fix bug

conf/new.go

@@ -104,3 +104,19 @@ func CheckIP(ip string) string {
 	}
 	return ip
 }
+
+// 初始化Logger配置
+func InitLoggerConf(cfg *LogConf) *LogConf {
+	if cfg == nil {
+		return &LogConf{
+			Name:     strings.ToLower(vars.ServiceKey),
+			Level:    vars.LogLevel(vars.DEBUG),
+			Dir:      "./logs/",
+			Endpoint: "",
+			Console:  true,
+			File:     true,
+			Remote:   false,
+		}
+	}
+	return cfg
+}

conf/types.go

@@ -1,5 +1,7 @@
 package conf
 
+import "git.apinb.com/bsm-sdk/core/vars"
+
 type Base struct {
 	Service        string   `yaml:"Service"`   // 服务名称
 	Port           string   `yaml:"Port"`      // 服务监听端口,0为自动随机端口
@@ -82,23 +84,12 @@ type WebSocketConf struct {
 	HandshakeTimeout string `yaml:"HandshakeTimeout"`
 }
 
-// LogLevel 日志级别
-type LogLevel int
-
-const (
-	DEBUG LogLevel = iota
-	INFO
-	WARN
-	ERROR
-	FATAL
-)
-
 type LogConf struct {
-	Name     string `yaml:"Name"`
-	Level    LogLevel `yaml:"Level"`
-	Dir      string `yaml:"Dir"`
-	Endpoint string `yaml:"Endpoint"`
-	Console  bool   `yaml:"Console"`
-	File     bool   `yaml:"File"`
-	Remote   bool   `yaml:"Remote"`
+	Name     string        `yaml:"Name"`
+	Level    vars.LogLevel `yaml:"Level"`
+	Dir      string        `yaml:"Dir"`
+	Endpoint string        `yaml:"Endpoint"`
+	Console  bool          `yaml:"Console"`
+	File     bool          `yaml:"File"`
+	Remote   bool          `yaml:"Remote"`
 }

crypto/encipher/encipher.go

@@ -28,7 +28,7 @@ func New(secret string) {
 
 func GenerateTokenAes(id uint, identity, client, role string, owner any, extend map[string]string) (string, error) {
 	if !(JwtSecretLen == 16 || JwtSecretLen == 24 || JwtSecretLen == 32) {
-		return "", errcode.ErrJWTSecretKey
+		return "", errcode.ErrTokenSecretKey
 	}
 	expireTime := time.Now().Add(vars.JwtExpire)
 	claims := types.JwtClaims{
@@ -43,7 +43,7 @@ func GenerateTokenAes(id uint, identity, client, role string, owner any, extend
 
 	byte, err := json.Marshal(claims)
 	if err != nil {
-		return "", errcode.ErrJWTJsonEncode
+		return "", errcode.ErrTokenJsonEncode
 	}
 
 	token, err := AesEncryptCBC(byte)
@@ -59,7 +59,7 @@ func AesEncryptCBC(plan []byte) (string, error) {
 	// NewCipher该函数限制了输入k的长度必须为16, 24或者32
 	block, err := aes.NewCipher(JwtSecret)
 	if err != nil {
-		return "", errcode.ErrJWTSecretKey
+		return "", errcode.ErrTokenSecretKey
 	}
 	// 获取秘钥块的长度
 	blockSize := block.BlockSize()
@@ -76,17 +76,17 @@ func AesEncryptCBC(plan []byte) (string, error) {
 
