You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Open-IM-Server/pkg/common/mw/gin.go

119 lines
3.9 KiB

package mw
import (
"OpenIM/internal/apiresp"
"OpenIM/pkg/common/config"
"OpenIM/pkg/common/constant"
"OpenIM/pkg/common/db/cache"
"OpenIM/pkg/common/db/controller"
"OpenIM/pkg/common/tokenverify"
"OpenIM/pkg/errs"
"bytes"
"encoding/json"
"github.com/gin-gonic/gin"
"github.com/go-redis/redis/v8"
"io"
"net/http"
)
func CorsHandler() gin.HandlerFunc {
return func(context *gin.Context) {
context.Writer.Header().Set("Access-Control-Allow-Origin", "*")
context.Header("Access-Control-Allow-Methods", "*")
context.Header("Access-Control-Allow-Headers", "*")
context.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers,Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma,FooBar") // 跨域关键设置 让浏览器可以解析
context.Header("Access-Control-Max-Age", "172800") // 缓存请求信息 单位为秒
context.Header("Access-Control-Allow-Credentials", "false") // 跨域请求是否需要带cookie信息 默认设置为true
context.Header("content-type", "application/json") // 设置返回格式是json
//Release all option pre-requests
if context.Request.Method == http.MethodOptions {
context.JSON(http.StatusOK, "Options Request!")
}
context.Next()
}
}
func GinParseOperationID() gin.HandlerFunc {
return func(c *gin.Context) {
if c.Request.Method == http.MethodPost {
operationID := c.Request.Header.Get(constant.OperationID)
if operationID == "" {
body, err := io.ReadAll(c.Request.Body)
if err != nil {
c.String(400, "read request body error: "+err.Error())
c.Abort()
return
}
req := struct {
OperationID string `json:"operationID"`
}{}
if err := json.Unmarshal(body, &req); err != nil {
c.String(400, "get operationID error: "+err.Error())
c.Abort()
return
}
if req.OperationID == "" {
c.String(400, "operationID empty")
c.Abort()
return
}
c.Request.Body = io.NopCloser(bytes.NewReader(body))
operationID = req.OperationID
c.Request.Header.Set(constant.OperationID, operationID)
}
c.Set(constant.OperationID, operationID)
c.Next()
return
}
c.Next()
}
}
func GinParseToken(rdb redis.UniversalClient) gin.HandlerFunc {
dataBase := controller.NewAuthDatabase(cache.NewCacheModel(rdb), config.Config.TokenPolicy.AccessSecret, config.Config.TokenPolicy.AccessExpire)
return func(c *gin.Context) {
switch c.Request.Method {
case http.MethodPost:
token := c.Request.Header.Get(constant.Token)
if token == "" {
apiresp.GinError(c, errs.ErrArgs.Wrap("header must have token"))
c.Abort()
return
}
claims, err := tokenverify.GetClaimFromToken(token)
if err != nil {
apiresp.GinError(c, errs.ErrTokenUnknown.Wrap())
c.Abort()
return
}
m, err := dataBase.GetTokensWithoutError(c, claims.UID, claims.Platform)
if err != nil {
apiresp.GinError(c, errs.ErrTokenNotExist.Wrap())
c.Abort()
return
}
if len(m) == 0 {
apiresp.GinError(c, errs.ErrTokenNotExist.Wrap())
c.Abort()
return
}
if v, ok := m[token]; ok {
switch v {
case constant.NormalToken:
case constant.KickedToken:
apiresp.GinError(c, errs.ErrTokenKicked.Wrap())
c.Abort()
return
default:
apiresp.GinError(c, errs.ErrTokenUnknown.Wrap())
c.Abort()
return
}
}
c.Set(constant.OpUserIDPlatformID, constant.PlatformNameToID(claims.Platform))
c.Set(constant.OpUserID, claims.UID)
c.Next()
}
}
}