package auth import ( "authService/cache" "authService/model" "authService/response" "authService/util" "authService/validators" "encoding/json" "errors" "fmt" "os" "time" "github.com/go-redis/redis/v8" ) var expireIn int = 86400 * 14 // 获取授权Token的Redis键名 func getAuthTokenStr(token string) string { authTokenPrefix := os.Getenv("AUTH_TOKEN_PREFIX") return fmt.Sprintf("%s:Authorize:Token:%s", authTokenPrefix, token) } // 获取用户Token的Redis键名 func getUserAuthTokenStr(userId int64) string { authTokenPrefix := os.Getenv("AUTH_TOKEN_PREFIX") return fmt.Sprintf("%s:Authorize:User:%d:Token", authTokenPrefix, userId) } // 生成Token func Generate(formatedUser *validators.User) (string, int, *response.ErrCode) { token := util.RandString(30) expire := time.Duration(expireIn) * time.Second cacheAuthUser := &validators.AuthUser{ ID: formatedUser.ID, Account: formatedUser.Account, Nickname: formatedUser.Nickname, FullPermission: formatedUser.IsSuper == model.UserIsSuperTrue, RoleIds: formatedUser.RoleIds, Permissions: formatedUser.Permissions, LoginAt: time.Now().Unix(), } cacheKey := getAuthTokenStr(token) cacheErr := cache.Instance().Put(cacheKey, cacheAuthUser, expire) if cacheErr != nil { return token, expireIn, response.Err } userCacheKey := getUserAuthTokenStr(cacheAuthUser.ID) // 这个key是缓存 服务人员ID 对应的token是什么,到时候用户如果被禁用了,要强制下线 cacheErr = cache.Instance().PutStr(userCacheKey, token, expire) if cacheErr != nil { return token, expireIn, response.Err } return token, expireIn, nil } // 刷新Token func Refresh(formatedUser *validators.User) (string, int, *response.ErrCode) { token, err := GetTokenByUserId(formatedUser.ID) if err != nil { return "", 0, err } if token == "" { return "", 0, nil } expire := time.Duration(expireIn) * time.Second cacheKey := getAuthTokenStr(token) cacheAuthUser := &validators.AuthUser{ ID: formatedUser.ID, Account: formatedUser.Account, Nickname: formatedUser.Nickname, FullPermission: formatedUser.IsSuper == model.UserIsSuperTrue, RoleIds: formatedUser.RoleIds, Permissions: formatedUser.Permissions, LoginAt: time.Now().Unix(), } cacheErr := cache.Instance().Put(cacheKey, cacheAuthUser, expire) if cacheErr != nil { return token, int(expireIn), response.Err } return token, int(expireIn), nil } // 退出登录 func Exit(userId int64) { token, _ := GetTokenByUserId(userId) if token != "" { userCacheKey := getUserAuthTokenStr(userId) cacheKey := getAuthTokenStr(token) cache.Instance().Delete(userCacheKey) cache.Instance().Delete(cacheKey) } } // 获取某个用户的Token func GetTokenByUserId(userId int64) (string, *response.ErrCode) { userCacheKey := getUserAuthTokenStr(userId) token, err := cache.Instance().Get(userCacheKey) if err != nil { if errors.Is(err, redis.Nil) { return "", nil } return "", response.Err } return token, nil } // 根据Token获取用户信息 func Get(token string) (*validators.AuthUser, *response.ErrCode) { // 检查token是否存在 cacheKey := getAuthTokenStr(token) userInfoJson, err := cache.Instance().Get(cacheKey) if err != nil { if errors.Is(err, redis.Nil) { return nil, response.ErrAuthorizationExpired } return nil, response.Err } var currentUser validators.AuthUser err = json.Unmarshal([]byte(userInfoJson), ¤tUser) if err != nil { return nil, response.Err } return ¤tUser, nil }