
|
|
|
|
Platform string `json:"platform"`
|
|
|
|
}
|
|
|
|
|
2023-06-12 07:17:42 +00:00
|
|
|
// 获取登录信息
|
|
|
|
func GetUserInfoFormMapClaims(claims jwt.MapClaims) (*UserInfo, error) {
|
2023-06-14 10:17:45 +00:00
|
|
|
userinfo := &UserInfo{}
|
2023-10-12 06:30:06 +00:00
|
|
|
if exp, ok := claims["exp"]; ok {
|
|
|
|
expire, ok := exp.(float64)
|
|
|
|
if !ok {
|
|
|
|
err := errors.New(fmt.Sprint("parse exp form context err:", exp))
|
|
|
|
logx.Error("parse exp form context err:", err)
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
userinfo.Exp = int64(expire)
|
|
|
|
}
|
2023-06-14 10:17:45 +00:00
|
|
|
if userid, ok := claims["user_id"]; ok {
|
2023-06-12 07:17:42 +00:00
|
|
|
uid, ok := userid.(float64)
|
|
|
|
if !ok {
|
|
|
|
err := errors.New(fmt.Sprint("parse uid form context err:", userid))
|
|
|
|
logx.Error("parse uid form context err:", err)
|
|
|
|
return nil, err
|
|
|
|
}
|
2023-06-14 10:17:45 +00:00
|
|
|
userinfo.UserId = int64(uid)
|
|
|
|
} else {
|
|
|
|
err := errors.New(`userid not in claims`)
|
|
|
|
logx.Error(`userid not in claims`)
|
|
|
|
return nil, err
|
|
|
|
}
|
2023-06-12 07:17:42 +00:00
|
|
|
|
2023-06-14 10:17:45 +00:00
|
|
|
if guestid, ok := claims["guest_id"]; ok {
|
|
|
|
gid, ok := guestid.(float64)
|
|
|
|
if !ok {
|
|
|
|
err := errors.New(fmt.Sprint("parse guestid form context err:", guestid))
|
|
|
|
logx.Error("parse guestid form context err:", err)
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
userinfo.GuestId = int64(gid)
|
2023-06-12 07:17:42 +00:00
|
|
|
} else {
|
|
|
|
err := errors.New(`userid not in claims`)
|
|
|
|
logx.Error(`userid not in claims`)
|
|
|
|
return nil, err
|
|
|
|
}
|
2023-06-14 10:17:45 +00:00
|
|
|
|
|
|
|
return userinfo, nil
|
2023-06-12 07:17:42 +00:00
|
|
|
}
|
|
|
|
|
2023-06-25 10:30:39 +00:00
|
|
|
// GetBackendUserInfoFormMapClaims 获取后台登录信息
|
|
|
|
func GetBackendUserInfoFormMapClaims(claims jwt.MapClaims) (*BackendUserInfo, error) {
|
|
|
|
userinfo := &BackendUserInfo{}
|
|
|
|
if userid, ok := claims["user_id"]; ok {
|
|
|
|
uid, ok := userid.(float64)
|
|
|
|
if !ok {
|
|
|
|
err := errors.New(fmt.Sprint("parse uid form context err:", userid))
|
|
|
|
logx.Error("parse uid form context err:", err)
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
userinfo.UserId = int64(uid)
|
|
|
|
} else {
|
|
|
|
err := errors.New(`userid not in claims`)
|
|
|
|
logx.Error(`userid not in claims`)
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return userinfo, nil
|
|
|
|
}
|
|
|
|
|
2023-07-27 02:18:49 +00:00
|
|
|
// GenerateJwtTokenUint64 网站jwt token生成
|
|
|
|
func GenerateJwtTokenUint64(AccessSecret uint64, accessExpire, nowSec int64, userid int64, guestid int64) (string, error) {
|
|
|
|
claims := make(jwt.MapClaims)
|
|
|
|
claims["exp"] = nowSec + accessExpire
|
|
|
|
claims["iat"] = nowSec
|
|
|
|
|
2023-08-28 10:38:34 +00:00
|
|
|
// if userid == 0 && guestid == 0 {
|
|
|
|
// err := errors.New("userid and guestid cannot be 0 at the same time")
|
|
|
|
// logx.Error(err)
|
|
|
|
// return "", err
|
|
|
|
// }
|
2023-07-27 02:18:49 +00:00
|
|
|
claims["user_id"] = userid
|
|
|
|
claims["guest_id"] = guestid
|
|
|
|
|
|
|
|
token := jwt.New(jwt.SigningMethodHS256)
|
|
|
|
token.Claims = claims
|
|
|
|
|
|
|
|
key := make([]byte, 8)
|
|
|
|
binary.BigEndian.PutUint64(key, AccessSecret)
|
|
|
|
|
|
|
|
return token.SignedString(key)
|
|
|
|
}
|
|
|
|
|
2023-10-17 09:25:48 +00:00
|
|
|
// GenerateBaseJwtTokenUint64 网站jwt token生成
|
|
|
|
func GenerateBaseJwtTokenUint64(AccessSecret uint64, accessExpire int64, nowSec int64, myclaims any) (string, error) {
