kit/middleware/jwt/jwt.go

package jwt

import (
	"context"
	"git.diulo.com/mogfee/kit/errors"
	"git.diulo.com/mogfee/kit/middleware"
)

type JwtOption func(o *options)

func WithJwtKey(jwtKey string) JwtOption {
	return func(o *options) {
		o.jwtKey = jwtKey
	}
}

func WithFromKey(fromKey string) JwtOption {
	return func(o *options) {
		o.fromKey = fromKey
	}
}
func WithValidate(val JwtValidate) JwtOption {
	return func(o *options) {
		o.validate = val
	}
}

type options struct {
	jwtKey   string
	fromKey  string //cookie:token header:key
	validate JwtValidate
}
type JwtValidate interface {
	//GetToken 获取token
	GetToken(ctx context.Context, key string) (tokenStr string)
	//ParseToken 解析token获取用户信息
	ParseToken(ctx context.Context, key string, token string) (*UserInfo, error)
	//Validate 校验权限
	Validate(ctx context.Context, permission string, permissions []string) error
}

func JWT(opts ...JwtOption) middleware.Middleware {
	var cfg = &options{
		jwtKey:   "JssLx22bjQwnyqby",
		fromKey:  "header:token",
		validate: &JwtDefault{},
	}
	for _, o := range opts {
		o(cfg)
	}

	return func(handler middleware.Handler) middleware.Handler {
		return func(ctx context.Context, a any) (any, error) {
			//1. 解析token
			//2. 获取用户信息
			//3. 校验权限
			//4. 设置ctx
			authKey := FromAuthKeyContext(ctx)
			needAuth := FromNeedAuthContext(ctx)

			// 解析token
			tokenStr := cfg.validate.GetToken(ctx, cfg.fromKey)
			if tokenStr == "" && needAuth {
				return nil, errors.Unauthorized("NO_TOKEN", "")
			}

			if tokenStr != "" {
				if err := func() error {
					userInfo, err := cfg.validate.ParseToken(ctx, cfg.jwtKey, tokenStr)
					if err != nil {
						return err
					}
					if needAuth && userInfo.UserId == "" {
						return errors.Unauthorized("TOKEN_BAD", "")
					}
					if authKey != "" {
						if err = cfg.validate.Validate(ctx, authKey, userInfo.Permissions); err != nil {
							return err
						}
					}
					if userInfo.UserId != "" {
						ctx = SetUserContext(ctx, userInfo)
					}
					return nil
				}(); err != nil {
					if needAuth {
						return nil, err
					}
				}
			}
			return handler(ctx, a)
		}
	}
}
x 2 years ago			`package jwt`

			`import (`
			`"context"`
			`"git.diulo.com/mogfee/kit/errors"`
			`"git.diulo.com/mogfee/kit/middleware"`
			`)`

			`type JwtOption func(o *options)`

			`func WithJwtKey(jwtKey string) JwtOption {`
			`return func(o *options) {`
			`o.jwtKey = jwtKey`
			`}`
			`}`

x 2 years ago			`func WithFromKey(fromKey string) JwtOption {`
x 2 years ago			`return func(o *options) {`
x 2 years ago			`o.fromKey = fromKey`
x 2 years ago			`}`
			`}`
x 2 years ago			`func WithValidate(val JwtValidate) JwtOption {`
x 2 years ago			`return func(o *options) {`
x 2 years ago			`o.validate = val`
x 2 years ago			`}`
			`}`

x 2 years ago			`type options struct {`
x 2 years ago			`jwtKey string`
			`fromKey string //cookie:token header:key`
			`validate JwtValidate`
			`}`
			`type JwtValidate interface {`
			`//GetToken 获取token`
			`GetToken(ctx context.Context, key string) (tokenStr string)`
			`//ParseToken 解析token获取用户信息`
			`ParseToken(ctx context.Context, key string, token string) (*UserInfo, error)`
			`//Validate 校验权限`
			`Validate(ctx context.Context, permission string, permissions []string) error`
x 2 years ago			`}`

			`func JWT(opts ...JwtOption) middleware.Middleware {`
			`var cfg = &options{`
x 2 years ago			`jwtKey: "JssLx22bjQwnyqby",`
			`fromKey: "header:token",`
x 2 years ago			`validate: &JwtDefault{},`
x 2 years ago			`}`
			`for _, o := range opts {`
			`o(cfg)`
			`}`

			`return func(handler middleware.Handler) middleware.Handler {`
			`return func(ctx context.Context, a any) (any, error) {`
x 2 years ago			`//1. 解析token`
			`//2. 获取用户信息`
			`//3. 校验权限`
			`//4. 设置ctx`
x 2 years ago			`authKey := FromAuthKeyContext(ctx)`
			`needAuth := FromNeedAuthContext(ctx)`
x 2 years ago
x 2 years ago			`// 解析token`
			`tokenStr := cfg.validate.GetToken(ctx, cfg.fromKey)`
			`if tokenStr == "" && needAuth {`
			`return nil, errors.Unauthorized("NO_TOKEN", "")`
			`}`
x 2 years ago
token 1 year ago			`if tokenStr != "" {`
			`if err := func() error {`
			`userInfo, err := cfg.validate.ParseToken(ctx, cfg.jwtKey, tokenStr)`
			`if err != nil {`
			`return err`
			`}`
x 1 year ago			`if needAuth && userInfo.UserId == "" {`
token 1 year ago			`return errors.Unauthorized("TOKEN_BAD", "")`
			`}`
			`if authKey != "" {`
			`if err = cfg.validate.Validate(ctx, authKey, userInfo.Permissions); err != nil {`
			`return err`
			`}`
			`}`
x 1 year ago			`if userInfo.UserId != "" {`
token 1 year ago			`ctx = SetUserContext(ctx, userInfo)`
			`}`
			`return nil`
			`}(); err != nil {`
			`if needAuth {`
x 2 years ago			`return nil, err`
			`}`
			`}`
x 2 years ago			`}`
x 2 years ago			`return handler(ctx, a)`
			`}`
			`}`
			`}`