scrm-go

verify_login_token_service.go 11KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384
  1. package admin_service
  2. import (
  3. "encoding/json"
  4. "io/ioutil"
  5. "net/http"
  6. "net/url"
  7. "strconv"
  8. "time"
  9. "SCRM/models"
  10. "SCRM/service"
  11. "SCRM/service/org_service"
  12. "SCRM/utils"
  13. "github.com/astaxie/beego"
  14. )
  15. type AdminUserInfo struct {
  16. AdminUser *models.AdminUser `json:"user"`
  17. CurrentOrgId int64 `json:"current_org_id"`
  18. CurrentAppId int64 `json:"current_app_id"`
  19. OrgIds []int64 `json:"org_ids"`
  20. Orgs map[int64]*org_service.Org `json:"orgs"`
  21. OrgAppIds map[int64][]int64 `json:"org_app_ids"`
  22. OrgApps map[int64](map[int64]*models.OrgApp) `json:"org_apps"`
  23. App2OrgIds map[int64]int64 `json:"app_to_org_ids"`
  24. AppRoles map[int64]*models.App_Role `json:"app_roles"`
  25. AppPurviews map[int64][]*models.Purview `json:"app_purviews"`
  26. AppUrlfors map[int64][]string `json:"app_urlfors"`
  27. Subscibes map[int64]*models.ServeSubscibe `json:"org_subscibes"`
  28. }
  29. type verifyTokenError struct {
  30. Msg string
  31. }
  32. func (e *verifyTokenError) Error() string {
  33. return e.Msg
  34. }
  35. // 验证 token 成功后返回的管理员用户的所有信息,包括:基本用户信息,所属的所有机构,机构下的所有应用,应用的用户权限
  36. // map 的数据格式为
  37. /*
  38. "admin_user": { AdminUser's json },
  39. current_org_id: 1,
  40. current_app_id: 11,
  41. "org_ids": [1, 2, 3],
  42. "orgs": { (org_id: Org_Obj)
  43. 1: { Org's json },
  44. 2: { Org's json },
  45. },
  46. "org_app_ids": { (org_id: org_app_ids)
  47. 1: [11, 12, 13],
  48. 2: [21, 22, 23],
  49. },
  50. "org_apps": { (org_id: {app_id: OrgApp_Obj})
  51. 1: {
  52. 11: { OrgApp's json },
  53. 12: { OrgApp's json },
  54. },
  55. 2: {
  56. 21: { OrgApp's json },
  57. 22: { OrgApp's json },
  58. },
  59. },
  60. "app_to_org_ids": { (app_id: org_id)
  61. 11: 1,
  62. 12: 1,
  63. 21: 2,
  64. 22: 2,
  65. },
  66. "app_roles": { (app_id: App_Role Obj)
  67. 11: {App_Role's json},
  68. 12: {App_Role's json},
  69. 21: {App_Role's json},
  70. },
  71. "purviews": { (app_id: [processed Purviews' json])
  72. 11: [
  73. {Purview's json .childs[
  74. {Purview's json},
  75. {Purview's json},
  76. ]},
  77. {Purview's json},
  78. ],
  79. 12: [
  80. {Purview's json},
  81. {Purview's json},
  82. ],
  83. },
  84. "purview_urlfors": { (app_id: [url_for])
  85. 11: [
  86. "Controller1.Action1",
  87. "Controller1.Action2",
  88. "Controller2.Action1",
  89. "Controller2.Action2",
  90. ],
  91. }
  92. 应当注意的是,屈服于 Golang 令人恶心的类型机制,这里将所有数值型的 key 或 value 全部转成了 string
  93. */
  94. // 解析用户信息,并返回
  95. func VerifyToken(token string, ip string, sessionID string) (*AdminUserInfo, error, int) {
  96. // if len(sessionID) == 0 {
  97. // return nil, &verifyTokenError{"sessionID 为空"}
  98. // }
  99. ssoDomain := beego.AppConfig.String("sso_domain")
  100. api := ssoDomain + "/verifytoken"
  101. values := make(url.Values)
  102. values.Set("token", token)
  103. values.Set("app_type", "1")
  104. values.Set("ip", ip)
  105. values.Set("session_id", sessionID)
  106. resp, requestErr := http.PostForm(api, values)
