From bdaa3bf48bc9ef0d2c43b7a65d2a57309a2aa71c Mon Sep 17 00:00:00 2001 From: eson <9673575+githubcontent@user.noreply.gitee.com> Date: Mon, 12 Jun 2023 19:52:11 +0800 Subject: [PATCH 1/2] =?UTF-8?q?1.=20TODO:=20guest=5Fid=202.=20jwt=E7=9A=84?= =?UTF-8?q?=E5=B0=81=E8=A3=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- goctl_template/api/main.tpl | 10 ++-- server/home-user-auth/home-user-auth.go | 10 ++-- .../home-user-auth/internal/handler/routes.go | 6 ++ .../logic/useraddresslistlogic_test.go | 34 ----------- server/home-user-auth/test/basic.go | 58 +++++++++++++++++++ .../test/useraddresslistlogic_test.go | 50 +++------------- .../test/userbasicinfologic_test.go | 1 + server_api/home-user-auth.api | 10 +++- utils/auth/user.go | 9 +++ 9 files changed, 100 insertions(+), 88 deletions(-) delete mode 100644 server/home-user-auth/internal/logic/useraddresslistlogic_test.go create mode 100644 server/home-user-auth/test/basic.go create mode 100644 server/home-user-auth/test/userbasicinfologic_test.go diff --git a/goctl_template/api/main.tpl b/goctl_template/api/main.tpl index 1b15576a..709ddbd1 100644 --- a/goctl_template/api/main.tpl +++ b/goctl_template/api/main.tpl @@ -28,19 +28,19 @@ func main() { // var testConfigFile = flag.String("f", "../etc/{{.serviceName}}.yaml", "the config file") +// var cnf config.Config // func GetTestServer() *rest.Server { // flag.Parse() -// var c config.Config -// conf.MustLoad(*testConfigFile, &c) +// conf.MustLoad(*testConfigFile, &cnf) -// server := rest.MustNewServer(c.RestConf) +// server := rest.MustNewServer(cnf.RestConf) // defer server.Stop() -// ctx := svc.NewServiceContext(c) +// ctx := svc.NewServiceContext(cnf) // handler.RegisterHandlers(server, ctx) -// fmt.Printf("Starting server at %s:%d...\n", c.Host, c.Port) +// fmt.Printf("Starting server at %s:%d...\n", cnf.Host, cnf.Port) // return server // } \ No newline at end of file diff --git a/server/home-user-auth/home-user-auth.go b/server/home-user-auth/home-user-auth.go index 6f11b21f..be8c4ead 100644 --- a/server/home-user-auth/home-user-auth.go +++ b/server/home-user-auth/home-user-auth.go @@ -33,19 +33,19 @@ func main() { // 测试代码 可以直接复制新建 // var testConfigFile = flag.String("f", "../etc/home-user-auth.yaml", "the config file") +// var cnf config.Config // func GetTestServer() *rest.Server { // flag.Parse() -// var c config.Config -// conf.MustLoad(*testConfigFile, &c) +// conf.MustLoad(*testConfigFile, &cnf) -// server := rest.MustNewServer(c.RestConf) +// server := rest.MustNewServer(cnf.RestConf) // defer server.Stop() -// ctx := svc.NewServiceContext(c) +// ctx := svc.NewServiceContext(cnf) // handler.RegisterHandlers(server, ctx) -// fmt.Printf("Starting server at %s:%d...\n", c.Host, c.Port) +// fmt.Printf("Starting server at %s:%d...\n", cnf.Host, cnf.Port) // return server // } diff --git a/server/home-user-auth/internal/handler/routes.go b/server/home-user-auth/internal/handler/routes.go index 5738d5a4..3bc0f466 100644 --- a/server/home-user-auth/internal/handler/routes.go +++ b/server/home-user-auth/internal/handler/routes.go @@ -42,11 +42,17 @@ func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) { Path: "/user/basic-info", Handler: UserBasicInfoHandler(serverCtx), }, + }, + ) + + server.AddRoutes( + []rest.Route{ { Method: http.MethodGet, Path: "/user/address-list", Handler: