From 86266ac556f6f7c25ff0e96221a5f308373f02ca Mon Sep 17 00:00:00 2001 From: junleea <354425203@qq.com> Date: Wed, 11 Jun 2025 14:38:34 +0800 Subject: [PATCH 1/4] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E9=85=8D=E7=BD=AE?= =?UTF-8?q?=E6=96=87=E4=BB=B6=EF=BC=8C=E6=B7=BB=E5=8A=A0Dockerfile?= =?UTF-8?q?=E6=96=87=E4=BB=B6=E5=88=B6=E4=BD=9C=E9=95=9C=E5=83=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 30 ++++++++++++++++++++++++++++++ vp.conf | 18 ++++++++++++------ 2 files changed, 42 insertions(+), 6 deletions(-) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..6651e58 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,30 @@ +# 第一阶段:使用最新Go版本构建 +FROM golang:1.24 AS builder + +WORKDIR /app + +# 复制go.mod和go.sum以缓存依赖 +COPY go.mod go.sum ./ +RUN go mod download + +# 复制源代码并构建 +COPY . . +RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -ldflags="-s -w" -o videoplayer . + +# 第二阶段:生产环境(最小化镜像) +FROM scratch + +# 复制配置文件 +COPY --from=builder /app/vp.conf /home/videoplayer/vp.conf + +# 复制二进制文件 +COPY --from=builder /app/videoplayer /home/videoplayer/videoplayer + +# 设置工作目录 +WORKDIR /home/videoplayer + +# 暴露端口 +EXPOSE 8083 + +# 运行应用 +CMD ["./videoplayer"] diff --git a/vp.conf b/vp.conf index 33869ad..bc74567 100644 --- a/vp.conf +++ b/vp.conf @@ -1,15 +1,21 @@ { "db":0, - "mysql_dsn":"video_t2:2t2SKHmWEYj2xFKF@tcp(127.0.0.1:3306)/video_t2?charset=utf8mb4&parseTime=True&loc=Local", + "mysql_dsn":"video_t2:2t2SKHmWEYj2xFKF@tcp(tx.ljsea.top:3306)/video_t2?charset=utf8mb4&parseTime=True&loc=Local", "pg_dsn":"host=localhost user=video_t2 dbname=video_t2 password=2t2SKHmWEYj2xFKF port=5432 TimeZone=Asia/Shanghai", "redis_addr":"127.0.0.1:6379", "redis_db":2, - "redis_user_pw":true, - "token_use_redis":true, + "redis_user_pw":false, + "token_use_redis":false, "redis_password":"lj502138", "token_secret":"mfjurnc_32ndj9dfhj", "cid_base_dir":"/home/lijun/cid/", "file_base_dir":"/home/lijun/file/", - "monitor":false, - "server_port":"8083" -} \ No newline at end of file + "monitor": true, + "server_port": "8083", + "log_save_days": 3, + "user_type": "master", + "master_server_domain": "tx.ljsea.top", + "user_sync_time": 0, + "server_name": "tx_vp_server", + "monitor_server_token": "627gyf3488h" +} From 3fd0ea7f0f20319bff4a49e76dc30a8eacd61850 Mon Sep 17 00:00:00 2001 From: junleea <354425203@qq.com> Date: Thu, 12 Jun 2025 14:28:31 +0800 Subject: [PATCH 2/4] =?UTF-8?q?=E4=BF=AE=E6=94=B9Dockerfile=EF=BC=8C?= =?UTF-8?q?=E4=BF=AE=E6=94=B9token=E6=8B=A6=E6=88=AA=E7=9A=84=E8=BF=94?= =?UTF-8?q?=E5=9B=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 7 +++-- main.go | 80 +++++++++++++++++++++++++++++------------------------- 2 files changed, 48 insertions(+), 39 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6651e58..099cba4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,11 @@ # 第一阶段:使用最新Go版本构建 -FROM golang:1.24 AS builder +FROM docker.1ms.run/golang:1.24 AS builder WORKDIR /app +ENV GOPROXY=https://goproxy.cn,direct + + # 复制go.mod和go.sum以缓存依赖 COPY go.mod go.sum ./ RUN go mod download @@ -27,4 +30,4 @@ WORKDIR /home/videoplayer EXPOSE 8083 # 运行应用 -CMD ["./videoplayer"] +CMD ["./videoplayer"] \ No newline at end of file diff --git a/main.go b/main.go index f2e2886..a112293 100644 --- a/main.go +++ b/main.go @@ -2,6 +2,7 @@ package main import ( "encoding/json" + "errors" "fmt" "github.com/gin-gonic/gin" "github.com/golang-jwt/jwt" @@ -100,29 +101,23 @@ func JWTAuthMiddleware() gin.HandlerFunc { } // 从请求头中获取 JWT 令牌 tokenString := c.Request.Header.Get("token") - //请求方式为get时,从url中获取token if tokenString == "" { tokenString = c.Query("token") } - //如果请求为login或register,则不需要验证token - //for k, _ := range proto.Url_map { - // if strings.Contains(c.Request.URL.Path, k) { - // c.Next() - // return - // } - //} - if proto.Url_map[c.Request.URL.Path] == true { //查看是否在不需要token的url中 - c.Next() - return + for k, _ := range proto.Url_map { + if strings.Contains(c.Request.URL.Path, k) { + log.Println("need not check token:", c.Request.URL.Path) + c.Next() + return + } } + //if proto.Url_map[c.Request.URL.Path] == true { //查看是否在不需要token的url中 + // c.Next() + // return + //} if tokenString == "" { - //c.AbortWithStatus(200) - c.JSON(200, gin.H{ - "message": "Unauthorized", - "error": "token is empty", - "code": proto.TokenIsNull, - }) + c.AbortWithStatusJSON(http.StatusOK, gin.H{"message": "unauthorized", "error": "token is empty", "code": proto.TokenIsNull}) return } if proto.Config.TOKEN_USE_REDIS { @@ -132,7 +127,6 @@ func JWTAuthMiddleware() gin.HandlerFunc { return } } - //查看token是否在超级token中 if worker.IsContainSet("super_permission_tokens", tokenString) { sId := c.Request.Header.Get("super_id") @@ -147,40 +141,52 @@ func JWTAuthMiddleware() gin.HandlerFunc { idFloat64 := float64(id) //查看s_id类型 c.Set("id", idFloat64) + c.Set("user_id", id) c.Next() return } // 使用加密secret 解析 JWT 令牌 - token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { + //token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { + // return proto.SigningKey, nil + //}) + token, err := jwt.Parse(tokenString, func(t *jwt.Token) (interface{}, error) { + // 验证签名算法 + if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok { + return nil, jwt.ErrSignatureInvalid + } return proto.SigningKey, nil }) - - // 验证令牌 - if err != nil || !token.Valid { - c.AbortWithStatusJSON(http.StatusOK, gin.H{ - "message": "NOT_LOGIN", - "error": "Invalid token", - "code": proto.TokenExpired, - }) - return + // 错误处理 + if err != nil { + var ve *jwt.ValidationError + if errors.As(err, &ve) { + switch { + case ve.Errors&jwt.ValidationErrorMalformed != 0: + c.AbortWithStatusJSON(http.StatusOK, gin.H{"error": "Malformed token:" + err.Error(), "code": proto.TokenInvalid}) + case ve.Errors&jwt.ValidationErrorExpired != 0: + c.AbortWithStatusJSON(http.StatusOK, gin.H{"error": "Token expired:" + err.Error(), "code": proto.TokenExpired}) + case ve.Errors&jwt.ValidationErrorNotValidYet != 0: + c.AbortWithStatusJSON(http.StatusOK, gin.H{"error": "Token not active yet:" + err.Error(), "code": proto.TokenInvalid}) + default: + c.AbortWithStatusJSON(http.StatusOK, gin.H{"error": "Invalid token:" + err.Error(), "code": proto.TokenInvalid}) + } + return + } } // 将用户信息添加到上下文中 - c.Set("id", token.Claims.