  107. if requestErr != nil {
  108. utils.ErrorLog("请求验证 sso token 接口失败: %v", requestErr)
  109. return nil, requestErr, 0
  110. }
  111. defer resp.Body.Close()
  112. body, ioErr := ioutil.ReadAll(resp.Body)
  113. if ioErr != nil {
  114. utils.ErrorLog("验证 sso token 接口返回数据读取失败: %v", ioErr)
  115. return nil, ioErr, 0
  116. }
  117. var respJSON map[string]interface{}
  118. utils.InfoLog(string(body))
  119. if err := json.Unmarshal([]byte(string(body)), &respJSON); err != nil {
  120. utils.ErrorLog("验证 sso token 接口返回数据解析JSON失败: %v", err)
  121. return nil, err, 0
  122. }
  123. if respJSON["state"].(float64) != 1 {
  124. msg := respJSON["msg"].(string)
  125. utils.ErrorLog("验证 sso token 接口请求失败: %v", msg)
  126. return nil, &verifyTokenError{"验证 sso token 接口请求失败"}, int(respJSON["code"].(float64))
  127. } else {
  128. utils.SuccessLog("验证 sso token 成功")
  129. return processAdminUserInfo(respJSON["data"].(map[string]interface{})), nil, 0
  130. }
  131. }
  132. func processAdminUserInfo(data map[string]interface{}) *AdminUserInfo {
  133. adminUser := processAdminUser(data)
  134. currentOrgId, currentAppId := processCurrentOrgIDAndAppID(data)
  135. orgIds := processOrgIds(data)
  136. orgs := processOrgs(data)
  137. orgAppIds := processOrgAppIds(data)
  138. orgApps := processOrgApps(data)
  139. app2OrgIds := processApp2OrgIds(data)
  140. appRoles := processAppRoles(data)
  141. appPurviews := processPurviews(data)
  142. appUrlfors := processPurviewUrlfors(data)
  143. orgSubscibes := processOrgSubscibes(data)
  144. sessionAdminUserInfo := &AdminUserInfo{
  145. AdminUser: adminUser,
  146. CurrentOrgId: currentOrgId,
  147. CurrentAppId: currentAppId,
  148. OrgIds: orgIds,
  149. Orgs: orgs,
  150. OrgAppIds: orgAppIds,
  151. OrgApps: orgApps,
  152. App2OrgIds: app2OrgIds,
  153. AppRoles: appRoles,
  154. AppPurviews: appPurviews,
  155. AppUrlfors: appUrlfors,
  156. Subscibes: orgSubscibes,
  157. }
  158. return sessionAdminUserInfo
  159. }
  160. // "admin_user": { AdminUser's json },
  161. func processAdminUser(data map[string]interface{}) *models.AdminUser {
  162. userJSONStr := data["admin_user"].(string)
  163. var adminUser models.AdminUser
  164. if err := json.Unmarshal([]byte(userJSONStr), &adminUser); err != nil {
  165. utils.ErrorLog("解析用户信息失败:%v", err)
  166. return nil
  167. } else {
  168. return &adminUser
  169. }
  170. }
  171. // current_org_id: 1,
  172. // current_app_id: 11,
  173. func processCurrentOrgIDAndAppID(data map[string]interface{}) (int64, int64) {
  174. orgIDStr := data["current_org_id"].(string)
  175. appIDStr := data["current_app_id"].(string)
  176. orgID, _ := strconv.Atoi(orgIDStr)
  177. appID, _ := strconv.Atoi(appIDStr)
  178. return int64(orgID), int64(appID)
  179. }
  180. // "org_ids": [1, 2, 3],
  181. func processOrgIds(data map[string]interface{}) []int64 {
  182. orgIdStrs := data["org_ids"].([]interface{})
  183. orgIds := make([]int64, 0, len(orgIdStrs))
  184. for _, idstr := range orgIdStrs {
  185. id, _ := strconv.Atoi(idstr.(string))
  186. orgIds = append(orgIds, int64(id))
  187. }
  188. return orgIds
  189. }
  190. // "orgs": { (org_id: Org_Obj)
