fix

middleware/jwt.go

@@ -0,0 +1,43 @@
+package middleware
+
+import (
+	"log"
+	"net/http"
+
+	"git.apinb.com/bsm-sdk/core/crypto/encipher"
+	"github.com/gin-gonic/gin"
+)
+
+func JwtAuth(redisToken string) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// 从请求头中获取 Authorization
+		authHeader := c.GetHeader("Authorization")
+		if authHeader == "" {
+			log.Println("获取token异常:", "Authorization header is required")
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Authorization header is required"})
+			c.Abort()
+			return
+		}
+		// 提取Token
+		claims, err := encipher.ParseTokenAes(authHeader)
+		if err != nil || claims == nil {
+			log.Println("提取token异常:", "Token is required")
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
+			c.Abort()
+			return
+		}
+
+		// 从redis 获取token,判断当前redis 是否为空
+		if redisToken == "" {
+			log.Println("redis异常", "Token status unauthorized")
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token status unauthorized"})
+			c.Abort()
+			return
+		}
+
+		// 将解析后的 Token 存储到上下文中
+		c.Set("Auth", claims)
+		// 如果 Token 有效，继续处理请求
+		c.Next()
+	}
+}

service/meta.go

@@ -5,25 +5,18 @@ import (
 
 	"git.apinb.com/bsm-sdk/core/crypto/encipher"
 	"git.apinb.com/bsm-sdk/core/errcode"
+	"git.apinb.com/bsm-sdk/core/types"
 	"git.apinb.com/bsm-sdk/core/utils"
 	"google.golang.org/grpc/metadata"
 )
 
-type Meta struct {
-	ID       uint              `json:"id"`
-	IDENTITY string            `json:"identity"`
-	EXTEND   map[string]string `json:"extend"`
-	CLIENT   string            `json:"client"`
-	ROLE     string            `json:"role"`
-}
-
 // 解析Context中MetaData的数据
 type ParseOptions struct {
 	RoleValue        string // 判断角色的值
 	MustPrivateAllow bool   // 是否只允许私有IP访问
 }
 
-func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*Meta, error) {
+func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*types.JwtClaims, error) {
 	// 解析metada中的信息并验证
 	md, ok := metadata.FromIncomingContext(ctx)
 	if !ok {
@@ -40,34 +33,26 @@ func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*Meta, error) {
 		return nil, err
 	}
 
-	meta := &Meta{
-		ID:       claims.ID,
-		IDENTITY: claims.Identity,
-		CLIENT:   claims.Client,
-		EXTEND:   claims.Extend,
-		ROLE:     claims.Role,
-	}
-
 	if opts != nil {
-		if !meta.CheckRole("role", opts.RoleValue) {
+		if !checkRole(claims, "role", opts.RoleValue) {
 			return nil, errcode.ErrPermissionDenied
 		}
 		if opts.MustPrivateAllow {
-			if utils.IsPublicIP(meta.CLIENT) {
+			if utils.IsPublicIP(claims.Client) {
 				return nil, errcode.ErrPermissionDenied
 			}
 		}
 	}
 
-	return meta, nil
+	return claims, nil
 
 }
 
-func (m *Meta) CheckRole(roleKey, roleValue string) bool {
+func checkRole(claims *types.JwtClaims, roleKey, roleValue string) bool {
 	if roleValue == "" {
 		return true
 	}
-	if role, exists := m.EXTEND[roleKey]; !exists || role != roleValue {
+	if role, exists := claims.Extend[roleKey]; !exists || role != roleValue {
 		return false
 	} else {
 		return true

types/db.go

@@ -31,7 +31,7 @@ type (
 		CreatedAt time.Time      `json:"created_at"`
 		UpdatedAt time.Time      `json:"updated_at"`
 		DeletedAt gorm.DeletedAt `gorm:"index;" json:"deleted_at"`
-		Status    int64          `gorm:"default:0;index;" json:"status"` // 状态：默认为0，-1禁止，1为正常
+		Status    int8           `gorm:"default:0;index;" json:"status"` // 状态：默认为0，-1禁止，1为正常
 	}
 
 	// standard ID,Identity,Created,Updated,Deleted,Status definition.