Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
csx
/
gdyb
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Pull Requests 0 Wydania 0 Wiki Aktywność
225 Commity
1 Gałęzie
Drzewo: 54b374c556
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '54b374c556'
${ noResults }
gdyb/service/verify_login_token_service.go

verify_login_token_service.go 13KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435 
  1. package service

  2. 

  3. import (

  4. 	"encoding/json"

  5. 	"github.com/jinzhu/gorm"

  6. 	"io/ioutil"

  7. 	"net/http"

  8. 	"net/url"

  9. 	"strconv"

  10. 	"time"

  11. 

  12. 	"gdyb/models"

  13. 	"gdyb/utils"

  14. 

  15. 	"fmt"

  16. 	"github.com/astaxie/beego"

  17. )

  18. 

  19. type AdminUserInfo struct {

  20. 	AdminUser    *models.AdminUser                    `json:"user"`

  21. 	CurrentOrgId int64                                `json:"current_org_id"`

  22. 	CurrentAppId int64                                `json:"current_app_id"`

  23. 	OrgIds       []int64                              `json:"org_ids"`

  24. 	Orgs         map[int64]*models.Org                `json:"orgs"`

  25. 	OrgAppIds    map[int64][]int64                    `json:"org_app_ids"`

  26. 	OrgApps      map[int64](map[int64]*models.OrgApp) `json:"org_apps"`

  27. 	App2OrgIds   map[int64]int64                      `json:"app_to_org_ids"`

  28. 	AppRoles     map[int64]*models.App_Role           `json:"app_roles"`

  29. 	AppPurviews  map[int64][]*models.Purview          `json:"app_purviews"`

  30. 	AppUrlfors   map[int64][]string                   `json:"app_urlfors"`

  31. }

  32. 

  33. type verifyTokenError struct {

  34. 	Msg string

  35. }

  36. 

  37. func (e *verifyTokenError) Error() string {

  38. 	return e.Msg

  39. }

  40. 

  41. // 验证 token 成功后返回的管理员用户的所有信息,包括:基本用户信息,所属的所有机构,机构下的所有应用,应用的用户权限

  42. // map 的数据格式为

  43. /*

  44. "admin_user": { AdminUser's json },

  45. current_org_id: 1,

  46. current_app_id: 11,

  47. "org_ids": [1, 2, 3],

  48. "orgs": { (org_id: Org_Obj)

  49. 	1: { Org's json },

  50. 	2: { Org's json },

  51. },

  52. "org_app_ids": { (org_id: org_app_ids)

  53. 	1: [11, 12, 13],

  54. 	2: [21, 22, 23],

  55. },

  56. "org_apps": { (org_id: {app_id: OrgApp_Obj})

  57. 	1: {

  58. 		11: { OrgApp's json },

  59. 		12: { OrgApp's json },

  60. 	},

  61. 	2: {

  62. 		21: { OrgApp's json },

  63. 		22: { OrgApp's json },

  64. 	},

  65. },

  66. "app_to_org_ids": { (app_id: org_id)

  67. 	11: 1,

  68. 	12: 1,

  69. 	21: 2,

  70. 	22: 2,

  71. },

  72. "app_roles": { (app_id: App_Role Obj)

  73. 	11: {App_Role's json},

  74. 	12: {App_Role's json},

  75. 	21: {App_Role's json},

  76. },

  77. "purviews": { (app_id: [processed Purviews' json])

  78. 	11: [

  79. 		{Purview's json .childs[

  80. 			{Purview's json},

  81. 			{Purview's json},

  82. 		]},

  83. 		{Purview's json},

  84. 	],

  85. 	12: [

  86. 		{Purview's json},

  87. 		{Purview's json},

  88. 	],

  89. },

  90. "purview_urlfors": { (app_id: [url_for])

  91. 	11: [

  92. 		"Controller1.Action1",

  93. 		"Controller1.Action2",

  94. 		"Controller2.Action1",

  95. 		"Controller2.Action2",

  96. 	],

  97. }

  98. 应当注意的是,屈服于 Golang 令人恶心的类型机制,这里将所有数值型的 key 或 value 全部转成了 string

  99. */

  100. // 解析用户信息,并返回

  101. func VerifyToken(token string, ip string, sessionID string) (*AdminUserInfo, error, int) {

  102. 	// if len(sessionID) == 0 {

  103. 	// 	return nil, &verifyTokenError{"sessionID 为空"}

  104. 	// }

  105. 	ssoDomain := beego.AppConfig.String("sso_domain")

  106. 	api := ssoDomain + "/verifytoken"

  107. 	values := make(url.Values)

  108. 

