Merge branch 'main' of https://git.apinb.com/bsm-sdk/core

middleware/jwt.go

@@ -4,20 +4,20 @@ import (
 	"encoding/json"
 	"log"
 	"net/http"
+	"time"
 
-	"git.apinb.com/bsm-sdk/core/cache/redis"
 	"git.apinb.com/bsm-sdk/core/crypto/encipher"
 	"git.apinb.com/bsm-sdk/core/errcode"
 	"git.apinb.com/bsm-sdk/core/types"
 	"github.com/gin-gonic/gin"
 )
 
-func JwtAuth(redis *redis.RedisClient) gin.HandlerFunc {
+func JwtAuth(time_verify bool) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		// 从请求头中获取 Authorization
 		authHeader := c.GetHeader("Authorization")
 		if authHeader == "" {
-			log.Println("获取token异常:", "Authorization header is required")
+			log.Printf("获取token异常:%v\n", "Authorization header is required")
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "Authorization header is required"})
 			c.Abort()
 			return
@@ -25,21 +25,22 @@ func JwtAuth(redis *redis.RedisClient) gin.HandlerFunc {
 		// 提取Token
 		claims, err := encipher.ParseTokenAes(authHeader)
 		if err != nil || claims == nil {
-			log.Println("提取token异常:", "Token is required")
+			log.Printf("提取token异常:%v\n", err)
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
 			c.Abort()
 			return
 		}
 
-		// 从redis 获取token,判断当前redis 是否为空
-		// tokenKey := fmt.Sprintf("%d-%s-%s", claims.ID, claims.Role, "token")
-		// redisToken := redis.Client.Get(redis.Ctx, tokenKey)
-		// if redisToken.Val() == "" {
-		// 	log.Println("redis异常", "Token status unauthorized")
-		// 	c.JSON(http.StatusUnauthorized, gin.H{"error": "Token status unauthorized"})
-		// 	c.Abort()
-		// 	return
-		// }
+		// 检测是否需要验证token时间
+		if time_verify {
+			// 判断时间claims.ExpiresAt
+			if time.Now().Unix() > claims.ExpiresAt {
+				log.Println("token过期，请重新获取:", "Token has expired")
+				c.JSON(http.StatusUnauthorized, gin.H{"error": "Token has expired"})
+				c.Abort()
+				return
+			}
+		}
 
 		// 将解析后的 Token 存储到上下文中
 		c.Set("Auth", claims)