2019-12-08 03:59:58 -05:00
|
|
|
package mygin
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net/http"
|
2019-12-20 10:58:09 -05:00
|
|
|
"strings"
|
2019-12-08 03:59:58 -05:00
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
|
|
2020-11-10 21:07:45 -05:00
|
|
|
"github.com/naiba/nezha/model"
|
2022-01-08 22:54:14 -05:00
|
|
|
"github.com/naiba/nezha/service/singleton"
|
2019-12-08 03:59:58 -05:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type AuthorizeOption struct {
|
|
|
|
|
Guest bool
|
|
|
|
|
Member bool
|
|
|
|
|
IsPage bool
|
2022-05-17 22:10:35 -04:00
|
|
|
AllowAPI bool
|
2019-12-08 03:59:58 -05:00
|
|
|
Msg string
|
|
|
|
|
Redirect string
|
|
|
|
|
Btn string
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func Authorize(opt AuthorizeOption) func(*gin.Context) {
|
|
|
|
|
return func(c *gin.Context) {
|
2021-08-10 08:13:17 -04:00
|
|
|
var code = http.StatusForbidden
|
2019-12-08 03:59:58 -05:00
|
|
|
if opt.Guest {
|
|
|
|
|
code = http.StatusBadRequest
|
|
|
|
|
}
|
2021-01-31 00:37:43 -05:00
|
|
|
|
2019-12-08 03:59:58 -05:00
|
|
|
commonErr := ErrInfo{
|
|
|
|
|
Title: "访问受限",
|
|
|
|
|
Code: code,
|
|
|
|
|
Msg: opt.Msg,
|
|
|
|
|
Link: opt.Redirect,
|
|
|
|
|
Btn: opt.Btn,
|
2019-12-20 10:58:09 -05:00
|
|
|
}
|
2019-12-08 03:59:58 -05:00
|
|
|
var isLogin bool
|
2021-01-17 09:05:59 -05:00
|
|
|
|
2021-01-31 00:37:43 -05:00
|
|
|
// 用户鉴权
|
2022-01-08 22:54:14 -05:00
|
|
|
token, _ := c.Cookie(singleton.Conf.Site.CookieName)
|
2021-01-17 09:05:59 -05:00
|
|
|
token = strings.TrimSpace(token)
|
|
|
|
|
if token != "" {
|
|
|
|
|
var u model.User
|
2022-01-08 22:54:14 -05:00
|
|
|
if err := singleton.DB.Where("token = ?", token).First(&u).Error; err == nil {
|
2021-01-17 09:05:59 -05:00
|
|
|
isLogin = u.TokenExpired.After(time.Now())
|
|
|
|
|
}
|
|
|
|
|
if isLogin {
|
|
|
|
|
c.Set(model.CtxKeyAuthorizedUser, &u)
|
|
|
|
|
}
|
2019-12-08 03:59:58 -05:00
|
|
|
}
|
2021-01-17 09:05:59 -05:00
|
|
|
|
2022-05-16 23:21:27 -04:00
|
|
|
// API鉴权
|
2022-05-17 22:10:35 -04:00
|
|
|
if opt.AllowAPI {
|
|
|
|
|
apiToken := c.GetHeader("Authorization")
|
|
|
|
|
if apiToken != "" {
|
|
|
|
|
var u model.User
|
|
|
|
|
if _, ok := singleton.ApiTokenList[apiToken]; ok {
|
|
|
|
|
err := singleton.DB.First(&u).Where("id = ?", singleton.ApiTokenList[apiToken].UserID).Error
|
|
|
|
|
isLogin = err == nil
|
|
|
|
|
}
|
|
|
|
|
if isLogin {
|
|
|
|
|
c.Set(model.CtxKeyAuthorizedUser, &u)
|
|
|
|
|
c.Set("isAPI", true)
|
|
|
|
|
}
|
2022-05-16 23:21:27 -04:00
|
|
|
}
|
|
|
|
|
}
|
2019-12-08 03:59:58 -05:00
|
|
|
// 已登录且只能游客访问
|
|
|
|
|
if isLogin && opt.Guest {
|
|
|
|
|
ShowErrorPage(c, commonErr, opt.IsPage)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
// 未登录且需要登录
|
|
|
|
|
if !isLogin && opt.Member {
|
|
|
|
|
ShowErrorPage(c, commonErr, opt.IsPage)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
