Auth.go
2.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
package Auth
import (
"github.com/aarongao/tools"
"github.com/gin-gonic/gin"
"github.com/pkg/errors"
"go.mongodb.org/mongo-driver/bson/primitive"
"letu/DB"
"letu/Lib/JWT"
"letu/Lib/LeYouTu"
"letu/Lib/OperatorLog"
)
// 系统中所有模块
var Models = make(map[string][]string)
// @Title 所有模块信息
// @Description 模块管理 - 所有模块信息
// @Accept json
// @Produce json
// @Success 200 {object} tools.ResponseSeccess ""
// @Failure 500 {object} tools.ResponseError "{"errcode":1,"errmsg":"错误原因"}"
// @Router /AllModules? [get]
func Modules(c *gin.Context) {
c.Header("Access-Control-Allow-Origin", c.Request.Header.Get("Origin"))
c.Header("Access-Control-Allow-Credentials", "true")
rs := []string{}
for k, _ := range Models {
rs = append(rs, k)
}
c.JSON(200, tools.ResponseSeccess{
0,
rs,
})
}
// 检查基础权限
func CheckAuthFunc(handFunc func(c *gin.Context), auth *DB.SModel) func(c *gin.Context) {
return func(c *gin.Context) {
if auth.Model == "" {
handFunc(c)
return
}
token := ""
if c.Request.Method == "GET" {
token = c.Query("Token")
}
if c.Request.Method == "POST" {
token = c.PostForm("Token")
}
if token == "" {
token = c.Request.Header.Get("Token")
}
if token == "" {
c.JSON(200, tools.ResponseError{
1,
"缺少Token",
})
return
}
// 解析token
user, err := JWT.ParseToken(token)
if user.UserType == "root" {
c.Set("UserInfo", user)
handFunc(c)
return
}
// 检查权限
checkAuth := false
for _, v := range user.Auth {
if v == auth.Model {
checkAuth = true
break
}
}
if err != nil || checkAuth == false {
c.JSON(200, tools.ResponseError{
401,
"没有权限",
})
} else {
c.Set("UserInfo", user)
handFunc(c)
if auth.Model != "操作员日志"{
go func() {
ScenicId, _ := LeYouTu.GetScenicId(c)
OperatorLog.CreateOperatorLog(ScenicId, user, auth, c.Request.RequestURI, c.Request.Form)
}()
}
}
}
}
func CheckScenicAuth(ScenicId string, user *DB.SMember) error {
if ScenicId == "" {
return errors.New("景区id不能为空")
}
_, err := primitive.ObjectIDFromHex(ScenicId)
if err != nil {
return errors.New("景区id格式不正确")
}
if user.UserType == "operator" {
if user.ScenicId != ScenicId {
return errors.New("权限不正确(需要正确的Token和ScenicId)")
}
}
return nil
}
func CheckUserAuth(UserId string, user *DB.SMember) error {
if UserId == "" {
return errors.New("用户id不能为空")
}
_, err := primitive.ObjectIDFromHex(UserId)
if err != nil {
return errors.New("用户id格式不正确")
}
if user.UserType == "visitor" {
if UserId != user.Id.Hex() {
return errors.New("权限不正确(需要正确的Token和UserId)")
}
}
return nil
}