 func AesDecryptCBC(cryted string) (b []byte, err error) {
 	if (JwtSecretLen == 16 || JwtSecretLen == 24 || JwtSecretLen == 32) == false {
-		return nil, errcode.ErrJWTSecretKey
+		return nil, errcode.ErrTokenSecretKey
 	}
 	// 转成字节数组
 	crytedByte, err := base64.StdEncoding.DecodeString(cryted)
 	if err != nil {
-		return nil, errcode.ErrJWTBase64Decode
+		return nil, errcode.ErrTokenBase64Decode
 	}
 	// 分组秘钥
 	block, err := aes.NewCipher(JwtSecret)
 	if err != nil {
-		return nil, errcode.ErrJWTSecretKey
+		return nil, errcode.ErrTokenSecretKey
 	}
 	// 获取秘钥块的长度
 	blockSize := block.BlockSize()
@@ -99,7 +99,7 @@ func AesDecryptCBC(cryted string) (b []byte, err error) {
 	// 去补全码
 	orig = PKCS7UnPadding(orig, blockSize)
 	if orig == nil {
-		return nil, errcode.ErrJWTAuthParseFail
+		return nil, errcode.ErrTokenAuthParseFail
 	}
 	return orig, nil
 }
@@ -152,12 +152,12 @@ func ParseTokenAes(token string) (*types.JwtClaims, error) {
 	var ac *types.JwtClaims
 	err = json.Unmarshal(data, &ac)
 	if err != nil {
-		return nil, errcode.ErrJWTAuthParseFail
+		return nil, errcode.ErrTokenAuthParseFail
 	}
 
 	expireTime := time.Now().Unix()
 	if expireTime > ac.ExpiresAt {
-		return nil, errcode.ErrJWTAuthExpire
+		return nil, errcode.ErrTokenAuthExpire
 	}
 
 	return ac, nil

crypto/token/jwt.go

@@ -0,0 +1,98 @@
+package token
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"strings"
+	"time"
+
+	"git.apinb.com/bsm-sdk/core/errcode"
+	"git.apinb.com/bsm-sdk/core/vars"
+	"github.com/golang-jwt/jwt/v5"
+)
+
+type Claims struct {
+	ID                   uint              `json:"id"`
+	Identity             string            `json:"identity"`
+	Extend               map[string]string `json:"extend"`
+	Client               string            `json:"client"`
+	Owner                any               `json:"owner"`
+	Role                 string            `json:"role"`
+	jwt.RegisteredClaims                   // v5版本新加的方法
+}
+
+type tokenJwt struct {
+	SecretKey string
+}
+
+func New(secretKey string) *tokenJwt {
+	return &tokenJwt{SecretKey: secretKey}
+}
+
+// 生成JWT
+func (t *tokenJwt) GenerateJwt(id uint, identity, client, role string, owner any, extend map[string]string) (string, error) {
+	keyLen := len(t.SecretKey)
+	if !(keyLen == 16 || keyLen == 24 || keyLen == 32) {
+		return "", errcode.ErrTokenSecretKey
+	}
+
+	now := time.Now()
+
+	claims := Claims{
+		ID:       id,
+		Identity: identity,
+		Client:   client,
+		Extend:   extend,
+		Owner:    owner,
+		Role:     role,
+		RegisteredClaims: jwt.RegisteredClaims{
+			ExpiresAt: jwt.NewNumericDate(now.Add(vars.JwtExpire)), // 过期时间24小时
+			IssuedAt:  jwt.NewNumericDate(now),                     // 签发时间
+			NotBefore: jwt.NewNumericDate(now),                     // 生效时间
+		},
+	}
+	// 使用HS256签名算法
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	s, err := token.SignedString([]byte(t.SecretKey))
+	if err != nil {
+		return "", errcode.String(errcode.ErrTokenGenerate, err.Error())
+	}
+	return s, nil
+}
+
+// 解析JWT
+func (t *tokenJwt) ParseJwt(tokenstring string) (*Claims, error) {
+	token, err := jwt.ParseWithClaims(tokenstring, &Claims{}, func(token *jwt.Token) (interface{}, error) {
+		return []byte(t.SecretKey), nil
+	})
+	if claims, ok := token.Claims.(*Claims); ok && token.Valid {
+		return claims, nil
+	} else {
+		return nil, errcode.String(errcode.ErrTokenParse, err.Error())
+	}
+}
+
+// 验证JWT是否过期
+func (t *tokenJwt) IsExpired(tokenstring string) (bool, error) {
+	// 分割JWT的三个部分
+	parts := strings.Split(tokenstring, ".")
+	if len(parts) != 3 {
+		return true, errcode.ErrTokenDataInvalid
+	}
+
+	// 解码Payload部分
+	payload, err := base64.RawURLEncoding.DecodeString(parts[1])
+	if err != nil {
+		return true, errcode.String(errcode.ErrTokenBase64Decode, err.Error())
+	}
+
+	// 解析JSON
+	var claims jwt.RegisteredClaims
+	if err := json.Unmarshal(payload, &claims); err != nil {
+		return true, errcode.String(errcode.ErrTokenJsonDecode, err.Error())
+	}
+
+	// 检查过期时间
+	currentTime := time.Now().Unix()
+	return claims.ExpiresAt.Unix() < currentTime, nil
+}

