@@ -4,20 +4,20 @@ import (
"encoding/json"
"log"
"net/http"
"time"
"git.apinb.com/bsm-sdk/core/cache/redis"
"git.apinb.com/bsm-sdk/core/crypto/encipher"
"git.apinb.com/bsm-sdk/core/errcode"
"git.apinb.com/bsm-sdk/core/types"
"github.com/gin-gonic/gin"
)
func JwtAuth ( redis * redis . RedisClient ) gin . HandlerFunc {
func JwtAuth ( time_verify bool ) gin . HandlerFunc {
return func ( c * gin . Context ) {
// 从请求头中获取 Authorization
authHeader := c . GetHeader ( "Authorization" )
if authHeader == "" {
log . Println ( "获取token异常:" , "Authorization header is required" )
log . Printf ( "获取token异常:%v\n " , "Authorization header is required" )
c . JSON ( http . StatusUnauthorized , gin . H { "error" : "Authorization header is required" } )
c . Abort ( )
return
@@ -25,21 +25,22 @@ func JwtAuth(redis *redis.RedisClient) gin.HandlerFunc {
// 提取Token
claims , err := encipher . ParseTokenAes ( authHeader )
if err != nil || claims == nil {
log . Println ( "提取token异常:" , "Token is required" )
log . Printf ( "提取token异常:%v\n " , err )
c . JSON ( http . StatusUnauthorized , gin . H { "error" : "Token is required" } )
c . Abort ( )
return
}
// 从redis 获取token,判断当前redis 是否为空
// tokenKey := fmt.Sprintf("%d-%s-%s", claims.ID, claims.Role, "token")
// redisToken := redis.Client.Get(redis.Ctx, tokenKey)
// if redisToken.Val() == "" {
// log.Println("redis异常", "Token status unauthoriz ed")
// c.JSON(http.StatusUnauthorized, gin.H{"error": "Token status unauthorized"} )
// c.Abort( )
// return
// }
// 检测是否需要验证token时间
if time_verify {
// 判断时间claims.ExpiresAt
if time . Now ( ) . Unix ( ) > claims . ExpiresAt
log . Println ( "token过期, , "Token has expir ed"
c . JSON ( http . StatusUnauthorized , gin . H { "error" : "Token has expired" }
c . Abort (
}
// 将解析后的 Token 存储到上下文中
c . Set ( "Auth" , claims )
