增加验证jwt

5 years ago · 750fbdf96d
parent df43420cd1
commit 750fbdf96d
27 changed files with 449 additions and 287 deletions
--- a/controller/auth.go
+++ b/controller/auth.go
@ -3,7 +3,36 @@ package controller
 import (
 	"github.com/taoshihan1991/imaptool/config"
 	"github.com/taoshihan1991/imaptool/tools"
+	"log"
 )
+
+func CheckPass(username string, password string) string {
+	account := config.GetAccount()
+	if account == nil {
+		account = make(map[string]string)
+	}
+	if account["Username"] == "" && account["Password"] == "" {
+		account["Username"] = "admin"
+		account["Password"] = "admin123"
+	}
+	if username == account["Username"] && password == account["Password"] {
+
+		sessionId := tools.Md5(username)
+		info := make(map[string]string)
+		info["username"] = username
+		config.SetUserInfo(sessionId, info)
+		return sessionId
+	}
+	return ""
+}
+func CheckAuth(token string) bool {
+	userinfo := tools.ParseToken(token)
+	log.Println(userinfo)
+	if userinfo == nil {
+		return false
+	}
+	return true
+}
 func AuthLocal(username string, password string) string {
 	account := config.GetAccount()
 	if account == nil {
@ -23,10 +52,10 @@ func AuthLocal(username string,password string)string{
 	}
 	return ""
 }
+
 //验证是否已经登录
 func AuthCheck(uid string) map[string]string {
 	info := config.GetUserInfo(uid)

 	return info
 }
-
--- a/controller/chat.go
+++ b/controller/chat.go
@ -16,17 +16,20 @@ func ActionChatMain(w http.ResponseWriter, r *http.Request) {
 	render := tmpl.NewRender(w)
 	render.Display("chat_main", nil)
 }
+
 //聊天客户端界面
 func ActionChatPage(w http.ResponseWriter, r *http.Request) {
 	render := tmpl.NewRender(w)
 	render.Display("chat_page", nil)
 }
+
 //咨询界面
 func PageChat(c *gin.Context) {
 	html := tools.FileGetContent("html/chat_page.html")
 	c.Header("Content-Type", "text/html; charset=utf-8")
 	c.String(200, html)
 }
+
 //获取在线用户
 func ChatUsers(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("content-type", "text/json;charset=utf-8;")
@ -43,6 +46,7 @@ func ChatUsers(w http.ResponseWriter, r *http.Request) {
 	})
 	w.Write(msg)
 }
+
 type NoticeMessage struct {
 	Type interface{} `json:"type"`
 	Data interface{} `json:"data"`
@ -69,6 +73,7 @@ type UserMessage struct {
 	Time        string `json:"time"`
 	Content     string `json:"content"`
 }
+
 //定时检测客户端是否在线
 func init() {
 	sendPingToClient()
@ -144,7 +149,8 @@ func ChatServer(w *websocket.Conn) {
 					Content:  kfMsg.Content,
 				},
 			}
-			str,_:=json.Marshal(msg);sendStr:=string(str)
+			str, _ := json.Marshal(msg)
+			sendStr := string(str)
 			websocket.Message.Send(conn, sendStr)
 		case "chatMessage":
 			json.Unmarshal(msgData, &userMsg)
@ -161,11 +167,13 @@ func ChatServer(w *websocket.Conn) {
 					Time:        time.Now().Format("2006-01-02 15:04:05"),
 				},
 			}
-			str,_:=json.Marshal(msg);sendStr:=string(str)
+			str, _ := json.Marshal(msg)
+			sendStr := string(str)
 			websocket.Message.Send(conn, sendStr)
 		}
 	}
 }
+
 //发送给所有客服客户上线
 func SendUserAllNotice() {
 	if len(kefuList) != 0 {
@ -174,11 +182,13 @@ func SendUserAllNotice(){
 			msg := NoticeMessage{
 				Type: "notice",
 			}
-			str,_:=json.Marshal(msg);sendStr:=string(str)
+			str, _ := json.Marshal(msg)
+			sendStr := string(str)
 			websocket.Message.Send(conn, sendStr)
 		}
 	}
 }
+
 //发送给客户客服上线
 func SendKefuOnline(kfMsg KfMessage, conn *websocket.Conn) {
 	sendMsg := TypeMessage{
@ -195,6 +205,7 @@ func SendKefuOnline(kfMsg KfMessage,conn *websocket.Conn){
 	jsonStrByte, _ := json.Marshal(sendMsg)
 	websocket.Message.Send(conn, string(jsonStrByte))
 }
+
 //发送给所有客服客户上线
 func SendOnekfuAllNotice(conn *websocket.Conn) {
 	result := make([]map[string]string, 0)
@ -208,9 +219,11 @@ func SendOnekfuAllNotice(conn *websocket.Conn){
 		Type: "notice",
 		Data: result,
 	}
-	str,_:=json.Marshal(msg);sendStr:=string(str)
+	str, _ := json.Marshal(msg)
+	sendStr := string(str)
 	websocket.Message.Send(conn, sendStr)
 }
+
 //获取当前的在线用户
 func getOnlineUser(w *websocket.Conn) {
 	result := make([]map[string]string, 0)
@ -224,9 +237,11 @@ func getOnlineUser(w *websocket.Conn){
 		Type: "getOnlineUsers",
 		Data: result,
 	}
-	str,_:=json.Marshal(msg);sendStr:=string(str)
+	str, _ := json.Marshal(msg)
+	sendStr := string(str)
 	websocket.Message.Send(w, sendStr)
 }
+
 //定时给客户端发送消息判断客户端是否在线
 func sendPingToClient() {
 	msg := NoticeMessage{
@ -235,7 +250,8 @@ func sendPingToClient(){
 	go func() {
 		for {
 			log.Println("check online users...")
-			str,_:=json.Marshal(msg);sendStr:=string(str)
+			str, _ := json.Marshal(msg)
+			sendStr := string(str)
 			for uid, conn := range clientList {
 				err := websocket.Message.Send(conn, sendStr)
 				if err != nil {
@ -248,6 +264,7 @@ func sendPingToClient(){