  109. 	values.Set("token", token)

  110. 	values.Set("app_type", "3")

  111. 	values.Set("ip", ip)

  112. 	values.Set("session_id", sessionID)

  113. 

  114. 	resp, requestErr := http.PostForm(api, values)

  115. 	if requestErr != nil {

  116. 		utils.ErrorLog("请求验证 sso token 接口失败: %v", requestErr)

  117. 		return nil, requestErr, 0

  118. 	}

  119. 	defer resp.Body.Close()

  120. 	body, ioErr := ioutil.ReadAll(resp.Body)

  121. 	if ioErr != nil {

  122. 		utils.ErrorLog("验证 sso token 接口返回数据读取失败: %v", ioErr)

  123. 		return nil, ioErr, 0

  124. 	}

  125. 	var respJSON map[string]interface{}

  126. 

  127. 	if err := json.Unmarshal([]byte(string(body)), &respJSON); err != nil {

  128. 		utils.ErrorLog("验证 sso token 接口返回数据解析JSON失败: %v", err)

  129. 		return nil, err, 0

  130. 	}

  131. 

  132. 

  133. 	if respJSON["state"].(float64) != 1 {

  134. 		msg := respJSON["msg"].(string)

  135. 		utils.ErrorLog("验证 sso token 接口请求失败: %v", msg)

  136. 		return nil, &verifyTokenError{"验证 sso token 接口请求失败"}, int(respJSON["code"].(float64))

  137. 	} else {

  138. 		utils.SuccessLog("验证 sso token 成功")

  139. 		return processAdminUserInfo(respJSON["data"].(map[string]interface{})), nil, 0

  140. 	}

  141. }

  142. 

  143. func processAdminUserInfo(data map[string]interface{}) *AdminUserInfo {

  144. 	adminUser := processAdminUser(data)

  145. 	currentOrgId, currentAppId := processCurrentOrgIDAndAppID(data)

  146. 	orgIds := processOrgIds(data)

  147. 	orgs := processOrgs(data)

  148. 	orgAppIds := processOrgAppIds(data)

  149. 	orgApps := processOrgApps(data)

  150. 	//app2OrgIds := processApp2OrgIds(data)

  151. 	appRoles := processAppRoles(data)

  152. 	appPurviews := processPurviews(data)

  153. 	appUrlfors := processPurviewUrlfors(data)

  154. 	//orgSubscibes := processOrgSubscibes(data)

  155. 	sessionAdminUserInfo := &AdminUserInfo{

  156. 		AdminUser:    adminUser,

  157. 		CurrentOrgId: currentOrgId,

  158. 		CurrentAppId: currentAppId,

  159. 		OrgIds:       orgIds,

  160. 		Orgs:         orgs,

  161. 		OrgAppIds:    orgAppIds,

  162. 		OrgApps:      orgApps,

  163. 		//App2OrgIds:   app2OrgIds,

  164. 		AppRoles:    appRoles,

  165. 		AppPurviews: appPurviews,

  166. 		AppUrlfors:  appUrlfors,

  167. 		//Subscibes:    orgSubscibes,

  168. 	}

  169. 	return sessionAdminUserInfo

  170. }

  171. 

  172. // "admin_user": { AdminUser's json },

  173. func processAdminUser(data map[string]interface{}) *models.AdminUser {

  174. 	userJSONStr := data["admin_user"].(string)

  175. 	var adminUser models.AdminUser

  176. 	if err := json.Unmarshal([]byte(userJSONStr), &adminUser); err != nil {

  177. 		utils.ErrorLog("解析用户信息失败:%v", err)

  178. 		return nil

  179. 	} else {

  180. 		return &adminUser

  181. 	}

  182. }

  183. 

