Merge branch 'refs/heads/feat-sync-secret' into release
This commit is contained in:
junleea
commit
c3170ddcb2
10
main.go
10
main.go
|
|
@ -150,13 +150,13 @@ func JWTAuthMiddleware() gin.HandlerFunc {
|
||||||
c.Next()
|
c.Next()
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
if proto.SigningKeyIsValid == false {
|
||||||
|
c.AbortWithStatusJSON(http.StatusOK, gin.H{"message": "server error", "error": "token secret is invalid", "code": proto.SigningKeyIsValid})
|
||||||
|
return
|
||||||
|
}
|
||||||
if tokenString == "" {
|
if tokenString == "" {
|
||||||
//c.AbortWithStatus(200)
|
//c.AbortWithStatus(200)
|
||||||
c.JSON(200, gin.H{
|
c.JSON(http.StatusOK, gin.H{"message": "Unauthorized", "error": "token is empty", "code": proto.TokenIsNull})
|
||||||
"message": "Unauthorized",
|
|
||||||
"error": "token is empty",
|
|
||||||
"code": proto.TokenIsNull,
|
|
||||||
})
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if proto.Config.TOKEN_USE_REDIS {
|
if proto.Config.TOKEN_USE_REDIS {
|
||||||
|
|
|
||||||
|
|
@ -22,6 +22,7 @@ var SigningKeyRWLock = &sync.RWMutex{}
|
||||||
|
|
||||||
var SyncSecretReqLog int64
|
var SyncSecretReqLog int64
|
||||||
var CurrentConfigPath string
|
var CurrentConfigPath string
|
||||||
|
var SigningKeyIsValid = true // 是否有效的签名密钥
|
||||||
|
|
||||||
const (
|
const (
|
||||||
MYSQL_USER = "video_t2"
|
MYSQL_USER = "video_t2"
|
||||||
|
|
|
||||||
|
|
@ -78,4 +78,5 @@ const (
|
||||||
MonitorServerIDIsNull = 110 // 监控服务器ID为空
|
MonitorServerIDIsNull = 110 // 监控服务器ID为空
|
||||||
MonitorServerIDNotFound = 111 // 监控服务器ID不存在
|
MonitorServerIDNotFound = 111 // 监控服务器ID不存在
|
||||||
|
|
||||||
|
SigningKeyVersionIsTooOld = 200
|
||||||
)
|
)
|
||||||
|
|
|
||||||
|
|
@ -213,6 +213,7 @@ func SyncTokenSecretFromUserCenter() {
|
||||||
proto.SigningKey = []byte(secretSettings.Curr)
|
proto.SigningKey = []byte(secretSettings.Curr)
|
||||||
proto.Config.TOKEN_SECRET = secretSettings.Curr
|
proto.Config.TOKEN_SECRET = secretSettings.Curr
|
||||||
proto.SigningKeyRWLock.Unlock()
|
proto.SigningKeyRWLock.Unlock()
|
||||||
|
proto.SigningKeyIsValid = true
|
||||||
//配置写回文件
|
//配置写回文件
|
||||||
go proto.WriteConfigToFile()
|
go proto.WriteConfigToFile()
|
||||||
log.Println("SyncTokenSecretFromUserCenter current secret updated successfully")
|
log.Println("SyncTokenSecretFromUserCenter current secret updated successfully")
|
||||||
|
|
@ -252,6 +253,7 @@ func SetNextSecretToCurrent(secret_copy proto.SecretSyncSettings) {
|
||||||
secret_sync_settings.Curr = secret_sync_settings.Next
|
secret_sync_settings.Curr = secret_sync_settings.Next
|
||||||
secret_sync_settings.Next = ""
|
secret_sync_settings.Next = ""
|
||||||
secret_sync_settings.CurrStartTimestamp = secret_sync_settings.PrevEndTimestamp
|
secret_sync_settings.CurrStartTimestamp = secret_sync_settings.PrevEndTimestamp
|
||||||
|
proto.SigningKeyIsValid = true
|
||||||
|
|
||||||
//设置当前程序的密钥
|
//设置当前程序的密钥
|
||||||
//获取写锁
|
//获取写锁
|
||||||
|
|
@ -299,6 +301,9 @@ func GetTokenSecretFromUserCenter() (*proto.SecretSyncSettings, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
if respObject.Code != 0 {
|
if respObject.Code != 0 {
|
||||||
|
if respObject.Code == proto.SigningKeyVersionIsTooOld {
|
||||||
|
proto.SigningKeyIsValid = false //设置当前密钥无效
|
||||||
|
}
|
||||||
log.Println("GetTokenSecretFromUserCenter error code:", respObject.Code, "\t, message:", respObject.Message)
|
log.Println("GetTokenSecretFromUserCenter error code:", respObject.Code, "\t, message:", respObject.Message)
|
||||||
return nil, fmt.Errorf("GetTokenSecretFromUserCenter error code: %d, message: %s", respObject.Code, respObject.Message)
|
return nil, fmt.Errorf("GetTokenSecretFromUserCenter error code: %d, message: %s", respObject.Code, respObject.Message)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue