finclip-app-manager/vendor/gitlab.finogeeks.club/finclip-backend/mop-middleware-auth/auth.go

136 lines
3.2 KiB
Go
Raw Normal View History

2023-11-02 18:36:36 +08:00
package mop_middleware_auth
import (
"context"
"fmt"
"net/http"
"time"
"github.com/gin-gonic/gin"
"gitlab.finogeeks.club/finclip-backend/mop-middleware-auth/config"
"gitlab.finogeeks.club/finclip-backend/mop-middleware-auth/grpc"
"gitlab.finogeeks.club/finclip-backend/mop-middleware-auth/grpc/pb"
"gitlab.finogeeks.club/finclip-backend/mop-middleware-auth/logger"
)
type IAuthMiddleware interface {
CheckPathAuthor(c *gin.Context)
}
type AuthMiddleware struct {
}
func CreateAuthMiddleware(c config.Config) IAuthMiddleware {
config.SetConfig(c)
logger.BuildLog(config.GetConfig())
return AuthMiddleware{}
}
func (a AuthMiddleware) CheckPathAuthor(c *gin.Context) {
platform := c.GetHeader("url-call")
if platform == "internal" {
c.Next()
return
}
path := getPathV2(c)
logger.GetLogger().Debugln("path-----", path)
userId := c.Request.Header.Get("X-Consumer-Custom-ID")
serviceName := config.GetConfig().ServerName
ctx := context.Background()
if userId == "" {
logger.GetLogger().Errorln("userId is empty")
c.Next()
return
}
key := fmt.Sprintf("%s:%s:%s", serviceName, userId, path)
temp, ok := GetMemCache(key)
var rsp *pb.CheckAuthRsp
var err error
if ok {
rsp = temp.(*pb.CheckAuthRsp)
}
logger.GetLogger().Debugln("CheckPathAuthor cache rsp-----", rsp)
if rsp == nil {
rsp, err = grpc.AuthCheck(ctx, userId, serviceName, path)
if err != nil {
logger.GetLogger().Errorln(err)
c.Next()
return
}
if rsp.Result.Httpcode == http.StatusOK {
SetMemCacheWithTime(key, rsp, time.Duration(config.GetConfig().ExpireInterval)*time.Minute)
}
}
if rsp.Result.Httpcode == http.StatusOK {
if rsp.Data.HasAuthor {
c.Next()
return
} else {
c.AbortWithStatusJSON(http.StatusForbidden, gin.H{
"error": "author forbidden",
"errcode": "AUTHOR_FORBIDDEN",
"data": nil,
})
return
}
}
c.Next()
return
}
func getPath(c *gin.Context) string {
path := c.FullPath()
logger.GetLogger().Debugln("FullPath-----", path)
switch path {
case "/api/v1/mop/finstore/admin/apps/:path1/:path2/:path3":
path = "/api/v1/mop/finstore/admin/apps/:appID/sequences/:seqStr"
case "/api/v1/mop/finstore/dev/apps/:path1/:path2":
path2 := c.Param("path2")
if path2 == "inDevelopment" {
path = "/api/v1/mop/finstore/dev/apps/:appId/inDevelopment"
}
case "/api/v1/mop/finstore/dev/apps/:path1":
path1 := c.Param("path1")
if path1 == "sequences" {
path = "/api/v1/mop/finstore/dev/apps/:sequences"
} else if path1 == "sequences-v2" {
path = "/api/v1/mop/finstore/dev/apps/:sequences-v2"
} else if path1 == "inDevelopment" {
path = "/api/v1/mop/finstore/dev/apps/:inDevelopment"
} else if path1 == "inDevelopment-v2" {
//handler.ListAppsInDevelopment(c)
path = "/api/v1/mop/finstore/dev/apps/:inDevelopment-v2"
} else {
path = "/api/v1/mop/finstore/dev/apps/:appId"
}
case "/api/v1/mop/mop-applet-build-manager/:organId/:userId/start", "/api/v1/mop/mop-applet-build-manager/:organId/:userId/start-v2":
path = "/api/v1/mop/mop-applet-build-manager/:organId/:userId/start"
}
if len(path) == 0 {
return path
} else {
return path[1:]
}
}
func getPathV2(c *gin.Context) string {
path := c.Request.URL.Path
if len(path) == 0 {
return path
} else {
return path[1:]
}
}