database/new.go

@@ -133,3 +133,13 @@ func NewPostgres(dsn []string, options *types.SqlOptions) (gormDb *gorm.DB, err
 
 	return gormDb, nil
 }
+
+// AppendMigrate 调用此函数后，会在数据库初始化时自动迁移表结构
+//
+// - table: 需要自动迁移的表
+func AppendMigrate(table any) {
+	if MigrateTables == nil {
+		MigrateTables = make([]any, 0)
+	}
+	MigrateTables = append(MigrateTables, table)
+}

errcode/errcode.go

@@ -3,14 +3,13 @@
 package errcode
 
 import (
-	"strings"
-
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 )
 
 // HTTP请求头相关错误码，起始码:1000
 var (
+	AllErrors              = make(map[int]string)
 	ErrHeaderRequestId     = NewError(1001, "Header Request-Id Not Found")    // 请求ID头缺失
 	ErrHeaderAuthorization = NewError(1002, "Header Authorization Not Found") // 授权头缺失
 	ErrHeaderSecretKey     = NewError(1003, "Header Secret-Key Not Found")    // 密钥头缺失
@@ -32,18 +31,22 @@ var (
 	ErrRecordNotFound  = NewError(1112, "Record Not Found")        // 记录未找到
 )
 
-// JWT认证相关错误码，起始码:1300
+// Token认证相关错误码，起始码:1300
 var (
-	ErrJWTAuthNotFound     = NewError(1301, "JWT Authorization Not Found")           // JWT授权未找到
-	ErrJWTBase64Decode     = NewError(1302, "JWT Authorization Base64 Decode Error") // JWT Base64解码错误
-	ErrJWTAuthParseFail    = NewError(1303, "JWT Authorization Fail")                // JWT授权解析失败
-	ErrJWTAuthKeyId        = NewError(1304, "JWT Key:Id Incorrect")                  // JWT密钥ID错误
-	ErrJWTAuthKeyIdentity  = NewError(1305, "JWT Key:Identity Incorrect")            // JWT密钥身份错误
-	ErrJWTAuthTokenChanged = NewError(1306, "JWT Authorization Changed")             // JWT授权已变更
-	ErrJWTAuthExpire       = NewError(1307, "JWT Authorization Expire")              // JWT授权已过期
-	ErrJWTJsonDecode       = NewError(1308, "JWT Authorization JSON Decode Error")   // JWT JSON解码错误
-	ErrJWTJsonEncode       = NewError(1309, "JWT Authorization JSON Encode Error")   // JWT JSON编码错误
-	ErrJWTSecretKey        = NewError(1310, "JWT SecretKey Error")                   // JWT密钥错误
+	ErrTokenAuthNotFound      = NewError(1301, "Token Authorization Not Found")           // Token授权未找到
+	ErrTokenDataInvalid       = NewError(1302, "Token Authorization Data Invalid")        // Token授权数据无效
+	ErrTokenBase64Decode      = NewError(1303, "Token Authorization Base64 Decode Error") // Token Base64解码错误
+	ErrTokenAuthParseFail     = NewError(1304, "Token Authorization Fail")                // Token授权解析失败
+	ErrTokenAuthKeyId         = NewError(1305, "Token Key:Id Incorrect")                  // Token密钥ID错误
+	ErrTokenAuthKeyIdentity   = NewError(1306, "Token Key:Identity Incorrect")            // Token密钥身份错误
+	ErrTokenAuthTokenChanged  = NewError(1307, "Token Authorization Changed")             // Token授权已变更
+	ErrTokenAuthExpire        = NewError(1308, "Token Authorization Expire")              // Token授权已过期
+	ErrTokenJsonDecode        = NewError(1309, "Token Authorization JSON Decode Error")   // Token JSON解码错误
+	ErrTokenJsonEncode        = NewError(1310, "Token Authorization JSON Encode Error")   // Token JSON编码错误
+	ErrTokenSecretKey         = NewError(1311, "Token SecretKey Error")                   // Token密钥错误
+	ErrTokenSecretKeyNotFound = NewError(1312, "Token SecretKey Not Found")               // Token密钥未找到
+	ErrTokenGenerate          = NewError(1313, "Generate Token Fail")                     // 生成令牌失败
+	ErrTokenParse             = NewError(1314, "Parse Token Fail")                        // 解析令牌失败
 )
 