  184. // current_org_id: 1,

  185. // current_app_id: 11,

  186. func processCurrentOrgIDAndAppID(data map[string]interface{}) (int64, int64) {

  187. 	orgIDStr := data["current_org_id"].(string)

  188. 	appIDStr := data["current_app_id"].(string)

  189. 	orgID, _ := strconv.Atoi(orgIDStr)

  190. 	appID, _ := strconv.Atoi(appIDStr)

  191. 	return int64(orgID), int64(appID)

  192. }

  193. 

  194. // "org_ids": [1, 2, 3],

  195. func processOrgIds(data map[string]interface{}) []int64 {

  196. 	orgIdStrs := data["org_ids"].([]interface{})

  197. 	orgIds := make([]int64, 0, len(orgIdStrs))

  198. 	for _, idstr := range orgIdStrs {

  199. 		id, _ := strconv.Atoi(idstr.(string))

  200. 		orgIds = append(orgIds, int64(id))

  201. 	}

  202. 	return orgIds

  203. }

  204. 

  205. // "orgs": { (org_id: Org_Obj)

  206. // 	1: { Org's json },

  207. // 	2: { Org's json },

  208. // },

  209. func processOrgs(data map[string]interface{}) map[int64]*models.Org {

  210. 	orgJSONs := data["orgs"].(map[string]interface{})

  211. 	orgs := make(map[int64]*models.Org)

  212. 	for orgIdStr, orgJSON := range orgJSONs {

  213. 		orgId, _ := strconv.Atoi(orgIdStr)

  214. 		var org models.Org

  215. 		json.Unmarshal([]byte(orgJSON.(string)), &org)

  216. 		orgs[int64(orgId)] = &org

  217. 	}

  218. 	return orgs

  219. }

  220. 

  221. // "org_app_ids": { (org_id: org_app_ids)

  222. // 	1: [11, 12, 13],

  223. // 	2: [21, 22, 23],

  224. // },

  225. func processOrgAppIds(data map[string]interface{}) map[int64][]int64 {

  226. 	orgAppIdStrs := data["org_app_ids"].(map[string]interface{})

  227. 	orgAppIds := make(map[int64][]int64)

  228. 	for orgIdStr, appIdStrs := range orgAppIdStrs {

  229. 		orgId, _ := strconv.Atoi(orgIdStr)

  230. 		appIds := make([]int64, 0, len(appIdStrs.([]interface{})))

  231. 		for _, appIdStr := range appIdStrs.([]interface{}) {

  232. 			appId, _ := strconv.Atoi(appIdStr.(string))

  233. 			appIds = append(appIds, int64(appId))

  234. 		}

  235. 		orgAppIds[int64(orgId)] = appIds

  236. 	}

  237. 	return orgAppIds

  238. }

  239. 

  240. // "org_apps": { (org_id: {app_id: OrgApp_Obj})

  241. // 	1: {

  242. // 		11: { OrgApp's json },

  243. // 		12: { OrgApp's json },

  244. // 	},

  245. // 	2: {

  246. // 		21: { OrgApp's json },

  247. // 		22: { OrgApp's json },

  248. // 	},

  249. // },

  250. func processOrgApps(data map[string]interface{}) map[int64]map[int64]*models.OrgApp {

  251. 	orgAppJSONs := data["org_apps"].(map[string]interface{})

  252. 	orgApps := make(map[int64]map[int64]*models.OrgApp)

  253. 	for orgIdStr, appJSONStrMap := range orgAppJSONs {

  254. 		orgId, _ := strconv.Atoi(orgIdStr)

  255. 

  256. 		apps := make(map[int64]*models.OrgApp)

  257. 		for appIdStr, appJSONStr := range appJSONStrMap.(map[string]interface{}) {

  258. 			appId, _ := strconv.Atoi(appIdStr)

  259. 

  260. 			var app models.OrgApp

  261. 			json.Unmarshal([]byte(appJSONStr.(string)), &app)

  262. 			apps[int64(appId)] = &app

  263. 		}

  264. 

  265. 		orgApps[int64(orgId)] = apps

  266. 	}

  267. 	return orgApps

  268. }

  269. 

