cuiguohai
/
authService


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132
							package auth

import (
	"authService/cache"
	"authService/model"
	"authService/response"
	"authService/util"
	"authService/validators"
	"encoding/json"
	"errors"
	"fmt"
	"os"
	"time"

	"github.com/go-redis/redis/v8"
)

var expireIn int = 86400 * 14

// 获取授权Token的Redis键名
func getAuthTokenStr(token string) string {
	authTokenPrefix := os.Getenv("AUTH_TOKEN_PREFIX")
	return fmt.Sprintf("%s:Authorize:Token:%s", authTokenPrefix, token)
}

// 获取用户Token的Redis键名
func getUserAuthTokenStr(userId int64) string {
	authTokenPrefix := os.Getenv("AUTH_TOKEN_PREFIX")
	return fmt.Sprintf("%s:Authorize:User:%d:Token", authTokenPrefix, userId)
}

// 生成Token
func Generate(formatedUser *validators.User) (string, int, *response.ErrCode) {
	token := util.RandString(30)
	expire := time.Duration(expireIn) * time.Second

	cacheAuthUser := &validators.AuthUser{
		ID:             formatedUser.ID,
		Account:        formatedUser.Account,
		Nickname:       formatedUser.Nickname,
		FullPermission: formatedUser.IsSuper == model.UserIsSuperTrue,
		RoleIds:        formatedUser.RoleIds,
		Permissions:    formatedUser.Permissions,
		LoginAt:        time.Now().Unix(),
	}
	cacheKey := getAuthTokenStr(token)
	cacheErr := cache.Instance().Put(cacheKey, cacheAuthUser, expire)
	if cacheErr != nil {
		return token, expireIn, response.Err
	}

	userCacheKey := getUserAuthTokenStr(cacheAuthUser.ID)
	// 这个key是缓存 服务人员ID 对应的token是什么，到时候用户如果被禁用了，要强制下线
	cacheErr = cache.Instance().PutStr(userCacheKey, token, expire)
	if cacheErr != nil {
		return token, expireIn, response.Err
	}
	return token, expireIn, nil
}

// 刷新Token
func Refresh(formatedUser *validators.User) (string, int, *response.ErrCode) {
	token, err := GetTokenByUserId(formatedUser.ID)
	if err != nil {
		return "", 0, err
	}

	if token == "" {
		return "", 0, nil
	}

	expire := time.Duration(expireIn) * time.Second
	cacheKey := getAuthTokenStr(token)
	cacheAuthUser := &validators.AuthUser{
		ID:             formatedUser.ID,
		Account:        formatedUser.Account,
		Nickname:       formatedUser.Nickname,
		FullPermission: formatedUser.IsSuper == model.UserIsSuperTrue,
		RoleIds:        formatedUser.RoleIds,
		Permissions:    formatedUser.Permissions,
		LoginAt:        time.Now().Unix(),
	}
	cacheErr := cache.Instance().Put(cacheKey, cacheAuthUser, expire)
	if cacheErr != nil {
		return token, int(expireIn), response.Err
	}
	return token, int(expireIn), nil
}

// 退出登录
func Exit(userId int64) {
	token, _ := GetTokenByUserId(userId)
	if token != "" {
		userCacheKey := getUserAuthTokenStr(userId)
		cacheKey := getAuthTokenStr(token)
		cache.Instance().Delete(userCacheKey)
		cache.Instance().Delete(cacheKey)
	}
}

// 获取某个用户的Token
func GetTokenByUserId(userId int64) (string, *response.ErrCode) {
	userCacheKey := getUserAuthTokenStr(userId)
	token, err := cache.Instance().Get(userCacheKey)
	if err != nil {
		if errors.Is(err, redis.Nil) {
			return "", nil
		}
		return "", response.Err
	}
	return token, nil
}

// 根据Token获取用户信息
func Get(token string) (*validators.AuthUser, *response.ErrCode) {
	// 检查token是否存在
	cacheKey := getAuthTokenStr(token)
	userInfoJson, err := cache.Instance().Get(cacheKey)
	if err != nil {
		if errors.Is(err, redis.Nil) {
			return nil, response.ErrAuthorizationExpired
		}
		return nil, response.Err
	}

	var currentUser validators.AuthUser
	err = json.Unmarshal([]byte(userInfoJson), &currentUser)
	if err != nil {
		return nil, response.Err
	}
	return &currentUser, nil
}