add std_owner

conf/types.go

@@ -1,12 +1,14 @@
 package conf
 
 type Base struct {
-	Service   string `yaml:"Service"`   // 服务名称
-	Port      string `yaml:"Port"`      // 服务监听端口,0为自动随机端口
-	Cache     string `yaml:"Cache"`     // REDIS缓存
-	SecretKey string `yaml:"SecretKey"` // 服务秘钥
-	BindIP    string `yaml:"BindIP"`    // 绑定IP
-	Addr      string `yaml:"Addr"`
+	Service        string `yaml:"Service"`   // 服务名称
+	Port           string `yaml:"Port"`      // 服务监听端口,0为自动随机端口
+	Cache          string `yaml:"Cache"`     // REDIS缓存
+	SecretKey      string `yaml:"SecretKey"` // 服务秘钥
+	BindIP         string `yaml:"BindIP"`    // 绑定IP
+	Addr           string `yaml:"Addr"`
+	OnMicroService bool   `yaml:"OnMicroService"`
+	LoginUrl       string `yaml:"LoginUrl"`
 }
 
 type DBConf struct {
@@ -48,11 +50,14 @@ type RpcConf struct {
 }
 
 type OssConf struct {
+	Platform        string `yaml:"Platform"`        // oss平台：aliyun,tencent,huawei,aws,minio
 	Site            string `yaml:"Site"`            // oss站点HOST
 	Endpoint        string `yaml:"Endpoint"`        // oss服务接入地址
 	Region          string `yaml:"Region"`          // oss服务区域
 	AccessKeyID     string `yaml:"AccessKeyId"`     // oss AccessKeyId
 	AccessKeySecret string `yaml:"AccessKeySecret"` // oss AccessKeySecret
+	UseSSL          bool   `yaml:"UseSSL"`          // 是否使用SSL
+
 }
 
 type MqConf struct {

infra/service.go

@@ -17,14 +17,14 @@ var (
 
 type service struct{}
 
-func (s *service) Register(cli *clientv3.Client, serviceName string, port int) error {
+func (s *service) Register(cli *clientv3.Client, serviceName string, port string) error {
 	lease := clientv3.NewLease(cli)
 	grantResp, err := lease.Grant(context.TODO(), 5)
 	if err != nil {
 		return err
 	}
 
-	serviceAddr := utils.GetLocationIP() + ":" + utils.Int2String(port)
+	serviceAddr := utils.GetLocationIP() + ":" + port
 
 	key := RootPrefix + serviceName + "/" + utils.Int642String(time.Now().UnixNano())
 	_, err = cli.KV.Put(context.TODO(), key, serviceAddr, clientv3.WithLease(grantResp.ID))

middleware/jwt.go

@@ -0,0 +1,73 @@
+package middleware
+
+import (
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+
+	"git.apinb.com/bsm-sdk/core/cache/redis"
+	"git.apinb.com/bsm-sdk/core/crypto/encipher"
+	"git.apinb.com/bsm-sdk/core/errcode"
+	"git.apinb.com/bsm-sdk/core/types"
+	"github.com/gin-gonic/gin"
+)
+
+func JwtAuth(redis *redis.RedisClient) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// 从请求头中获取 Authorization
+		authHeader := c.GetHeader("Authorization")
+		if authHeader == "" {
+			log.Println("获取token异常:", "Authorization header is required")
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Authorization header is required"})
+			c.Abort()
+			return
+		}
+		// 提取Token
+		claims, err := encipher.ParseTokenAes(authHeader)
+		if err != nil || claims == nil {
+			log.Println("提取token异常:", "Token is required")
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
+			c.Abort()
+			return
+		}
+
+		// 从redis 获取token,判断当前redis 是否为空
+		tokenKey := fmt.Sprintf("%d-%s-%s", claims.ID, claims.Role, "token")
+		redisToken := redis.Client.Get(redis.Ctx, tokenKey)
+		if redisToken.Val() == "" {
+			log.Println("redis异常", "Token status unauthorized")
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token status unauthorized"})
+			c.Abort()
+			return
+		}
+
+		// 将解析后的 Token 存储到上下文中
+		c.Set("Auth", claims)
+		// 如果 Token 有效，继续处理请求
+		c.Next()
+	}
+}
+
+// 获取上下文用户登录信息
+func ParseAuth(c *gin.Context) (*types.JwtClaims, error) {
+	claims, ok := c.Get("Auth")
+	if !ok {
+		log.Printf("获取登录信息异常: %v", errcode.ErrJWTAuthNotFound)
+		return nil, errcode.ErrJWTAuthNotFound
+	}
+
+	json_claims, err := json.Marshal(claims)
+	if err != nil {
+		log.Printf("解析json异常: %v", err)
+		return nil, errcode.ErrJsonMarshal
+	}
+
+	var auth *types.JwtClaims
+	if err := json.Unmarshal(json_claims, &auth); err != nil {
+		log.Printf("解析json异常: %v", err)
+		return nil, errcode.ErrJsonUnmarshal
+	}
+
+	return auth, nil
+}

