59 lines
1.4 KiB
Go
59 lines
1.4 KiB
Go
package service
|
|
|
|
import (
|
|
"git.inspur.com/sbg-jszt/cfn/cfn-schedule/internal/model/user"
|
|
"git.inspur.com/sbg-jszt/cfn/cfn-schedule/internal/pkg/auth"
|
|
"git.inspur.com/sbg-jszt/cfn/cfn-schedule/internal/pkg/authen"
|
|
"git.inspur.com/sbg-jszt/cfn/cfn-schedule/pkg/log"
|
|
"github.com/gin-gonic/gin"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
const (
|
|
LoginUserKey = "login-user"
|
|
)
|
|
|
|
func CheckUser(c *gin.Context, rawToken string) *user.UserObj {
|
|
if rawToken == "" {
|
|
log.Errorf("unauthorized access, token not specified")
|
|
return nil
|
|
}
|
|
//todo 临时用
|
|
if rawToken == "mock token" {
|
|
u, _ := user.GetUserByUsername("admin")
|
|
c.Set(LoginUserKey, u)
|
|
return u
|
|
}
|
|
var username string
|
|
rawToken = "Bearer " + rawToken
|
|
ok, bearerToken := authen.JWTAuthorizer.IsBearerToken(rawToken)
|
|
if ok {
|
|
loginInfo, err := auth.Validate(bearerToken)
|
|
|
|
if err != nil {
|
|
if authen.JWTAuthorizer.IsTokenExpired(err) {
|
|
log.Errorf("unauthorized access, bearer token expired")
|
|
return nil
|
|
}
|
|
log.Errorf("validate bearer token failed, %s", err)
|
|
return nil
|
|
}
|
|
username = loginInfo.Username
|
|
} else {
|
|
log.Errorf("validate bearer token failed")
|
|
return nil
|
|
}
|
|
u, err := user.GetUserByUsername(username)
|
|
if err != nil {
|
|
if err == gorm.ErrRecordNotFound {
|
|
log.Errorf("unauthorized access, user not found, %s", username)
|
|
return nil
|
|
}
|
|
log.Errorf("get user from db failed, user %s, %s", username, err)
|
|
return nil
|
|
}
|
|
|
|
c.Set(LoginUserKey, u)
|
|
return u
|
|
}
|