 // 基础设施相关错误码，起始码:1500
@@ -81,6 +84,7 @@ var (
 // code: 错误码
 // msg: 错误消息
 func NewError(code int, msg string) error {
+	AllErrors[code] = msg
 	return status.New(codes.Code(code), msg).Err()
 }
 
@@ -88,6 +92,7 @@ func NewError(code int, msg string) error {
 // code: 错误码
 // msg: 错误消息
 func ErrFatal(code int, msg string) error {
+	AllErrors[code] = msg
 	return status.New(codes.Code(code), msg).Err()
 }
 
@@ -95,5 +100,15 @@ func ErrFatal(code int, msg string) error {
 // code: 错误码
 // msg: 错误消息，会自动转换为大写
 func ErrNotFound(code int, msg string) error {
-	return status.New(codes.Code(code), strings.ToUpper(msg)).Err()
+	AllErrors[code] = msg
+	return status.New(codes.Code(code), msg).Err()
+}
+
+// IsErr 检查错误是否与指定的错误匹配
+func IsErr(err, target error) bool {
+	return status.Code(err) == status.Code(target)
+}
+
+func String(err error, msg string) error {
+	return status.New(status.Code(err), err.Error()+", "+msg).Err()
 }

logger/logger.go

@@ -13,11 +13,12 @@ import (
 
 	"git.apinb.com/bsm-sdk/core/conf"
 	"git.apinb.com/bsm-sdk/core/utils"
+	"git.apinb.com/bsm-sdk/core/vars"
 )
 
 // Logger 日志器结构
 type Logger struct {
-	level       conf.LogLevel
+	level       vars.LogLevel
 	infoLogger  *log.Logger
 	warnLogger  *log.Logger
 	errorLogger *log.Logger
@@ -69,7 +70,7 @@ func NewLogger(cfg *conf.LogConf) (*Logger, error) {
 	multiWriter := io.MultiWriter(consoleWriter, fileWriter)
 
 	logger := &Logger{
-		level:         conf.LogLevel(cfg.Level),
+		level:         cfg.Level,
 		fileWriter:    fileWriter,
 		consoleWriter: consoleWriter,
 		logDir:        cfg.Dir,
@@ -152,7 +153,7 @@ func (l *Logger) sendToRemote(level, name, out string) {
 
 // Debug 输出调试信息
 func (l *Logger) Debug(v ...interface{}) {
-	if l.level <= conf.DEBUG {
+	if l.level <= vars.DEBUG {
 		l.checkAndRotateLog()
 		out := fmt.Sprint(v...)
 		if l.onRemote {
@@ -164,7 +165,7 @@ func (l *Logger) Debug(v ...interface{}) {
 
 // Debugf 格式化输出调试信息
 func (l *Logger) Debugf(format string, v ...interface{}) {
-	if l.level <= conf.DEBUG {
+	if l.level <= vars.DEBUG {
 		l.checkAndRotateLog()
 		out := fmt.Sprintf(format, v...)
 		if l.onRemote {
@@ -176,7 +177,7 @@ func (l *Logger) Debugf(format string, v ...interface{}) {
 
 // Info 输出信息
 func (l *Logger) Info(v ...interface{}) {
-	if l.level <= conf.INFO {
+	if l.level <= vars.INFO {
 		l.checkAndRotateLog()
 		out := fmt.Sprint(v...)
 		if l.onRemote {
@@ -188,7 +189,7 @@ func (l *Logger) Info(v ...interface{}) {
 
