package Auth import ( "github.com/aarongao/tools" "github.com/gin-gonic/gin" "github.com/pkg/errors" "letu/DB" "letu/Lib/JWT" ) // 系统中所有模块 var Models = make(map[string][]string) // @Title 所有模块信息 // @Description 模块管理 - 所有模块信息 // @Accept json // @Produce json // @Success 200 {object} tools.ResponseSeccess "" // @Failure 500 {object} tools.ResponseError "{"errcode":1,"errmsg":"错误原因"}" // @Router /AllModules? [get] func Modules(c *gin.Context) { c.Header("Access-Control-Allow-Origin", c.Request.Header.Get("Origin")) c.Header("Access-Control-Allow-Credentials", "true") rs := []string{} for k, _ := range Models { rs = append(rs, k) } c.JSON(200, tools.ResponseSeccess{ 0, rs, }) } // 检查基础权限 func CheckAuthFunc(handFunc func(c *gin.Context), auth *DB.SModel) func(c *gin.Context) { return func(c *gin.Context) { if auth.Model == "" { handFunc(c) return } token := "" if c.Request.Method == "GET" { token = c.Query("Token") } if c.Request.Method == "POST" { token = c.PostForm("Token") } if token == "" { token = c.Request.Header.Get("Token") } // 解析token user, err := JWT.ParseToken(token) if user.UserType == "root" { c.Set("UserInfo", user) handFunc(c) return } // 检查权限 checkAuth := false for _, v := range user.Auth { if v == auth.Model { checkAuth = true break } } if err != nil || checkAuth == false { c.JSON(200, tools.ResponseError{ 401, "没有权限", }) } else { c.Set("UserInfo", user) handFunc(c) } } } func CheckScenicAuth(ScenicId string, user *DB.SMember) error { if ScenicId == "" { return errors.New("景区id不能为空") } if user.UserType == "operator" { if user.ScenicId != ScenicId { return errors.New("权限不正确(需要正确的Token和ScenicId)") } } return nil }