  270. // "app_to_org_ids": { (app_id: org_id)

  271. // 	11: 1,

  272. // 	12: 1,

  273. // 	21: 2,

  274. // 	22: 2,

  275. // },

  276. func processApp2OrgIds(data map[string]interface{}) map[int64]int64 {

  277. 	app2OrgIdStrs := data["app_to_org_ids"].(map[string]interface{})

  278. 	app2OrgIds := make(map[int64]int64)

  279. 	for appIdStr, orgIdStr := range app2OrgIdStrs {

  280. 		orgId, _ := strconv.Atoi(orgIdStr.(string))

  281. 		appId, _ := strconv.Atoi(appIdStr)

  282. 		app2OrgIds[int64(appId)] = int64(orgId)

  283. 	}

  284. 	return app2OrgIds

  285. }

  286. 

  287. // "app_roles": { (app_id: App_Role Obj)

  288. // 	11: {App_Role's json},

  289. // 	12: {App_Role's json},

  290. // 	21: {App_Role's json},

  291. // },

  292. func processAppRoles(data map[string]interface{}) map[int64]*models.App_Role {

  293. 	appRoleJSONs := data["app_roles"].(map[string]interface{})

  294. 	appRoles := make(map[int64]*models.App_Role)

  295. 	for appIDStr, appRoleJSON := range appRoleJSONs {

  296. 		appID, _ := strconv.Atoi(appIDStr)

  297. 		var appRole models.App_Role

  298. 		json.Unmarshal([]byte(appRoleJSON.(string)), &appRole)

  299. 		appRoles[int64(appID)] = &appRole

  300. 	}

  301. 	return appRoles

  302. }

  303. 

  304. // "purviews": { (app_id: [processed Purviews' json])

  305. // 	11: [

  306. // 		{Purview's json .childs[

  307. // 			{Purview's json},

  308. // 			{Purview's json},

  309. // 		]},

  310. // 		{Purview's json},

  311. // 	],

  312. // 	12: [

  313. // 		{Purview's json},

  314. // 		{Purview's json},

  315. // 	],

  316. // },

  317. func processPurviews(data map[string]interface{}) map[int64][]*models.Purview {

  318. 	appPurviewJSONsStrs := data["purviews"].(map[string]interface{})

  319. 	appPurviews := make(map[int64][]*models.Purview)

  320. 	for appIdStr, purviewJSONsStr := range appPurviewJSONsStrs {

  321. 		appId, _ := strconv.Atoi(appIdStr)

  322. 		var purviews []*models.Purview

  323. 		json.Unmarshal([]byte(purviewJSONsStr.(string)), &purviews)

  324. 		// setLinkForPurviews(purviews)

  325. 		appPurviews[int64(appId)] = purviews

  326. 	}

  327. 	return appPurviews

  328. }

  329. 

  330. // func setLinkForPurviews(purviews []*models.Purview) {

  331. // 	for _, purview := range purviews {

  332. // 		if len(purview.Urlfor) == 0 {

  333. // 			purview.Link = ""

  334. // 		} else {

  335. // 			purview.Link = beego.URLFor(purview.Urlfor)

  336. // 		}

  337. // 		if purview.Childs == nil {

  338. // 			purview.Childs = make([]*models.Purview, 0)

  339. // 		} else {

  340. // 			setLinkForPurviews(purview.Childs)

  341. // 		}

  342. // 		// utils.TraceLog("%+v", purview)

  343. // 	}

  344. // }

  345. 

  346. // "purview_urlfors": { (app_id: [url_for])

  347. // 	11: [

  348. // 		"Controller1.Action1",

  349. // 		"Controller1.Action2",

  350. // 		"Controller2.Action1",

  351. // 		"Controller2.Action2",

  352. // 	],

  353. // }

  354. func processPurviewUrlfors(data map[string]interface{}) map[int64][]string {

  355. 	appUrlforsStrs := data["purview_urlfors"].(map[string]interface{})

  356. 	appUrlfors := make(map[int64][]string)

  357. 	for appIdStr, urlforsStr := range appUrlforsStrs {

  358. 		appId, _ := strconv.Atoi(appIdStr)

  359. 		var urlfors []string

  360. 		json.Unmarshal([]byte(urlforsStr.(string)), &urlfors)

  361. 		appUrlfors[int64(appId)] = urlfors

  362. 	}

  363. 	return appUrlfors

  364. }

  365. 

