diff --git a/goctl_template/api/main.tpl b/goctl_template/api/main.tpl index 1b15576a..709ddbd1 100644 --- a/goctl_template/api/main.tpl +++ b/goctl_template/api/main.tpl @@ -28,19 +28,19 @@ func main() { // var testConfigFile = flag.String("f", "../etc/{{.serviceName}}.yaml", "the config file") +// var cnf config.Config // func GetTestServer() *rest.Server { // flag.Parse() -// var c config.Config -// conf.MustLoad(*testConfigFile, &c) +// conf.MustLoad(*testConfigFile, &cnf) -// server := rest.MustNewServer(c.RestConf) +// server := rest.MustNewServer(cnf.RestConf) // defer server.Stop() -// ctx := svc.NewServiceContext(c) +// ctx := svc.NewServiceContext(cnf) // handler.RegisterHandlers(server, ctx) -// fmt.Printf("Starting server at %s:%d...\n", c.Host, c.Port) +// fmt.Printf("Starting server at %s:%d...\n", cnf.Host, cnf.Port) // return server // } \ No newline at end of file diff --git a/server/home-user-auth/home-user-auth.go b/server/home-user-auth/home-user-auth.go index 6f11b21f..be8c4ead 100644 --- a/server/home-user-auth/home-user-auth.go +++ b/server/home-user-auth/home-user-auth.go @@ -33,19 +33,19 @@ func main() { // 测试代码 可以直接复制新建 // var testConfigFile = flag.String("f", "../etc/home-user-auth.yaml", "the config file") +// var cnf config.Config // func GetTestServer() *rest.Server { // flag.Parse() -// var c config.Config -// conf.MustLoad(*testConfigFile, &c) +// conf.MustLoad(*testConfigFile, &cnf) -// server := rest.MustNewServer(c.RestConf) +// server := rest.MustNewServer(cnf.RestConf) // defer server.Stop() -// ctx := svc.NewServiceContext(c) +// ctx := svc.NewServiceContext(cnf) // handler.RegisterHandlers(server, ctx) -// fmt.Printf("Starting server at %s:%d...\n", c.Host, c.Port) +// fmt.Printf("Starting server at %s:%d...\n", cnf.Host, cnf.Port) // return server // } diff --git a/server/home-user-auth/internal/handler/routes.go b/server/home-user-auth/internal/handler/routes.go index 5738d5a4..3bc0f466 100644 --- a/server/home-user-auth/internal/handler/routes.go +++ b/server/home-user-auth/internal/handler/routes.go @@ -42,11 +42,17 @@ func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) { Path: "/user/basic-info", Handler: UserBasicInfoHandler(serverCtx), }, + }, + ) + + server.AddRoutes( + []rest.Route{ { Method: http.MethodGet, Path: "/user/address-list", Handler: UserAddressListHandler(serverCtx), }, }, + rest.WithJwt(serverCtx.Config.Auth.AccessSecret), ) } diff --git a/server/home-user-auth/internal/handler/useraddresslisthandler.go b/server/home-user-auth/internal/handler/useraddresslisthandler.go index 5682aed8..5ecc5a96 100644 --- a/server/home-user-auth/internal/handler/useraddresslisthandler.go +++ b/server/home-user-auth/internal/handler/useraddresslisthandler.go @@ -15,30 +15,23 @@ import ( "fusenapi/server/home-user-auth/internal/types" ) +var wantJwt = true + func UserAddressListHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { - // 解析jwtToken - claims, err := svcCtx.ParseJwtToken(r) - // 如果解析出错,则返回未授权的JSON响应并记录错误消息 - if err != nil { - httpx.OkJsonCtx(r.Context(), w, &basic.Response{ - Code: 401, - Message: "unauthorized", - }) - logx.Info("unauthorized:", err.Error()) - return - } + var userinfo *auth.UserInfo + var err error - // 从Token里获取对应的信息 - userinfo, err := auth.GetUserInfoFormMapClaims(claims) - // 如果获取用户信息出错,则返回未授权的JSON响应并记录错误消息 - if err != nil { - httpx.OkJsonCtx(r.Context(), w, &basic.Response{ - Code: 401, - Message: "unauthorized", - }) - logx.Info("unauthorized:", err.Error()) - return + if wantJwt { + userinfo, err = auth.ParseJwtToken(w, r, &svcCtx.Config.Auth.AccessSecret) + if err != nil { + httpx.OkJsonCtx(r.Context(), w, &basic.Response{ + Code: 401, + Message: "unauthorized", + }) + logx.Info("unauthorized:", err.Error()) + return + } } var req types.Request diff --git a/server/home-user-auth/internal/logic/useraddresslistlogic_test.go