fix

2025-04-09 10:34:01 +08:00 · 2025-04-09 10:19:15 +08:00 · 2025-04-09 09:39:51 +08:00 · 2025-04-08 15:20:34 +08:00 · 2025-04-08 15:20:22 +08:00 · 2025-04-07 11:14:07 +08:00
4 changed files with 132 additions and 51 deletions
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@@ -0,0 +1,73 @@
 package middleware
 import (
 	"encoding/json"
 	"fmt"
 	"log"
 	"net/http"
 	"git.apinb.com/bsm-sdk/core/cache/redis"
 	"git.apinb.com/bsm-sdk/core/crypto/encipher"
 	"git.apinb.com/bsm-sdk/core/errcode"
 	"git.apinb.com/bsm-sdk/core/types"
 	"github.com/gin-gonic/gin"
 )
 func JwtAuth(redis *redis.RedisClient) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		// 从请求头中获取 Authorization
 		authHeader := c.GetHeader("Authorization")
 		if authHeader == "" {
 			log.Println("获取token异常:", "Authorization header is required")
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "Authorization header is required"})
 			c.Abort()
 			return
 		}
 		// 提取Token
 		claims, err := encipher.ParseTokenAes(authHeader)
 		if err != nil || claims == nil {
 			log.Println("提取token异常:", "Token is required")
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
 			c.Abort()
 			return
 		}
 		// 从redis 获取token,判断当前redis 是否为空
 		tokenKey := fmt.Sprintf("%d-%s-%s", claims.ID, claims.Role, "token")
 		redisToken := redis.Client.Get(redis.Ctx, tokenKey)
 		if redisToken.Val() == "" {
 			log.Println("redis异常", "Token status unauthorized")
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token status unauthorized"})
 			c.Abort()
 			return
 		}
 		// 将解析后的 Token 存储到上下文中
 		c.Set("Auth", claims)
 		// 如果 Token 有效，继续处理请求
 		c.Next()
 	}
 }
 // 获取上下文用户登录信息
 func ParseAuth(c *gin.Context) (*types.JwtClaims, error) {
 	claims, ok := c.Get("Auth")
 	if !ok {
 		log.Printf("获取登录信息异常: %v", errcode.ErrJWTAuthNotFound)
 		return nil, errcode.ErrJWTAuthNotFound
 	}
 	json_claims, err := json.Marshal(claims)
 	if err != nil {
 		log.Printf("解析json异常: %v", err)
 		return nil, errcode.ErrJsonMarshal
 	}
 	var auth *types.JwtClaims
 	if err := json.Unmarshal(json_claims, &auth); err != nil {
 		log.Printf("解析json异常: %v", err)
 		return nil, errcode.ErrJsonUnmarshal
 	}
 	return auth, nil
 }
--- a/service/meta.go
+++ b/service/meta.go
@@ -2,81 +2,57 @@ package service
 import (
 	"context"
 	"encoding/json"
 	"strconv"
 	"git.apinb.com/bsm-sdk/core/crypto/encipher"
 	"git.apinb.com/bsm-sdk/core/errcode"
 	"git.apinb.com/bsm-sdk/core/types"
 	"git.apinb.com/bsm-sdk/core/utils"
 	"google.golang.org/grpc/metadata"
 )
 type Meta struct {
 	ID       uint              `json:"id"`
 	IDENTITY string            `json:"identity"`
 	EXTEND   map[string]string `json:"extend"`
 	CLIENT   string            `json:"client"`
 }
 // 解析Context中MetaData的数据
 type ParseOptions struct {
 	RoleValue        string // 判断角色的值
 	MustPrivateAllow bool   // 是否只允许私有IP访问
 }
-func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*Meta, error) {
+func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*types.JwtClaims, error) {
 	// 解析metada中的信息并验证
 	md, ok := metadata.FromIncomingContext(ctx)
 	if !ok {
 		return nil, errcode.ErrJWTAuthNotFound
 	}
-	// 安全获取 metadata 中的值
+	var Authorizations []string = md.Get("authorization")
-	identityValues := md.Get("authorization_identity")
+	if len(Authorizations) == 0 || Authorizations[0] == "" {
 	clientValues := md.Get("client")
 	if len(identityValues) == 0 {
 		return nil, errcode.ErrJWTAuthNotFound
 	}
 	if len(clientValues) == 0 {
 		return nil, errcode.ErrJWTAuthNotFound
 	}
-	meta := &Meta{
+	claims, err := encipher.ParseTokenAes(Authorizations[0])
-		IDENTITY: md["authorization_identity"][0],
