设置密钥无效返回

main.go

@@ -150,13 +150,13 @@ func JWTAuthMiddleware() gin.HandlerFunc {
 			c.Next()
 			return
 		}
+		if proto.SigningKeyIsValid == false {
+			c.AbortWithStatusJSON(http.StatusOK, gin.H{"message": "server error", "error": "token secret is invalid", "code": proto.SigningKeyIsValid})
+			return
+		}
 		if tokenString == "" {
 			//c.AbortWithStatus(200)
-			c.JSON(200, gin.H{
-				"message": "Unauthorized",
-				"error":   "token is empty",
-				"code":    proto.TokenIsNull,
-			})
+			c.JSON(http.StatusOK, gin.H{"message": "Unauthorized", "error": "token is empty", "code": proto.TokenIsNull})
 			return
 		}
 		if proto.Config.TOKEN_USE_REDIS {

proto/conf.go

@@ -22,6 +22,7 @@ var SigningKeyRWLock = &sync.RWMutex{}
 
 var SyncSecretReqLog int64
 var CurrentConfigPath string
+var SigningKeyIsValid = true // 是否有效的签名密钥
 
 const (
 	MYSQL_USER     = "video_t2"

proto/status.go

@@ -78,4 +78,5 @@ const (
 	MonitorServerIDIsNull   = 110 // 监控服务器ID为空
 	MonitorServerIDNotFound = 111 // 监控服务器ID不存在
 
+	SigningKeyVersionIsTooOld = 200
 )

service/toolService.go

@@ -299,6 +299,9 @@ func GetTokenSecretFromUserCenter() (*proto.SecretSyncSettings, error) {
 		return nil, err
 	}
 	if respObject.Code != 0 {
+		if respObject.Code == proto.SigningKeyVersionIsTooOld {
+			proto.SigningKeyIsValid = false //设置当前密钥无效
+		}
 		log.Println("GetTokenSecretFromUserCenter error code:", respObject.Code, "\t, message:", respObject.Message)
 		return nil, fmt.Errorf("GetTokenSecretFromUserCenter error code: %d, message: %s", respObject.Code, respObject.Message)
 	}