  191. // 1: { Org's json },
  192. // 2: { Org's json },
  193. // },
  194. func processOrgs(data map[string]interface{}) map[int64]*org_service.Org {
  195. orgJSONs := data["orgs"].(map[string]interface{})
  196. orgs := make(map[int64]*org_service.Org)
  197. for orgIdStr, orgJSON := range orgJSONs {
  198. orgId, _ := strconv.Atoi(orgIdStr)
  199. var org org_service.Org
  200. json.Unmarshal([]byte(orgJSON.(string)), &org)
  201. orgs[int64(orgId)] = &org
  202. }
  203. return orgs
  204. }
  205. // "org_app_ids": { (org_id: org_app_ids)
  206. // 1: [11, 12, 13],
  207. // 2: [21, 22, 23],
  208. // },
  209. func processOrgAppIds(data map[string]interface{}) map[int64][]int64 {
  210. orgAppIdStrs := data["org_app_ids"].(map[string]interface{})
  211. orgAppIds := make(map[int64][]int64)
  212. for orgIdStr, appIdStrs := range orgAppIdStrs {
  213. orgId, _ := strconv.Atoi(orgIdStr)
  214. appIds := make([]int64, 0, len(appIdStrs.([]interface{})))
  215. for _, appIdStr := range appIdStrs.([]interface{}) {
  216. appId, _ := strconv.Atoi(appIdStr.(string))
  217. appIds = append(appIds, int64(appId))
  218. }
  219. orgAppIds[int64(orgId)] = appIds
  220. }
  221. return orgAppIds
  222. }
  223. // "org_apps": { (org_id: {app_id: OrgApp_Obj})
  224. // 1: {
  225. // 11: { OrgApp's json },
  226. // 12: { OrgApp's json },
  227. // },
  228. // 2: {
  229. // 21: { OrgApp's json },
  230. // 22: { OrgApp's json },
  231. // },
  232. // },
  233. func processOrgApps(data map[string]interface{}) map[int64]map[int64]*models.OrgApp {
  234. orgAppJSONs := data["org_apps"].(map[string]interface{})
  235. orgApps := make(map[int64]map[int64]*models.OrgApp)
  236. for orgIdStr, appJSONStrMap := range orgAppJSONs {
  237. orgId, _ := strconv.Atoi(orgIdStr)
  238. apps := make(map[int64]*models.OrgApp)
  239. for appIdStr, appJSONStr := range appJSONStrMap.(map[string]interface{}) {
  240. appId, _ := strconv.Atoi(appIdStr)
  241. var app models.OrgApp
  242. json.Unmarshal([]byte(appJSONStr.(string)), &app)
  243. apps[int64(appId)] = &app
  244. }
  245. orgApps[int64(orgId)] = apps
  246. }
  247. return orgApps
  248. }
  249. // "app_to_org_ids": { (app_id: org_id)
  250. // 11: 1,
  251. // 12: 1,
  252. // 21: 2,
  253. // 22: 2,
  254. // },
  255. func processApp2OrgIds(data map[string]interface{}) map[int64]int64 {
  256. app2OrgIdStrs := data["app_to_org_ids"].(map[string]interface{})
  257. app2OrgIds := make(map[int64]int64)
  258. for appIdStr, orgIdStr := range app2OrgIdStrs {
  259. orgId, _ := strconv.Atoi(orgIdStr.(string))
  260. appId, _ := strconv.Atoi(appIdStr)
  261. app2OrgIds[int64(appId)] = int64(orgId)
  262. }
  263. return app2OrgIds
  264. }
  265. // "app_roles": { (app_id: App_Role Obj)
  266. // 11: {App_Role's json},
  267. // 12: {App_Role's json},
  268. // 21: {App_Role's json},
  269. // },
  270. func processAppRoles(data map[string]interface{}) map[int64]*models.App_Role {
  271. appRoleJSONs := data["app_roles"].(map[string]interface{})
  272. appRoles := make(map[int64]*models.App_Role)
  273. for appIDStr, appRoleJSON := range appRoleJSONs {