|
|
|
|
|
|
|
|
claims := make(jwt.MapClaims)
|
|
|
|
claims["exp"] = nowSec + accessExpire
|
|
|
|
claims["iat"] = nowSec
|
|
|
|
|
|
|
|
// if userid == 0 && guestid == 0 {
|
|
|
|
// err := errors.New("userid and guestid cannot be 0 at the same time")
|
|
|
|
// logx.Error(err)
|
|
|
|
// return "", err
|
|
|
|
// }
|
|
|
|
|
|
|
|
// 使用反射获取 MyClaims 结构体的类型和值
|
|
|
|
myclaimsType := reflect.TypeOf(myclaims)
|
|
|
|
if myclaimsType.Kind() != reflect.Ptr {
|
|
|
|
log.Println(myclaimsType.Kind())
|
|
|
|
panic("myclaimsType must be ptr")
|
|
|
|
}
|
|
|
|
myclaimsType = myclaimsType.Elem()
|
|
|
|
myclaimsValue := reflect.ValueOf(myclaims).Elem()
|
|
|
|
|
|
|
|
// 遍历 MyClaims 结构体的字段
|
|
|
|
for i := 0; i < myclaimsType.NumField(); i++ {
|
|
|
|
field := myclaimsType.Field(i)
|
|
|
|
tag := field.Tag.Get("json")
|
2023-10-18 07:44:01 +00:00
|
|
|
if tag == "exp" || tag == "iat" {
|
|
|
|
continue
|
|
|
|
}
|
2023-10-17 09:25:48 +00:00
|
|
|
value := myclaimsValue.Field(i).Interface()
|
|
|
|
// 将字段值赋给 claims 对象的相应键
|
|
|
|
claims[tag] = value
|
|
|
|
}
|
|
|
|
|
|
|
|
token := jwt.New(jwt.SigningMethodHS256)
|
|
|
|
token.Claims = claims
|
|
|
|
|
|
|
|
key := make([]byte, 8)
|
|
|
|
binary.BigEndian.PutUint64(key, AccessSecret)
|
|
|
|
|
|
|
|
return token.SignedString(key)
|
|
|
|
}
|
|
|
|
|
2023-06-25 10:30:39 +00:00
|
|
|
// GenerateJwtToken 网站jwt token生成
|
2023-06-14 10:17:45 +00:00
|
|
|
func GenerateJwtToken(accessSecret *string, accessExpire, nowSec int64, userid int64, guestid int64) (string, error) {
|
2023-06-12 07:17:42 +00:00
|
|
|
claims := make(jwt.MapClaims)
|
|
|
|
claims["exp"] = nowSec + accessExpire
|
|
|
|
claims["iat"] = nowSec
|
2023-06-14 10:17:45 +00:00
|
|
|
|
|
|
|
if userid == 0 && guestid == 0 {
|
|
|
|
err := errors.New("userid and guestid cannot be 0 at the same time")
|
|
|
|
logx.Error(err)
|
|
|
|
return "", err
|
|
|
|
|
2023-06-12 11:52:11 +00:00
|
|
|
}
|
2023-06-14 10:17:45 +00:00
|
|
|
claims["user_id"] = userid
|
|
|
|
claims["guest_id"] = guestid
|
|
|
|
|
2023-06-12 07:17:42 +00:00
|
|
|
token := jwt.New(jwt.SigningMethodHS256)
|
|
|
|
token.Claims = claims
|
2023-06-14 10:17:45 +00:00
|
|
|
return token.SignedString([]byte(*accessSecret))
|
2023-06-12 07:17:42 +00:00
|
|
|
}
|
2023-06-12 12:04:30 +00:00
|
|
|
|
2023-06-25 10:30:39 +00:00
|
|
|
// GenerateBackendJwtToken 后台jwt token生成
|
|
|
|
func GenerateBackendJwtToken(accessSecret *string, accessExpire, nowSec int64, userId int64, departmentId int64) (string, error) {
|
|
|
|
claims := make(jwt.MapClaims)
|
|
|
|
claims["exp"] = nowSec + accessExpire
|
|
|
|
claims["iat"] = nowSec
|
2023-06-12 12:04:30 +00:00
|
|
|
|
2023-06-25 10:30:39 +00:00
|
|
|
if userId == 0 {
|
|
|
|
err := errors.New("userId cannot be 0 at the same time")
|
|
|
|
logx.Error(err)
|
|
|
|
return "", err
|
2023-06-12 12:04:30 +00:00
|
|
|
}
|
2023-06-25 10:30:39 +00:00
|
|
|
claims["user_id"] = userId
|
|
|
|
claims["department_id"] = departmentId
|
2023-06-12 12:04:30 +00:00
|
|
|
|
2023-06-25 10:30:39 +00:00
|
|
|
token := jwt.New(jwt.SigningMethodHS256)
|
|
|
|
token.Claims = claims
|
|
|
|
return token.SignedString([]byte(*accessSecret))
|
2023-06-14 10:17:45 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func getJwtClaims(AuthKey string, AccessSecret *string) (jwt.MapClaims, error) {
|
|
|
|
|
2023-06-12 12:04:30 +00:00
|
|
|
token, err := jwt.Parse(AuthKey, func(token *jwt.Token) (interface{}, error) {
|
|
|
|
// 检查签名方法是否为 HS256
|
|
|
|
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
|
|
|
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