UserAddressListHandler(serverCtx), }, }, + rest.WithJwt(serverCtx.Config.Auth.AccessSecret), ) } diff --git a/server/home-user-auth/internal/logic/useraddresslistlogic_test.go b/server/home-user-auth/internal/logic/useraddresslistlogic_test.go deleted file mode 100644 index 4c79dbbe..00000000 --- a/server/home-user-auth/internal/logic/useraddresslistlogic_test.go +++ /dev/null @@ -1,34 +0,0 @@ -package logic - -import ( - "log" - "testing" - - "github.com/474420502/requests" -) - -func TestCaseAddressList(t *testing.T) { - - // http.NewRequest("POST", "http://localhost:8888/user/login", body io.Reader) - - ses := requests.NewSession() - tp := ses.Post("http://localhost:8888/user/login") - resp, err := tp.SetBodyJson(map[string]interface{}{ - "name": "devenv@sina.cn", - "pwd": "$2y$13$6UFDMZQMEfqFYiNLpiUCi.B3fpvGEamPAjIgzUqv/u7jT05nB3pOC", - }).Execute() - if err != nil { - panic(err) - } - result := resp.Json() - token := result.Get("data.token") - ses.Header.Add("Authorization", token.String()) - log.Println(string(resp.Content())) - - resp, err = ses.Get("http://localhost:8888/user/address-list").Execute() - if err != nil { - panic(err) - } - log.Println(string(resp.Content())) - -} diff --git a/server/home-user-auth/test/basic.go b/server/home-user-auth/test/basic.go new file mode 100644 index 00000000..8bb63b10 --- /dev/null +++ b/server/home-user-auth/test/basic.go @@ -0,0 +1,58 @@ +package logic_test + +import ( + "flag" + "fmt" + "fusenapi/server/home-user-auth/internal/config" + "fusenapi/server/home-user-auth/internal/handler" + "fusenapi/server/home-user-auth/internal/svc" + "testing" + + "github.com/474420502/requests" + "github.com/zeromicro/go-zero/core/conf" + "github.com/zeromicro/go-zero/rest" +) + +var testConfigFile = flag.String("f", "../etc/home-user-auth.yaml", "the config file") +var cnf config.Config +var gserver *rest.Server + +func init() { + gserver = GetTestServer() +} + +func GetTestServer() *rest.Server { + flag.Parse() + + conf.MustLoad(*testConfigFile, &cnf) + + server := rest.MustNewServer(cnf.RestConf) + defer server.Stop() + + ctx := svc.NewServiceContext(cnf) + handler.RegisterHandlers(server, ctx) + + fmt.Printf("Starting server at %s:%d...\n", cnf.Host, cnf.Port) + return server +} + +func GetSesssionWithJwtToken(t *testing.T, server requests.ITestServer) *requests.Session { + ses := requests.NewSession() + tp := ses.Post(fmt.Sprintf("http://%s:%d/user/login", cnf.Host, cnf.Port)) + tp.SetBodyJson(map[string]interface{}{ + "name": "devenv@sina.cn", + "pwd": "$2y$13$6UFDMZQMEfqFYiNLpiUCi.B3fpvGEamPAjIgzUqv/u7jT05nB3pOC", + }) + resp, err := tp.TestInServer(server) + if err != nil { + t.Error(err) + } + result := resp.Json() + token := result.Get("data.token") + if !token.Exists() { + t.Error("data.token is not exists") + } + ses.Header.Add("Authorization", token.String()) + + return ses +} diff --git a/server/home-user-auth/test/useraddresslistlogic_test.go b/server/home-user-auth/test/useraddresslistlogic_test.go index 91303983..607cf86c 100644 --- a/server/home-user-auth/test/useraddresslistlogic_test.go +++ b/server/home-user-auth/test/useraddresslistlogic_test.go @@ -1,57 +1,21 @@ -package server_test +package logic_test import ( - "flag" "fmt" - "fusenapi/server/home-user-auth/internal/config" - "fusenapi/server/home-user-auth/internal/handler" - "fusenapi/server/home-user-auth/internal/svc" "testing" "github.com/474420502/requests" - "github.com/zeromicro/go-zero/core/conf" - "github.com/zeromicro/go-zero/rest" + "github.com/tidwall/gjson" ) -var