b/server/home-user-auth/internal/logic/useraddresslistlogic_test.go deleted file mode 100644 index 4c79dbbe..00000000 --- a/server/home-user-auth/internal/logic/useraddresslistlogic_test.go +++ /dev/null @@ -1,34 +0,0 @@ -package logic - -import ( - "log" - "testing" - - "github.com/474420502/requests" -) - -func TestCaseAddressList(t *testing.T) { - - // http.NewRequest("POST", "http://localhost:8888/user/login", body io.Reader) - - ses := requests.NewSession() - tp := ses.Post("http://localhost:8888/user/login") - resp, err := tp.SetBodyJson(map[string]interface{}{ - "name": "devenv@sina.cn", - "pwd": "$2y$13$6UFDMZQMEfqFYiNLpiUCi.B3fpvGEamPAjIgzUqv/u7jT05nB3pOC", - }).Execute() - if err != nil { - panic(err) - } - result := resp.Json() - token := result.Get("data.token") - ses.Header.Add("Authorization", token.String()) - log.Println(string(resp.Content())) - - resp, err = ses.Get("http://localhost:8888/user/address-list").Execute() - if err != nil { - panic(err) - } - log.Println(string(resp.Content())) - -} diff --git a/server/home-user-auth/test/basic.go b/server/home-user-auth/test/basic.go new file mode 100644 index 00000000..8bb63b10 --- /dev/null +++ b/server/home-user-auth/test/basic.go @@ -0,0 +1,58 @@ +package logic_test + +import ( + "flag" + "fmt" + "fusenapi/server/home-user-auth/internal/config" + "fusenapi/server/home-user-auth/internal/handler" + "fusenapi/server/home-user-auth/internal/svc" + "testing" + + "github.com/474420502/requests" + "github.com/zeromicro/go-zero/core/conf" + "github.com/zeromicro/go-zero/rest" +) + +var testConfigFile = flag.String("f", "../etc/home-user-auth.yaml", "the config file") +var cnf config.Config +var gserver *rest.Server + +func init() { + gserver = GetTestServer() +} + +func GetTestServer() *rest.Server { + flag.Parse() + + conf.MustLoad(*testConfigFile, &cnf) + + server := rest.MustNewServer(cnf.RestConf) + defer server.Stop() + + ctx := svc.NewServiceContext(cnf) + handler.RegisterHandlers(server, ctx) + + fmt.Printf("Starting server at %s:%d...\n", cnf.Host, cnf.Port) + return server +} + +func GetSesssionWithJwtToken(t *testing.T, server requests.ITestServer) *requests.Session { + ses := requests.NewSession() + tp := ses.Post(fmt.Sprintf("http://%s:%d/user/login", cnf.Host, cnf.Port)) + tp.SetBodyJson(map[string]interface{}{ + "name": "devenv@sina.cn", + "pwd": "$2y$13$6UFDMZQMEfqFYiNLpiUCi.B3fpvGEamPAjIgzUqv/u7jT05nB3pOC", + }) + resp, err := tp.TestInServer(server) + if err != nil { + t.Error(err) + } + result := resp.Json() + token := result.Get("data.token") + if !token.Exists() { + t.Error("data.token is not exists") + } + ses.Header.Add("Authorization", token.String()) + + return ses +} diff --git a/server/home-user-auth/test/useraddresslistlogic_test.go b/server/home-user-auth/test/useraddresslistlogic_test.go index 91303983..607cf86c 100644 --- a/server/home-user-auth/test/useraddresslistlogic_test.go +++ b/server/home-user-auth/test/useraddresslistlogic_test.go @@ -1,57 +1,21 @@ -package server_test +package logic_test import ( - "flag" "fmt" - "fusenapi/server/home-user-auth/internal/config" - "fusenapi/server/home-user-auth/internal/handler" - "fusenapi/server/home-user-auth/internal/svc" "testing" "github.com/474420502/requests" - "github.com/zeromicro/go-zero/core/conf" - "github.com/zeromicro/go-zero/rest" + "github.com/tidwall/gjson" ) -var testConfigFile = flag.String("f", "../etc/home-user-auth.yaml", "the config file") -var cnf config.Config - -func GetTestServer() *rest.Server { - flag.Parse() - - conf.MustLoad(*testConfigFile, &cnf) - - server := rest.MustNewServer(cnf.RestConf) - defer server.Stop() - - ctx := svc.NewServiceContext(cnf) - handler.RegisterHandlers(server, ctx) - - fmt.Printf("Starting server at %s:%d...