ljydlv
/
videoplayer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

修改Dockerfile,修改token拦截的返回

This commit is contained in:
junleea 2025-06-12 14:28:31 +08:00
parent 86266ac556
commit 3fd0ea7f0f
2 changed files with 48 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Dockerfile
View File

@ -1,8 +1,11 @@
# 第一阶段使用最新Go版本构建 # 第一阶段使用最新Go版本构建
FROM golang:1.24 AS builder FROM docker.1ms.run/golang:1.24 AS builder
WORKDIR /app WORKDIR /app
ENV GOPROXY=https://goproxy.cn,direct
# 复制go.mod和go.sum以缓存依赖 # 复制go.mod和go.sum以缓存依赖
COPY go.mod go.sum ./ COPY go.mod go.sum ./
RUN go mod download RUN go mod download
@ -27,4 +30,4 @@ WORKDIR /home/videoplayer
EXPOSE 8083 EXPOSE 8083
# 运行应用 # 运行应用
CMD ["./videoplayer"] CMD ["./videoplayer"]

80
main.go
View File

@ -2,6 +2,7 @@ package main
import ( import (
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt" "github.com/golang-jwt/jwt"
@ -100,29 +101,23 @@ func JWTAuthMiddleware() gin.HandlerFunc {
} }
// 从请求头中获取 JWT 令牌 // 从请求头中获取 JWT 令牌
tokenString := c.Request.Header.Get("token") tokenString := c.Request.Header.Get("token")
//请求方式为get时从url中获取token //请求方式为get时从url中获取token
if tokenString == "" { if tokenString == "" {
tokenString = c.Query("token") tokenString = c.Query("token")
} }
//如果请求为login或register则不需要验证token for k, _ := range proto.Url_map {
//for k, _ := range proto.Url_map { if strings.Contains(c.Request.URL.Path, k) {
// if strings.Contains(c.Request.URL.Path, k) { log.Println("need not check token:", c.Request.URL.Path)
// c.Next() c.Next()
// return return
// } }
//}
if proto.Url_map[c.Request.URL.Path] == true { //查看是否在不需要token的url中
c.Next()
return
} }
//if proto.Url_map[c.Request.URL.Path] == true { //查看是否在不需要token的url中
// c.Next()
// return
//}
if tokenString == "" { if tokenString == "" {
//c.AbortWithStatus(200) c.AbortWithStatusJSON(http.StatusOK, gin.H{"message": "unauthorized", "error": "token is empty", "code": proto.TokenIsNull})
c.JSON(200, gin.H{
"message": "Unauthorized",
"error": "token is empty",
"code": proto.TokenIsNull,
})
return return
} }
if proto.Config.TOKEN_USE_REDIS { if proto.Config.TOKEN_USE_REDIS {
@ -132,7 +127,6 @@ func JWTAuthMiddleware() gin.HandlerFunc {
return return
} }
} }
//查看token是否在超级token中 //查看token是否在超级token中
if worker.IsContainSet("super_permission_tokens", tokenString) { if worker.IsContainSet("super_permission_tokens", tokenString) {
sId := c.Request.Header.Get("super_id") sId := c.Request.Header.Get("super_id")
@ -147,40 +141,52 @@ func JWTAuthMiddleware() gin.HandlerFunc {
idFloat64 := float64(id) idFloat64 := float64(id)
//查看s_id类型 //查看s_id类型
c.Set("id", idFloat64) c.Set("id", idFloat64)
c.Set("user_id", id)
c.Next() c.Next()
return return
} }
// 使用加密secret 解析 JWT 令牌 // 使用加密secret 解析 JWT 令牌
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { //token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
// return proto.SigningKey, nil
//})
token, err := jwt.Parse(tokenString, func(t *jwt.Token) (interface{}, error) {
// 验证签名算法
if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, jwt.ErrSignatureInvalid
}
return proto.SigningKey, nil return proto.SigningKey, nil
}) })
// 错误处理
// 验证令牌 if err != nil {
if err != nil || !token.Valid { var ve *jwt.ValidationError
c.AbortWithStatusJSON(http.StatusOK, gin.H{ if errors.As(err, &ve) {
"message": "NOT_LOGIN", switch {
"error": "Invalid token", case ve.Errors&jwt.ValidationErrorMalformed != 0:
"code": proto.TokenExpired, c.AbortWithStatusJSON(http.StatusOK, gin.H{"error": "Malformed token:" + err.Error(), "code": proto.TokenInvalid})
}) case ve.Errors&jwt.ValidationErrorExpired != 0:
return c.AbortWithStatusJSON(http.StatusOK, gin.H{"error": "Token expired:" + err.Error(), "code": proto.TokenExpired})
case ve.Errors&jwt.ValidationErrorNotValidYet != 0:
c.AbortWithStatusJSON(http.StatusOK, gin.H{"error": "Token not active yet:" + err.Error(), "code": proto.TokenInvalid})
default:
c.AbortWithStatusJSON(http.StatusOK, gin.H{"error": "Invalid token:" + err.Error(), "code": proto.TokenInvalid})
}
return
}
} }
// 将用户信息添加到上下文中 // 将用户信息添加到上下文中
c.Set("id", token.Claims.(jwt.MapClaims)["id"]) id := token.Claims.(jwt.MapClaims)["id"]
c.Set("username", token.Claims.(jwt.MapClaims)["username"]) c.Set("id", id)
c.Set("user_id", int(id.(float64)))
if UserFuncIntercept(int(token.Claims.(jwt.MapClaims)["id"].(float64)), c.Request.URL.Path) { if UserFuncIntercept(int(id.(float64)), c.Request.URL.Path) {
c.AbortWithStatusJSON(http.StatusOK, gin.H{ c.AbortWithStatusJSON(http.StatusOK, gin.H{"message": "unauthorized", "error": "no function permission", "code": proto.NoPermission})
"message": "no function permission",
"error": "no permission",
"code": proto.NoPermission,
})
return return
} }
// 继续处理请求 // 继续处理请求
c.Next() c.Next()
//log.Println("JWT token is valid, user ID:", token.Claims.(jwt.MapClaims)["id"], " path:", c.Request.URL.Path)
} }
} }