func VerifyAccessPurview(token string, ctx context.Context, isVerifyAdministratorRole bool, w rest.ResponseWriter, r *rest.Request) (model.UserWithToken, error) { var user model.UserWithToken session, errSession := GetSession(w, r) if errSession != nil { return user, errSession } if session.ID <= uint(0) { accessTokenUser, errAccessToken := VerifyAccessToken(token, ctx, isVerifyAdministratorRole) return accessTokenUser, errAccessToken } if session.Role == "" { return user, errors.New("请您先登录!") } if isVerifyAdministratorRole == true { if session.Role != "Administrator" { return user, errors.New("权限不足,请使用超级管理员账号登录!") } else { user.ID = session.ID user.Username = session.Username user.Name = session.Name user.Role = session.Role return user, nil } } return user, nil }
func GetSession(w rest.ResponseWriter, r *rest.Request) (model.UserWithToken, error) { session, err := store.Get(r.Request, "user-authentication") var user model.UserWithToken if err != nil { return user, err } if session.Values["ID"] != nil { user.ID = session.Values["ID"].(uint) user.Username = session.Values["Username"].(string) user.Name = session.Values["Name"].(string) user.Role = session.Values["Role"].(string) user.AccessToken = session.Values["AccessToken"].(string) } return user, nil }
func VerifyAccessToken(token string, ctx context.Context, isVerifyAdministratorRole bool) (model.UserWithToken, error) { var user model.UserWithToken token = strings.TrimSpace(token) if token == "" { return user, errors.New("AccessToken 不能为空!") } repo, ok := middleware.RepoFromContext(ctx) if !ok { return user, errors.New("内部服务器错误") } count, err := repo.CountUserAccessTokenByToken(token) if err != nil { return user, err } if count != 1 { return user, errors.New("AccessToken 不正确!") } userInfo, err := repo.GetUserByAccessToken(token) if err != nil { return user, err } if isVerifyAdministratorRole == true { if userInfo.Role != "Administrator" { return user, errors.New("权限不足,请使用超级管理员账号登录!") } } user.ID = userInfo.ID user.Username = userInfo.Username user.Name = userInfo.Name user.Role = userInfo.Role user.AccessToken = userInfo.AccessToken return user, nil }