oplog/new.go

@@ -0,0 +1,14 @@
+package oplog
+
+import (
+	"encoding/json"
+
+	"git.apinb.com/bsm-sdk/core/utils"
+)
+
+func New(endpoint string, data []*LogItem) {
+	jsonBytes, _ := json.Marshal(data)
+
+	go utils.HttpPost(endpoint, nil, jsonBytes)
+
+}

oplog/types.go

@@ -0,0 +1,18 @@
+package oplog
+
+type LogItem struct {
+	OpID   uint   `json:"op_id"`
+	OpName string `json:"op_name"`
+	OpType string `json:"op_type"`
+	Text   string `json:"text"`
+}
+
+var (
+	Type_Login    string = "login"
+	Type_Logout   string = "logout"
+	Type_Register string = "register"
+	Type_Update   string = "update"
+	Type_Delete   string = "delete"
+	Type_Query    string = "query"
+	Type_Other    string = "other"
+)

service/meta.go

@@ -2,81 +2,57 @@ package service
 
 import (
 	"context"
-	"encoding/json"
-	"strconv"
 
+	"git.apinb.com/bsm-sdk/core/crypto/encipher"
 	"git.apinb.com/bsm-sdk/core/errcode"
+	"git.apinb.com/bsm-sdk/core/types"
 	"git.apinb.com/bsm-sdk/core/utils"
 	"google.golang.org/grpc/metadata"
 )
 
-type Meta struct {
-	ID       uint              `json:"id"`
-	IDENTITY string            `json:"identity"`
-	EXTEND   map[string]string `json:"extend"`
-	CLIENT   string            `json:"client"`
-}
-
 // 解析Context中MetaData的数据
 type ParseOptions struct {
 	RoleValue        string // 判断角色的值
 	MustPrivateAllow bool   // 是否只允许私有IP访问
 }
 
-func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*Meta, error) {
+func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*types.JwtClaims, error) {
 	// 解析metada中的信息并验证
 	md, ok := metadata.FromIncomingContext(ctx)
 	if !ok {
 		return nil, errcode.ErrJWTAuthNotFound
 	}
 
-	// 安全获取 metadata 中的值
-	identityValues := md.Get("authorization_identity")
-	clientValues := md.Get("client")
-
-	if len(identityValues) == 0 {
-		return nil, errcode.ErrJWTAuthNotFound
-	}
-	if len(clientValues) == 0 {
+	var Authorizations []string = md.Get("authorization")
+	if len(Authorizations) == 0 || Authorizations[0] == "" {
 		return nil, errcode.ErrJWTAuthNotFound
 	}
 
-	meta := &Meta{
-		IDENTITY: md["authorization_identity"][0],
-		CLIENT:   md["client"][0],
-	}
-
-	if id, err := strconv.Atoi(md["authorization_id"][0]); err != nil {
-		return nil, errcode.ErrJWTAuthKeyId
-	} else {
-		meta.ID = uint(id)
-	}
-
-	data := make(map[string]string)
-	if err := json.Unmarshal([]byte(md["authorization_extend"][0]), &data); err == nil {
-		meta.EXTEND = data
+	claims, err := encipher.ParseTokenAes(Authorizations[0])
+	if err != nil {
+		return nil, err
 	}
 
 	if opts != nil {
-		if !meta.CheckRole("role", opts.RoleValue) {
+		if !checkRole(claims, "role", opts.RoleValue) {
 			return nil, errcode.ErrPermissionDenied
 		}
 		if opts.MustPrivateAllow {
-			if utils.IsPublicIP(meta.CLIENT) {
+			if utils.IsPublicIP(claims.Client) {
 				return nil, errcode.ErrPermissionDenied
 			}
 		}
 	}
 
-	return meta, nil
+	return claims, nil
 
 }
 
-func (m *Meta) CheckRole(roleKey, roleValue string) bool {
+func checkRole(claims *types.JwtClaims, roleKey, roleValue string) bool {
 	if roleValue == "" {
 		return true
 	}
-	if role, exists := m.EXTEND[roleKey]; !exists || role != roleValue {
+	if role, exists := claims.Extend[roleKey]; !exists || role != roleValue {
 		return false
 	} else {
 		return true

types/db.go

@@ -21,37 +21,43 @@ type (
 	// standard ID,Identity definition.
 	Std_IDIdentity struct {
 		ID       uint   `gorm:"primarykey;"  json:"id"`
-		Identity string `gorm:"column:identity;type:varchar(36);uniqueIndex;default:uuid_generate_v4()"  json:"identity"` // 唯一标识，24位NanoID,36位为ULID
+		Identity string `gorm:"column:identity;type:varchar(36);uniqueIndex;"  json:"identity"` // 唯一标识，24位NanoID,36位为ULID
 	}
 