 // Infof 格式化输出信息
 func (l *Logger) Infof(format string, v ...interface{}) {
-	if l.level <= conf.INFO {
+	if l.level <= vars.INFO {
 		l.checkAndRotateLog()
 		out := fmt.Sprintf(format, v...)
 		if l.onRemote {
@@ -200,7 +201,7 @@ func (l *Logger) Infof(format string, v ...interface{}) {
 
 // Warn 输出警告
 func (l *Logger) Warn(v ...interface{}) {
-	if l.level <= conf.WARN {
+	if l.level <= vars.WARN {
 		l.checkAndRotateLog()
 		out := fmt.Sprint(v...)
 		if l.onRemote {
@@ -212,7 +213,7 @@ func (l *Logger) Warn(v ...interface{}) {
 
 // Warnf 格式化输出警告
 func (l *Logger) Warnf(format string, v ...interface{}) {
-	if l.level <= conf.WARN {
+	if l.level <= vars.WARN {
 		l.checkAndRotateLog()
 		out := fmt.Sprintf(format, v...)
 		if l.onRemote {
@@ -224,7 +225,7 @@ func (l *Logger) Warnf(format string, v ...interface{}) {
 
 // Error 输出错误
 func (l *Logger) Error(v ...interface{}) {
-	if l.level <= conf.ERROR {
+	if l.level <= vars.ERROR {
 		l.checkAndRotateLog()
 		out := fmt.Sprint(v...)
 		if l.onRemote {
@@ -236,7 +237,7 @@ func (l *Logger) Error(v ...interface{}) {
 
 // Errorf 格式化输出错误
 func (l *Logger) Errorf(format string, v ...interface{}) {
-	if l.level <= conf.ERROR {
+	if l.level <= vars.ERROR {
 		l.checkAndRotateLog()
 		out := fmt.Sprintf(format, v...)
 		if l.onRemote {
@@ -284,14 +285,14 @@ func (l *Logger) Println(v ...interface{}) {
 }
 
 // SetLevel 设置日志级别
-func (l *Logger) SetLevel(level conf.LogLevel) {
+func (l *Logger) SetLevel(level vars.LogLevel) {
 	l.mu.Lock()
 	defer l.mu.Unlock()
 	l.level = level
 }
 
 // GetLevel 获取日志级别
-func (l *Logger) GetLevel() conf.LogLevel {
+func (l *Logger) GetLevel() vars.LogLevel {
 	l.mu.RLock()
 	defer l.mu.RUnlock()
 	return l.level

middleware/jwt.go

@@ -6,9 +6,9 @@ import (
 	"encoding/json"
 	"log"
 	"net/http"
-	"time"
 
-	"git.apinb.com/bsm-sdk/core/crypto/encipher"
+	"git.apinb.com/bsm-sdk/core/crypto/token"
+	"git.apinb.com/bsm-sdk/core/env"
 	"git.apinb.com/bsm-sdk/core/errcode"
 	"git.apinb.com/bsm-sdk/core/types"
 	"github.com/gin-gonic/gin"
@@ -27,19 +27,18 @@ func JwtAuth(time_verify bool) gin.HandlerFunc {
 			c.Abort()
 			return
 		}
-		// 提取Token
-		claims, err := encipher.ParseTokenAes(authHeader)
-		if err != nil || claims == nil {
-			log.Printf("提取token异常:%v\n", err)
-			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
-			c.Abort()
-			return
-		}
 
 		// 检测是否需要验证token时间
 		if time_verify {
 			// 判断时间claims.ExpiresAt
-			if time.Now().Unix() > claims.ExpiresAt {
+			isExpire, err := token.New(env.Runtime.JwtSecretKey).IsExpired(authHeader)
+			if err != nil {
+				log.Println("token解析异常:", err)
+				c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
+				c.Abort()
+				return
+			}
+			if isExpire {
 				log.Println("token过期，请重新获取:", "Token has expired")
 				c.JSON(http.StatusUnauthorized, gin.H{"error": "Token has expired"})
 				c.Abort()
@@ -47,6 +46,15 @@ func JwtAuth(time_verify bool) gin.HandlerFunc {
 			}
 		}
 