|
|
|
|
}
|
|
|
|
// 返回用于验证签名的密钥
|
|
|
|
return []byte(*AccessSecret), nil
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.New(fmt.Sprint("Error parsing token:", err))
|
|
|
|
}
|
|
|
|
|
|
|
|
// 验证成功返回
|
|
|
|
if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
|
|
|
|
return claims, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil, errors.New(fmt.Sprint("Invalid token", err))
|
|
|
|
}
|
2023-06-19 10:27:31 +00:00
|
|
|
|
2023-06-28 11:32:41 +00:00
|
|
|
func PasswordHash(pwd string) string {
|
2023-07-27 02:18:49 +00:00
|
|
|
h := sha256.New()
|
|
|
|
h.Write([]byte(pwd))
|
2023-08-25 07:37:35 +00:00
|
|
|
return base64.RawURLEncoding.EncodeToString(h.Sum(nil))
|
2023-06-28 11:32:41 +00:00
|
|
|
}
|
|
|
|
|
2023-06-19 10:27:31 +00:00
|
|
|
func CheckValueRange[T comparable](v T, rangevalues ...T) bool {
|
|
|
|
for _, rv := range rangevalues {
|
|
|
|
if v == rv {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
2023-07-24 09:22:06 +00:00
|
|
|
|
|
|
|
// GenerateRegisterToken 网站注册 token生成
|
|
|
|
func GenerateRegisterToken(accessSecret *string, accessExpire, nowSec int64, id int64, platform string) (string, error) {
|
|
|
|
claims := make(jwt.MapClaims)
|
|
|
|
claims["exp"] = nowSec + accessExpire
|
|
|
|
claims["iat"] = nowSec
|
|
|
|
|
|
|
|
if id == 0 {
|
|
|
|
err := errors.New("userid and guestid cannot be 0 at the same time")
|
|
|
|
logx.Error(err)
|
|
|
|
return "", err
|
|
|
|
|
|
|
|
}
|
|
|
|
claims["id"] = id
|
|
|
|
claims["platform"] = platform
|
|
|
|
|
|
|
|
token := jwt.New(jwt.SigningMethodHS256)
|
|
|
|
token.Claims = claims
|
|
|
|
return token.SignedString([]byte(*accessSecret))
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetRegisterFormMapClaims 获取注册唯一token标识登录信息
|
|
|
|
func GetRegisterFormMapClaims(claims jwt.MapClaims) (*OAuthInfo, error) {
|
|
|
|
oauthinfo := &OAuthInfo{}
|
|
|
|
if userid, ok := claims["id"]; ok {
|
|
|
|
uid, ok := userid.(float64)
|
|
|
|
if !ok {
|
|
|
|
err := errors.New(fmt.Sprint("parse uid form context err:", userid))
|
|
|
|
logx.Error("parse uid form context err:", err)
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
oauthinfo.Id = int64(uid)
|
|
|
|
} else {
|
|
|
|
err := errors.New(`id not in claims`)
|
|
|
|
logx.Error(`id not in claims`)
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
if splatform, ok := claims["id"]; ok {
|
|
|
|
platform, ok := splatform.(string)
|
|
|
|
if !ok {
|
|
|
|
err := errors.New(fmt.Sprint("parse uid form context err:", platform))
|
|
|
|
logx.Error("parse uid form context err:", err)
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
oauthinfo.Platform = platform
|
|
|
|
} else {
|
|
|
|
err := errors.New(`id not in claims`)
|
|
|
|
logx.Error(`id not in claims`)
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return oauthinfo, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func getRegisterJwtClaims(Token string, AccessSecret *string) (jwt.MapClaims, error) {
|
|
|
|
|
|
|
|
token, err := jwt.Parse(Token, func(token *jwt.Token) (interface{}, error) {
|
|
|
|
// 检查签名方法是否为 HS256
|
|
|
|
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
|
|
|
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
|
|
|
|
}
|
|
|
|
// 返回用于验证签名的密钥
|
|
|
|
return []byte(*AccessSecret), nil
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.New(fmt.Sprint("Error parsing token:", err))
|
|
|
|
}
|
|
|
|
|
|
|
|
// 验证成功返回
|
|
|
|
if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
|
|
|
|
return claims, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil, errors.New(fmt.Sprint("Invalid token", err))
|
|
|
|
}
|