 	// standard ID,Created,Updated,Deleted definition.
 	Std_IICUDS struct {
 		ID        uint           `gorm:"primarykey;"  json:"id"`
-		Identity  string         `gorm:"column:identity;type:varchar(36);uniqueIndex;default:uuid_generate_v4()"  json:"identity"` // 唯一标识，24位NanoID,36位为ULID
-		CreatedAt time.Time      `json:"created_at"`
-		UpdatedAt time.Time      `json:"updated_at"`
+		Identity  string         `gorm:"column:identity;type:varchar(36);uniqueIndex;"  json:"identity"` // 唯一标识，24位NanoID,36位为ULID
+		CreatedAt time.Time      `gorm:"" json:"created_at"`
+		UpdatedAt time.Time      `gorm:"" json:"updated_at"`
 		DeletedAt gorm.DeletedAt `gorm:"index;" json:"deleted_at"`
-		Status    int64          `gorm:"default:0;index;" json:"status"` // 状态：默认为0，-1禁止，1为正常
+		Status    int8           `gorm:"default:0;index;" json:"status"` // 状态：默认为0，-1禁止，1为正常
 	}
 
 	// standard ID,Identity,Created,Updated,Deleted,Status definition.
 	Std_ICUD struct {
 		ID        uint           `gorm:"primarykey;"  json:"id"`
-		CreatedAt time.Time      `json:"created_at"`
-		UpdatedAt time.Time      `json:"updated_at"`
+		CreatedAt time.Time      `gorm:"" json:"created_at"`
+		UpdatedAt time.Time      `gorm:"" json:"updated_at"`
 		DeletedAt gorm.DeletedAt `gorm:"index;" json:"deleted_at"`
 	}
 
 	// standard ID,Created definition.
 	Std_IdCreated struct {
 		ID        uint      `gorm:"primarykey;"  json:"id"`
-		CreatedAt time.Time `json:"created_at"`
+		CreatedAt time.Time `gorm:"" json:"created_at"`
 	}
 
 	// standard PassportID,PassportIdentity definition.
 	Std_Passport struct {
 		PassportID       uint   `gorm:"column:passport_id;Index;" json:"passport_id"`
-		PassportIdentity string `gorm:"column:passport_identity;type:varchar(36);Index;default:uuid_generate_v4()"  json:"passport_identity"` // 用户唯一标识，24位NanoID,36位为ULID
+		PassportIdentity string `gorm:"column:passport_identity;type:varchar(36);Index;"  json:"passport_identity"` // 用户唯一标识，24位NanoID,36位为UUID
+	}
+
+	// standard OwnerID,OwnerIdentity definition.
+	Std_Owner struct {
+		OwnerID       uint   `gorm:"column:owner_id;Index;" json:"owner_id"`
+		OwnerIdentity string `gorm:"column:owner_identity;type:varchar(36);Index;"  json:"owner_identity"` // 用户唯一标识，24位NanoID,36位为UUID
 	}
 
 	// standard ID definition.
@@ -61,7 +67,7 @@ type (
 
 	// standard Identity definition.
 	Std_Identity struct {
-		Identity string `gorm:"column:identity;type:varchar(36);uniqueIndex;default:uuid_generate_v4()"  json:"identity"` // 唯一标识，24位NanoID,36位为ULID
+		Identity string `gorm:"column:identity;type:varchar(36);uniqueIndex;"  json:"identity"` // 唯一标识，24位NanoID,36位为UUID
 	}
 
 	// standard Status definition.

utils/net.go

@@ -9,6 +9,7 @@ import (
 	"net/http"
 	"os"
 	"strconv"
+	"strings"
 )
 
 func IsPublicIP(ipString string) bool {
@@ -32,24 +33,55 @@ func IsPublicIP(ipString string) bool {
 }
 
 // Get Location IP .
-func GetLocationIP() string {
-	addrs, err := net.InterfaceAddrs()
+func GetLocationIP() (localIp string) {
+	localIp = "127.0.0.1"
+	// Get all network interfaces
+	interfaces, err := net.Interfaces()
 	if err != nil {
-		return ""
+		return
 	}
-	ip := ""
-	for _, a := range addrs {
-		if ipnet, ok := a.(*net.IPNet); ok && !ipnet.IP.IsLoopback() {
-			if ipnet.IP.To4() != nil {
-				ip = ipnet.IP.String()
-				break
+
+	for _, iface := range interfaces {
+		// Skip the loopback interface
+		if iface.Flags&net.FlagLoopback != 0 {
+			continue
+		}
+
+		// Get addresses associated with the interface
+		addrs, err := iface.Addrs()
+		if err != nil {
+			continue
+		}
+
+		for _, addr := range addrs {
+			// Check if the address is an IPNet
+			ipnet, ok := addr.(*net.IPNet)
+			if !ok || ipnet.IP.IsLoopback() {
+				continue
 			}
+
+			// Get the IP address
+			ip := ipnet.IP.To4()
+			if ip == nil {
+				continue
+			}
+
+			// Skip IP addresses in the 169.254.x.x range
+			if strings.HasPrefix(ip.String(), "169.254") {
+				continue
+			}
+
+			// Skip IP addresses in the 169.254.x.x range
+			if strings.HasPrefix(ip.String(), "26.26") {
+				continue
+			}
+
+			// Return the first valid IP address found
+			return ip.String()
 		}
 	}
-	if ip == "" {
-		return ""
-	}
-	return ip
+
+	return
 }
 
 func LocalIPv4s() ([]string, error) {