| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110 |
- package auth
- import (
- "context"
- "fmt"
- "github.com/sirupsen/logrus"
- "go-micro.dev/v4/auth"
- "go-micro.dev/v4/metadata"
- "sghgogs.com/micro/common"
- "sghgogs.com/micro/common/errorcode"
- "sghgogs.com/micro/shopping-service/domain/service"
- pb "sghgogs.com/micro/shopping-service/proto"
- "sghgogs.com/micro/shopping-service/utils/authutil"
- "strconv"
- "strings"
- "time"
- )
- type Auth struct {
- Service service.IService
- Namespace string
- }
- func (svc *Auth) Login(ctx context.Context, query *pb.LoginRequest, rsp *pb.LoginResponse) error {
- login, GroupID, err := svc.Service.Login(query)
- if err != nil {
- return err
- }
- md := map[string]string{}
- md["username"] = login.Username
- md["user_id"] = fmt.Sprintf("%d", login.Id)
- md["phone_number"] = login.PhoneNumber
- md["code"] = query.Code
- md["group_id"] = fmt.Sprintf("%d", GroupID)
- var roles []string
- for _, role := range login.Roles {
- roles = append(roles, strings.ToLower(role.Key))
- }
- expiry := time.Second * time.Duration(72*3600)
- md["timestamp"] = fmt.Sprintf("%d", 72*3600)
- md["expiry"] = fmt.Sprintf("%d", expiry)
- token, err := authutil.JWTAuthService.GenerateToken(login.Id, "system", "user", login.PhoneNumber, roles, md)
- if err != nil {
- return errorcode.BadRequest(svc.Namespace, common.ErrorMessage[common.FailedToGenerateTokenErrorCode])
- }
- a, err := authutil.JWTAuthService.Token(login.Id, token.Secret, expiry)
- if err != nil {
- return errorcode.BadRequest(svc.Namespace, common.ErrorMessage[common.FailedToGenerateTokenErrorCode])
- }
- if err = authutil.JWTAuthService.StoreToken(ctx, login.Id, login.Username, a.AccessToken); err != nil {
- return errorcode.BadRequest(svc.Namespace, common.ErrorMessage[common.FailedToStoreTokenErrorCode])
- }
- rsp.Data = login
- rsp.Token = a.AccessToken
- return nil
- }
- func (svc *Auth) Logout(ctx context.Context, request *pb.LogoutRequest, rsp *pb.LogoutResponse) error {
- md, b := metadata.FromContext(ctx)
- if !b {
- return errorcode.Unauthorized(svc.Namespace, common.ErrorMessage[common.UnauthorizedErrorCode])
- }
- authHeader, ok := md["Authorization"]
- if !ok || !strings.HasPrefix(authHeader, auth.BearerScheme) {
- logrus.Error("no auth token provided")
- return errorcode.Unauthorized(svc.Namespace, common.ErrorMessage[common.UnauthorizedErrorCode])
- }
- // Extract auth token.
- token := strings.TrimPrefix(authHeader, auth.BearerScheme)
- token = strings.TrimSpace(token)
- if err := authutil.JWTAuthService.Blacklist(token); err != nil {
- return errorcode.Unauthorized(svc.Namespace, common.ErrorMessage[common.FailedRedisInternalServerErrorCode])
- }
- return nil
- }
- func (svc *Auth) Profile(ctx context.Context, request *pb.ProfileRequest, rsp *pb.ProfileResponse) error {
- md, b := metadata.FromContext(ctx)
- if !b {
- return errorcode.Unauthorized(svc.Namespace, common.ErrorMessage[common.UnauthorizedErrorCode])
- }
- authHeader, ok := md["Authorization"]
- if !ok || !strings.HasPrefix(authHeader, auth.BearerScheme) {
- logrus.Error("no auth token provided")
- return errorcode.Unauthorized(svc.Namespace, common.ErrorMessage[common.UnauthorizedErrorCode])
- }
- // Extract auth token.
- token := strings.TrimPrefix(authHeader, auth.BearerScheme)
- token = strings.TrimSpace(token)
- inspect, errE := authutil.JWTAuthService.Inspect(token)
- if errE != nil {
- return errorcode.Unauthorized(svc.Namespace, common.ErrorMessage[common.TokenInvalidErrorCode])
- }
- if value, isOk := inspect.Metadata["user_id"]; isOk {
- userID, _ := strconv.ParseInt(value, 10, 64)
- groupID, _ := strconv.ParseInt(inspect.Metadata["group_id"], 10, 64)
- if profile, err := svc.Service.Profile(groupID, userID); err != nil {
- return err
- } else {
- rsp.Data = profile
- }
- }
- return nil
- }
|