+		// 提取Token
+		claims, err := token.New(env.Runtime.JwtSecretKey).ParseJwt(authHeader)
+		if err != nil || claims == nil {
+			log.Printf("提取token异常:%v\n", err)
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
+			c.Abort()
+			return
+		}
+
 		// 将解析后的 Token 存储到上下文中
 		c.Set("Auth", claims)
 		// 如果 Token 有效，继续处理请求
@@ -60,8 +68,8 @@ func JwtAuth(time_verify bool) gin.HandlerFunc {
 func ParseAuth(c *gin.Context) (*types.JwtClaims, error) {
 	claims, ok := c.Get("Auth")
 	if !ok {
-		log.Printf("获取登录信息异常: %v", errcode.ErrJWTAuthNotFound)
-		return nil, errcode.ErrJWTAuthNotFound
+		log.Printf("获取登录信息异常: %v", errcode.ErrTokenAuthNotFound)
+		return nil, errcode.ErrTokenAuthNotFound
 	}
 
 	json_claims, err := json.Marshal(claims)

service/meta.go

@@ -3,9 +3,9 @@ package service
 import (
 	"context"
 
-	"git.apinb.com/bsm-sdk/core/crypto/encipher"
+	"git.apinb.com/bsm-sdk/core/crypto/token"
+	"git.apinb.com/bsm-sdk/core/env"
 	"git.apinb.com/bsm-sdk/core/errcode"
-	"git.apinb.com/bsm-sdk/core/types"
 	"git.apinb.com/bsm-sdk/core/utils"
 	"google.golang.org/grpc/metadata"
 )
@@ -16,19 +16,19 @@ type ParseOptions struct {
 	MustPrivateAllow bool   // 是否只允许私有IP访问
 }
 
-func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*types.JwtClaims, error) {
+func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*token.Claims, error) {
 	// 解析metada中的信息并验证
 	md, ok := metadata.FromIncomingContext(ctx)
 	if !ok {
-		return nil, errcode.ErrJWTAuthNotFound
+		return nil, errcode.ErrTokenAuthNotFound
 	}
 
 	var Authorizations []string = md.Get("authorization")
 	if len(Authorizations) == 0 || Authorizations[0] == "" {
-		return nil, errcode.ErrJWTAuthNotFound
+		return nil, errcode.ErrTokenAuthNotFound
 	}
 
-	claims, err := encipher.ParseTokenAes(Authorizations[0])
+	claims, err := token.New(env.Runtime.JwtSecretKey).ParseJwt(Authorizations[0])
 	if err != nil {
 		return nil, err
 	}
@@ -48,7 +48,7 @@ func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*types.JwtClaims, er
 
 }
 
-func checkRole(claims *types.JwtClaims, roleKey, roleValue string) bool {
+func checkRole(claims *token.Claims, roleKey, roleValue string) bool {
 	if roleValue == "" {
 		return true
 	}

vars/logger.go

@@ -0,0 +1,12 @@
+package vars
+
+// LogLevel 日志级别
+type LogLevel int
+
+const (
+	DEBUG LogLevel = iota
+	INFO
+	WARN
+	ERROR
+	FATAL
+)

with/logger.go

@@ -0,0 +1,26 @@
+package with
+
+import (
+	"strings"
+
+	"git.apinb.com/bsm-sdk/core/conf"
+	"git.apinb.com/bsm-sdk/core/logger"
+	"git.apinb.com/bsm-sdk/core/vars"
+)
+
+// 初始化Logger配置
+func Logger(cfg *conf.LogConf) {
+	if cfg == nil {
+		cfg = &conf.LogConf{
+			Name:     strings.ToLower(vars.ServiceKey),
+			Level:    vars.LogLevel(vars.DEBUG),
+			Dir:      "./logs/",
+			Endpoint: "",
+			Console:  true,
+			File:     true,
+			Remote:   false,
+		}
+	}
+
+	logger.InitLogger(cfg)
+}