\n", cnf.Host, cnf.Port) - return server -} - func TestCaseAddressList(t *testing.T) { - server := GetTestServer() + var err error + var resp *requests.Response + var result gjson.Result - ses := requests.NewSession() - tp := ses.Post(fmt.Sprintf("http://%s:%d/user/login", cnf.Host, cnf.Port)) - tp.SetBodyJson(map[string]interface{}{ - "name": "devenv@sina.cn", - "pwd": "$2y$13$6UFDMZQMEfqFYiNLpiUCi.B3fpvGEamPAjIgzUqv/u7jT05nB3pOC", - }) - resp, err := tp.TestInServer(server) - if err != nil { - t.Error(err) - } - result := resp.Json() - token := result.Get("data.token") - if !token.Exists() { - t.Error("data.token is not exists") - } - ses.Header.Add("Authorization", token.String()) + ses := GetSesssionWithJwtToken(t, gserver) - resp, err = ses.Get(fmt.Sprintf("http://%s:%d/user/address-list", cnf.Host, cnf.Port)).TestInServer(server) + resp, err = ses.Get(fmt.Sprintf("http://%s:%d/user/address-list", cnf.Host, cnf.Port)).TestInServer(gserver) if err != nil { t.Error(err) } diff --git a/server/home-user-auth/test/userbasicinfologic_test.go b/server/home-user-auth/test/userbasicinfologic_test.go new file mode 100644 index 00000000..b7c27715 --- /dev/null +++ b/server/home-user-auth/test/userbasicinfologic_test.go @@ -0,0 +1 @@ +package logic_test diff --git a/server_api/home-user-auth.api b/server_api/home-user-auth.api index 4c978191..b038ef9b 100644 --- a/server_api/home-user-auth.api +++ b/server_api/home-user-auth.api @@ -33,9 +33,17 @@ service home-user-auth { @handler UserBasicInfoHandler get /user/basic-info(request) returns (response); + // @handler UserAddressListHandler + // get /user/address-list(request) returns (response); + +} + +@server( + jwt: Auth +) +service home-user-auth { @handler UserAddressListHandler get /user/address-list(request) returns (response); - } type RequestBasicInfoForm { diff --git a/utils/auth/user.go b/utils/auth/user.go index 3b89d3a1..63c08bef 100644 --- a/utils/auth/user.go +++ b/utils/auth/user.go @@ -5,8 +5,10 @@ import ( "encoding/json" "errors" "fmt" + "net/http" "github.com/golang-jwt/jwt" + "github.com/google/uuid" "github.com/zeromicro/go-zero/core/logx" ) @@ -47,7 +49,68 @@ func GenerateJwtToken(accessSecret string, accessExpire, nowSec int64, userid in claims["exp"] = nowSec + accessExpire claims["iat"] = nowSec claims["userid"] = userid + if userid == 0 { + u, err := uuid.NewUUID() + if err != nil { + logx.Error(err) + return "", err + } + claims["guestid"] = u.String() // TODO: 未完成 + } token := jwt.New(jwt.SigningMethodHS256) token.Claims = claims return token.SignedString([]byte(accessSecret)) } + +func ParseJwtToken(w http.ResponseWriter, r *http.Request, AccessSecret *string) (*UserInfo, error) { + // 解析jwtToken + claims, err := getJwtClaims(r, AccessSecret) + // 如果解析出错,则返回未授权的JSON响应并记录错误消息 + if err != nil { + // httpx.OkJsonCtx(r.Context(), w, &basic.Response{ + // Code: 401, + // Message: "unauthorized", + // }) + // logx.Info("unauthorized:", err.Error()) + return nil, err + } + + // 从Token里获取对应的信息 + userinfo, err := GetUserInfoFormMapClaims(claims) + // 如果获取用户信息出错,则返回未授权的JSON响应并记录错误消息 + if err != nil { + // httpx.OkJsonCtx(r.Context(), w, &basic.Response{ + // Code: 401, + // Message: "unauthorized", + // }) + // logx.Info("unauthorized:", err.Error()) + return nil, err + } + return userinfo, err +} + +func getJwtClaims(r *http.Request, AccessSecret *string) (jwt.MapClaims, error) { + AuthKey := r.Header.Get("Authorization") + if len(AuthKey) <= 50 { + return nil, errors.New(fmt.Sprint("Error parsing token, len:", len(AuthKey))) + } + + token, err := jwt.Parse(AuthKey, func(token *jwt.Token) (interface{}, error) { + // 检查签名方法是否为 HS256 + if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { + return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) + } + // 返回用于验证签名的密钥 + return []byte(*AccessSecret), nil + }) + if err != nil { + return nil, errors.New(fmt.Sprint("Error parsing token:", err)) + } + + // 验证成功返回 + if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid { + return claims, nil + } + + return nil, errors.New(fmt.Sprint("Invalid token", err)) +}