  366. func ModifyPassword(adminID int64, password string) error {

  367. 	err := writeUserDb.Model(&models.AdminUser{}).Where("id = ? AND status = 1", adminID).Updates(map[string]interface{}{"password": password, "mtime": time.Now().Unix()}).Error

  368. 	return err

  369. }

  370. 

  371. func GetPurviewById(ids string) ([]*models.Purview, error) {

  372. 	var originPurviews []*models.Purview

  373. 	getPurviewErr := readUserDb.Model(&models.Purview{}).Where(fmt.Sprintf("id in (%v) and status = 1", ids)).Order("listorder asc").Order("id asc").Find(&originPurviews).Error

  374. 	return originPurviews, getPurviewErr

  375. }

  376. 

  377. func FindAdminUserIDA(id int64) (role models.App_Role, err error) {

  378. 	err = readUserDb.Model(&models.App_Role{}).Where("id = ?", id).First(&role).Error

  379. 	return

  380. }

  381. 

  382. func GetSuperAdminUsersPurviewTreeAndUrlfors(appType int) ([]string, []*models.Purview, error) {

  383. 	originPurviews, getPurviewErr := getAllOriginPurviews(appType)

  384. 	if getPurviewErr != nil {

  385. 		return nil, nil, getPurviewErr

  386. 	}

  387. 	urlfors, processedPurviews := getUrlforsAndProcessPurviews2Tree(originPurviews)

  388. 	return urlfors, processedPurviews, nil

  389. }

  390. 

  391. // 加工这些规则:树形化;以及从中取出不为空的 urlfor

  392. // 正确结果的前提是 originPurviews 以 parentid asc 排好序了的

  393. func getUrlforsAndProcessPurviews2Tree(originPurviews []*models.Purview) ([]string, []*models.Purview) {

  394. 	processedPurviews := make([]*models.Purview, 0)

  395. 	pid_childs := make(map[int][]*models.Purview)

  396. 	urlfors := make([]string, 0, len(originPurviews))

  397. 	for _, purview := range originPurviews {

  398. 		if len(purview.Urlfor) != 0 {

  399. 			urlfors = append(urlfors, purview.Urlfor)

  400. 		}

  401. 

  402. 		// warning:下面这个算法只适用最多两层树形结构的菜单,对于两层以上的会丢失掉第三层及其以下的节点

  403. 		// 因为取出 originPurviews 的时候已经排过序了,所以顶级节点肯定最先处理,不需要担心子节点比父节点先处理

  404. 		if purview.Parentid == 0 {

  405. 			processedPurviews = append(processedPurviews, purview)

  406. 		} else {

  407. 			childs := pid_childs[int(purview.Parentid)]

  408. 			if pid_childs[int(purview.Parentid)] == nil {

  409. 				childs = make([]*models.Purview, 0)

  410. 			}

  411. 			childs = append(childs, purview)

  412. 			pid_childs[int(purview.Parentid)] = childs

  413. 		}

  414. 	}

  415. 

  416. 	for _, proPurview := range processedPurviews {

  417. 		proPurview.Childs = pid_childs[int(proPurview.Id)]

  418. 	}

  419. 

  420. 	return urlfors, processedPurviews

  421. }

  422. 

  423. func getAllOriginPurviews(appType int) ([]*models.Purview, error) {

  424. 	var purviews []*models.Purview

  425. 	getPurviewErr := readUserDb.Model(models.Purview{}).Where("module = ? AND status = 1", appType).Order("listorder asc").Order("id asc").Find(&purviews).Error

  426. 	if getPurviewErr != nil {

  427. 		if getPurviewErr == gorm.ErrRecordNotFound {

  428. 			return nil, nil

  429. 		} else {

  430. 			return nil, getPurviewErr

  431. 		}

  432. 	}

  433. 	return purviews, nil

  434. }