  274. appID, _ := strconv.Atoi(appIDStr)
  275. var appRole models.App_Role
  276. json.Unmarshal([]byte(appRoleJSON.(string)), &appRole)
  277. appRoles[int64(appID)] = &appRole
  278. }
  279. return appRoles
  280. }
  281. // "purviews": { (app_id: [processed Purviews' json])
  282. // 11: [
  283. // {Purview's json .childs[
  284. // {Purview's json},
  285. // {Purview's json},
  286. // ]},
  287. // {Purview's json},
  288. // ],
  289. // 12: [
  290. // {Purview's json},
  291. // {Purview's json},
  292. // ],
  293. // },
  294. func processPurviews(data map[string]interface{}) map[int64][]*models.Purview {
  295. appPurviewJSONsStrs := data["purviews"].(map[string]interface{})
  296. appPurviews := make(map[int64][]*models.Purview)
  297. for appIdStr, purviewJSONsStr := range appPurviewJSONsStrs {
  298. appId, _ := strconv.Atoi(appIdStr)
  299. var purviews []*models.Purview
  300. json.Unmarshal([]byte(purviewJSONsStr.(string)), &purviews)
  301. // setLinkForPurviews(purviews)
  302. appPurviews[int64(appId)] = purviews
  303. }
  304. return appPurviews
  305. }
  306. // func setLinkForPurviews(purviews []*models.Purview) {
  307. // for _, purview := range purviews {
  308. // if len(purview.Urlfor) == 0 {
  309. // purview.Link = ""
  310. // } else {
  311. // purview.Link = beego.URLFor(purview.Urlfor)
  312. // }
  313. // if purview.Childs == nil {
  314. // purview.Childs = make([]*models.Purview, 0)
  315. // } else {
  316. // setLinkForPurviews(purview.Childs)
  317. // }
  318. // // utils.TraceLog("%+v", purview)
  319. // }
  320. // }
  321. // "purview_urlfors": { (app_id: [url_for])
  322. // 11: [
  323. // "Controller1.Action1",
  324. // "Controller1.Action2",
  325. // "Controller2.Action1",
  326. // "Controller2.Action2",
  327. // ],
  328. // }
  329. func processPurviewUrlfors(data map[string]interface{}) map[int64][]string {
  330. appUrlforsStrs := data["purview_urlfors"].(map[string]interface{})
  331. appUrlfors := make(map[int64][]string)
  332. for appIdStr, urlforsStr := range appUrlforsStrs {
  333. appId, _ := strconv.Atoi(appIdStr)
  334. var urlfors []string
  335. json.Unmarshal([]byte(urlforsStr.(string)), &urlfors)
  336. appUrlfors[int64(appId)] = urlfors
  337. }
  338. return appUrlfors
  339. }
  340. // "org_subscibes": { (org_id: ServeSubscibe)
  341. // 11: {ServeSubscibe's json}
  342. // },
  343. func processOrgSubscibes(data map[string]interface{}) map[int64]*models.ServeSubscibe {
  344. subscibeJSONs := data["org_subscibes"].(map[string]interface{})
  345. subscibes := make(map[int64]*models.ServeSubscibe)
  346. for orgIDStr, subscibeJSON := range subscibeJSONs {
  347. orgID, _ := strconv.Atoi(orgIDStr)
  348. var subscibe models.ServeSubscibe
  349. json.Unmarshal([]byte(subscibeJSON.(string)), &subscibe)
  350. subscibes[int64(orgID)] = &subscibe
  351. }
  352. return subscibes
  353. }
  354. func ModifyPassword(adminID int64, password string) error {
  355. err := service.UserWriteDB().Model(&models.AdminUser{}).Where("id = ? AND status = 1", adminID).Updates(map[string]interface{}{"password": password, "mtime": time.Now().Unix()}).Error
  356. return err
  357. }