+	if err != nil {
-		CLIENT:   md["client"][0],
+		return nil, err
 	}
 	if id, err := strconv.Atoi(md["authorization_id"][0]); err != nil {
 		return nil, errcode.ErrJWTAuthKeyId
 	} else {
 		meta.ID = uint(id)
 	}
 	data := make(map[string]string)
 	if err := json.Unmarshal([]byte(md["authorization_extend"][0]), &data); err == nil {
 		meta.EXTEND = data
 	}
 	if opts != nil {
-		if !meta.CheckRole("role", opts.RoleValue) {
+		if !checkRole(claims, "role", opts.RoleValue) {
 			return nil, errcode.ErrPermissionDenied
 		}
 		if opts.MustPrivateAllow {
-			if utils.IsPublicIP(meta.CLIENT) {
+			if utils.IsPublicIP(claims.Client) {
 				return nil, errcode.ErrPermissionDenied
 			}
 		}
 	}
-	return meta, nil
+	return claims, nil
 }
-func (m *Meta) CheckRole(roleKey, roleValue string) bool {
+func checkRole(claims *types.JwtClaims, roleKey, roleValue string) bool {
 	if roleValue == "" {
 		return true
 	}
-	if role, exists := m.EXTEND[roleKey]; !exists || role != roleValue {
+	if role, exists := claims.Extend[roleKey]; !exists || role != roleValue {
 		return false
 	} else {
 		return true
--- a/types/db.go
+++ b/types/db.go
@@ -31,7 +31,7 @@ type (
 		CreatedAt time.Time      `json:"created_at"`
 		UpdatedAt time.Time      `json:"updated_at"`
 		DeletedAt gorm.DeletedAt `gorm:"index;" json:"deleted_at"`
-		Status    int64          `gorm:"default:0;index;" json:"status"` // 状态：默认为0，-1禁止，1为正常
+		Status    int8           `gorm:"default:0;index;" json:"status"` // 状态：默认为0，-1禁止，1为正常
 	}
 	// standard ID,Identity,Created,Updated,Deleted,Status definition.
--- a/utils/net.go
+++ b/utils/net.go
@@ -9,6 +9,7 @@ import (
 	"net/http"
 	"os"
 	"strconv"
 	"strings"
 )
 func IsPublicIP(ipString string) bool {
@@ -32,24 +33,55 @@ func IsPublicIP(ipString string) bool {
 }
 // Get Location IP .
-func GetLocationIP() string {
+func GetLocationIP() (localIp string) {
-	addrs, err := net.InterfaceAddrs()
+	localIp = "127.0.0.1"
 	// Get all network interfaces
 	interfaces, err := net.Interfaces()
 	if err != nil {
-		return ""
+		return
 	}
-	ip := ""
+
-	for _, a := range addrs {
+	for _, iface := range interfaces {
-		if ipnet, ok := a.(*net.IPNet); ok && !ipnet.IP.IsLoopback() {
+		// Skip the loopback interface
-			if ipnet.IP.To4() != nil {
+		if iface.Flags&net.FlagLoopback != 0 {
-				ip = ipnet.IP.String()
+			continue
-				break
+		}
 		// Get addresses associated with the interface
 		addrs, err := iface.Addrs()
 		if err != nil {
 			continue
 		}
 		for _, addr := range addrs {
 			// Check if the address is an IPNet
 			ipnet, ok := addr.(*net.IPNet)
 			if !ok || ipnet.IP.IsLoopback() {
 				continue
 			}
 			// Get the IP address
 			ip := ipnet.IP.To4()
 			if ip == nil {
 				continue
 			}
 			// Skip IP addresses in the 169.254.x.x range
 			if strings.HasPrefix(ip.String(), "169.254") {
 				continue
 			}
 			// Skip IP addresses in the 169.254.x.x range
 			if strings.HasPrefix(ip.String(), "26.26") {
 				continue
 			}
 			// Return the first valid IP address found
 			return ip.String()
 		}
 	}
-	}
+
-	if ip == "" {
+	return
 		return ""
 	}
 	return ip
 }
 func LocalIPv4s() ([]string, error) {
Author	SHA1	Message	Date
zhaoxiaorong	5172824358	fix	2025-04-09 10:34:01 +08:00
zhaoxiaorong	51ff7d1ffd	fix	2025-04-09 10:19:15 +08:00
zhaoxiaorong	c7f24e3b6d	fix	2025-04-09 09:39:51 +08:00
david.yan	f7948263c5	Merge branch 'main' of https://git.apinb.com/bsm-sdk/core	2025-04-08 15:20:34 +08:00
david.yan	fc42bc92ff	fix parse meta ctx	2025-04-08 15:20:22 +08:00
yanweidong	b8f693ef82	fix net getLocationIP	2025-04-07 11:14:07 +08:00