(jwt.MapClaims)["id"]) - c.Set("username", token.Claims.(jwt.MapClaims)["username"]) + id := token.Claims.(jwt.MapClaims)["id"] + c.Set("id", id) + c.Set("user_id", int(id.(float64))) - if UserFuncIntercept(int(token.Claims.(jwt.MapClaims)["id"].(float64)), c.Request.URL.Path) { - c.AbortWithStatusJSON(http.StatusOK, gin.H{ - "message": "no function permission", - "error": "no permission", - "code": proto.NoPermission, - }) + if UserFuncIntercept(int(id.(float64)), c.Request.URL.Path) { + c.AbortWithStatusJSON(http.StatusOK, gin.H{"message": "unauthorized", "error": "no function permission", "code": proto.NoPermission}) return } - // 继续处理请求 c.Next() + //log.Println("JWT token is valid, user ID:", token.Claims.(jwt.MapClaims)["id"], " path:", c.Request.URL.Path) } } From 93076cf3659431bf9ad7361402e983443fffdcd6 Mon Sep 17 00:00:00 2001 From: junleea <354425203@qq.com> Date: Thu, 12 Jun 2025 14:36:37 +0800 Subject: [PATCH 3/4] =?UTF-8?q?=E4=BF=AE=E6=94=B9Dockerfile=EF=BC=8C?= =?UTF-8?q?=E4=BF=AE=E6=94=B9token=E6=8B=A6=E6=88=AA=E7=9A=84=E8=BF=94?= =?UTF-8?q?=E5=9B=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- vp.conf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/vp.conf b/vp.conf index bc74567..3ccb203 100644 --- a/vp.conf +++ b/vp.conf @@ -1,10 +1,10 @@ { "db":0, - "mysql_dsn":"video_t2:2t2SKHmWEYj2xFKF@tcp(tx.ljsea.top:3306)/video_t2?charset=utf8mb4&parseTime=True&loc=Local", + "mysql_dsn":"vp-db:ZcxsP7s7kaBxxDPc@tcp(tx.ljsea.top:3306)/vp-db?charset=utf8mb4&parseTime=True&loc=Local", "pg_dsn":"host=localhost user=video_t2 dbname=video_t2 password=2t2SKHmWEYj2xFKF port=5432 TimeZone=Asia/Shanghai", - "redis_addr":"127.0.0.1:6379", + "redis_addr":"host.docker.internal:6379", "redis_db":2, - "redis_user_pw":false, + "redis_user_pw":true, "token_use_redis":false, "redis_password":"lj502138", "token_secret":"mfjurnc_32ndj9dfhj", @@ -13,9 +13,9 @@ "monitor": true, "server_port": "8083", "log_save_days": 3, - "user_type": "master", + "user_type": "slave", "master_server_domain": "tx.ljsea.top", "user_sync_time": 0, - "server_name": "tx_vp_server", + "server_name": "home_vp_docker_server", "monitor_server_token": "627gyf3488h" -} +} \ No newline at end of file From d63d641058764447c284b536219177fe91d23003 Mon Sep 17 00:00:00 2001 From: junleea <354425203@qq.com> Date: Thu, 12 Jun 2025 18:45:21 +0800 Subject: [PATCH 4/4] =?UTF-8?q?=E4=BF=AE=E6=94=B9Dockerfile=EF=BC=8C?= =?UTF-8?q?=E4=BF=AE=E6=94=B9token=E6=8B=A6=E6=88=AA=E7=9A=84=E8=BF=94?= =?UTF-8?q?=E5=9B=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 099cba4..ad1a919 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,7 +18,7 @@ RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -ldflags="-s -w" -o FROM scratch # 复制配置文件 -COPY --from=builder /app/vp.conf /home/videoplayer/vp.conf +COPY --from=builder /app/saw-ai.conf /home/saw/saw-ai.conf # 复制二进制文件 COPY --from=builder /app/videoplayer /home/videoplayer/videoplayer