testConfigFile = flag.String("f", "../etc/home-user-auth.yaml", "the config file") -var cnf config.Config - -func GetTestServer() *rest.Server { - flag.Parse() - - conf.MustLoad(*testConfigFile, &cnf) - - server := rest.MustNewServer(cnf.RestConf) - defer server.Stop() - - ctx := svc.NewServiceContext(cnf) - handler.RegisterHandlers(server, ctx) - - fmt.Printf("Starting server at %s:%d...\n", cnf.Host, cnf.Port) - return server -} - func TestCaseAddressList(t *testing.T) { - server := GetTestServer() + var err error + var resp *requests.Response + var result gjson.Result - ses := requests.NewSession() - tp := ses.Post(fmt.Sprintf("http://%s:%d/user/login", cnf.Host, cnf.Port)) - tp.SetBodyJson(map[string]interface{}{ - "name": "devenv@sina.cn", - "pwd": "$2y$13$6UFDMZQMEfqFYiNLpiUCi.B3fpvGEamPAjIgzUqv/u7jT05nB3pOC", - }) - resp, err := tp.TestInServer(server) - if err != nil { - t.Error(err) - } - result := resp.Json() - token := result.Get("data.token") - if !token.Exists() { - t.Error("data.token is not exists") - } - ses.Header.Add("Authorization", token.String()) + ses := GetSesssionWithJwtToken(t, gserver) - resp, err = ses.Get(fmt.Sprintf("http://%s:%d/user/address-list", cnf.Host, cnf.Port)).TestInServer(server) + resp, err = ses.Get(fmt.Sprintf("http://%s:%d/user/address-list", cnf.Host, cnf.Port)).TestInServer(gserver) if err != nil { t.Error(err) } diff --git a/server/home-user-auth/test/userbasicinfologic_test.go b/server/home-user-auth/test/userbasicinfologic_test.go new file mode 100644 index 00000000..b7c27715 --- /dev/null +++ b/server/home-user-auth/test/userbasicinfologic_test.go @@ -0,0 +1 @@ +package logic_test diff --git a/server_api/home-user-auth.api b/server_api/home-user-auth.api index 4c978191..b038ef9b 100644 --- a/server_api/home-user-auth.api +++ b/server_api/home-user-auth.api @@ -33,9 +33,17 @@ service home-user-auth { @handler UserBasicInfoHandler get /user/basic-info(request) returns (response); + // @handler UserAddressListHandler + // get /user/address-list(request) returns (response); + +} + +@server( + jwt: Auth +) +service home-user-auth { @handler UserAddressListHandler get /user/address-list(request) returns (response); - } type RequestBasicInfoForm { diff --git a/utils/auth/user.go b/utils/auth/user.go index 3b89d3a1..e27e9890 100644 --- a/utils/auth/user.go +++ b/utils/auth/user.go @@ -7,6 +7,7 @@ import ( "fmt" "github.com/golang-jwt/jwt" + "github.com/google/uuid" "github.com/zeromicro/go-zero/core/logx" ) @@ -47,6 +48,14 @@ func GenerateJwtToken(accessSecret string, accessExpire, nowSec int64, userid in claims["exp"] = nowSec + accessExpire claims["iat"] = nowSec claims["userid"] = userid + if userid == 0 { + u, err := uuid.NewUUID() + if err != nil { + logx.Error(err) + return "", err + } + claims["guestid"] = u.String() // TODO: 未完成 + } token := jwt.New(jwt.SigningMethodHS256) token.Claims = claims return token.SignedString([]byte(accessSecret)) From 2cc13de3e2cc877d01f64367c7b65fc99a0b1a50 Mon Sep 17 00:00:00 2001 From: eson <9673575+githubcontent@user.noreply.gitee.com> Date: Mon, 12 Jun 2023 20:04:30 +0800 Subject: [PATCH 2/2] =?UTF-8?q?jwt=E9=AA=8C=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../handler/useraddresslisthandler.go | 35 +++++------- utils/auth/user.go | 54 +++++++++++++++++++ 2 files changed, 68 insertions(+), 21 deletions(-) diff --git a/server/home-user-auth/internal/handler/useraddresslisthandler.go b/server/home-user-auth/internal/handler/useraddresslisthandler.go index 5682aed8..5ecc5a96 100644 --- a/server/home-user-auth/internal/handler/useraddresslisthandler.go +++ b/server/home-user-auth/internal/handler/useraddresslisthandler.go @@ -15,30 +15,23 @@ import ( "fusenapi/server/home-user-auth/internal/types" ) +var wantJwt = true + func UserAddressListHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { - // 解析jwtToken - claims, err := svcCtx.ParseJwtToken(r) - // 如果解析出错,则返回未授权的JSON响应并记录错误消息 - if err != nil { - httpx.OkJsonCtx(r.Context(), w, &basic.Response{ - Code: 401, - Message: "unauthorized", - }) - logx.Info("unauthorized:", err.Error()) - return - } + var userinfo *auth.UserInfo + var err error - // 从Token里获取对应的信息 - userinfo, err := auth.GetUserInfoFormMapClaims(claims) - // 如果获取用户信息出错,则返回未授权的JSON响应并记录错误消息 - if err != nil { - httpx.OkJsonCtx(r.Context(), w, &basic.Response{ - Code: 401, - Message: "unauthorized", - }) - logx.Info("unauthorized:", err.Error()) - return + if wantJwt { + userinfo, err = auth.ParseJwtToken(w, r, &svcCtx.Config.Auth.AccessSecret) + if err != nil { + httpx.OkJsonCtx(r.Context(), w, &basic.Response{ + Code: 401, + Message: "unauthorized", + }) + logx.Info("unauthorized:", err.Error()) + return + } } var req types.Request diff --git a/utils/auth/user.go b/utils/auth/user.go index e27e9890..63c08bef 100644 --- a/utils/auth/user.go +++ b/utils/auth/user.go @@ -5,6 +5,7 @@ import ( "encoding/json" "errors" "fmt" + "net/http" "github.com/golang-jwt/jwt" "github.com/google/uuid" @@ -60,3 +61,56 @@ func GenerateJwtToken(accessSecret string, accessExpire, nowSec int64, userid in token.Claims = claims return token.SignedString([]byte(accessSecret)) } + +func ParseJwtToken(w http.ResponseWriter, r *http.Request, AccessSecret *string) (*UserInfo, error) { + // 解析jwtToken + claims, err := getJwtClaims(r, AccessSecret) + // 如果解析出错,则返回未授权的JSON响应并记录错误消息 + if err != nil { + // httpx.OkJsonCtx(r.Context(), w, &basic.Response{ + // Code: 401, + // Message: "unauthorized", + // }) + // logx.Info("unauthorized:", err.Error()) + return nil, err + } + + // 从Token里获取对应的信息 + userinfo, err := GetUserInfoFormMapClaims(claims) + // 如果获取用户信息出错,则返回未授权的JSON响应并记录错误消息 + if err != nil { + // httpx.OkJsonCtx(r.Context(), w, &basic.Response{ + // Code: 401, + // Message: "unauthorized", + // }) + // logx.Info("unauthorized:", err.Error()) + return nil, err + } + return userinfo, err +} + +func getJwtClaims(r *http.Request, AccessSecret *string) (jwt.MapClaims, error) { + AuthKey := r.Header.Get("Authorization") + if len(AuthKey) <= 50 { + return nil, errors.New(fmt.Sprint("Error parsing token, len:", len(AuthKey))) + } + + token, err := jwt.Parse(AuthKey, func(token *jwt.Token) (interface{}, error) { + // 检查签名方法是否为 HS256 + if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { + return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) + } + // 返回用于验证签名的密钥 + return []byte(*AccessSecret), nil + }) + if err != nil { + return nil, errors.New(fmt.Sprint("Error parsing token:", err)) + } + + // 验证成功返回 + if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid { + return claims, nil + } + + return nil, errors.New(fmt.Sprint("Invalid token", err)) +}