 	}()
 }
+
 var clientList = make(map[string]*websocket.Conn)
 var clientNameList = make(map[string]string)
 var kefuList = make(map[string]*websocket.Conn)
--- a/controller/folder.go
+++ b/controller/folder.go
@ -9,7 +9,9 @@ import (
 	"strconv"
 	"sync"
 )
+
 const PageSize = 20
+
 //输出列表
 func ActionFolder(w http.ResponseWriter, r *http.Request) {
 	fid := tools.GetUrlArg(r, "fid")
@ -25,12 +27,14 @@ func ActionFolder(w http.ResponseWriter, r *http.Request){
 	render.Fid = fid
 	render.Display("list", render)
 }
+
 //写信界面
 func ActionWrite(w http.ResponseWriter, r *http.Request) {
 	render := tmpl.NewRender(w)
 	render.SetLeft("mail_left")
 	render.Display("write", nil)
 }
+
 //读信界面
 func ActionDetail(w http.ResponseWriter, r *http.Request) {
 	fid := tools.GetUrlArg(r, "fid")
@ -42,6 +46,7 @@ func ActionDetail(w http.ResponseWriter, r *http.Request){
 	render.Id = uint32(id)
 	render.Display("mail_detail", render)
 }
+
 //获取邮件夹接口
 func FolderDir(w http.ResponseWriter, r *http.Request) {
 	fid := tools.GetUrlArg(r, "fid")
@ -69,6 +74,7 @@ func FolderDir(w http.ResponseWriter, r *http.Request){
 	})
 	w.Write(msg)
 }
+
 //邮件夹接口
 func FoldersList(w http.ResponseWriter, r *http.Request) {
 	fid := tools.GetUrlArg(r, "fid")
@ -90,7 +96,6 @@ func FoldersList(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-
 	var wg sync.WaitGroup
 	wg.Add(2)
 	result := make(map[string]interface{})
@ -115,6 +120,7 @@ func FoldersList(w http.ResponseWriter, r *http.Request) {
 	})
 	w.Write(msg)
 }
+
 //邮件接口
 func FolderMail(w http.ResponseWriter, r *http.Request) {
 	fid := tools.GetUrlArg(r, "fid")
@ -154,6 +160,7 @@ func FolderMail(w http.ResponseWriter, r *http.Request) {
 	})
 	w.Write(msg)
 }
+
 //发送邮件接口
 func FolderSend(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("content-type", "text/json;charset=utf-8;")
--- a/controller/index.go
+++ b/controller/index.go
@ -4,6 +4,7 @@ import (
 	"github.com/taoshihan1991/imaptool/tools"
 	"net/http"
 )
+
 //首页跳转
 func ActionIndex(w http.ResponseWriter, r *http.Request) {
 	if r.URL.RequestURI() == "/favicon.ico" {
--- a/controller/login.go
+++ b/controller/login.go
@ -6,16 +6,44 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/taoshihan1991/imaptool/tools"
 	"html/template"
+	"log"
 	"net/http"
 )
+
 //验证接口
 func LoginCheckPass(c *gin.Context) {
+	authType := c.PostForm("type")
+	password := c.PostForm("password")
+	username := c.PostForm("username")
+	switch authType {
+	case "local":
+		sessionId := CheckPass(username, password)
+		userinfo := make(map[string]interface{})
+		userinfo["name"] = username
+		token, err := tools.MakeToken(userinfo)
+		log.Println(err)
+		if sessionId != "" {
+			c.JSON(200, gin.H{
+				"code": 200,
+				"msg":  "验证成功,正在跳转",
+				"result": gin.H{
+					"token": token,
+				},
+			})
+			return
+		}
+		c.JSON(200, gin.H{
+			"code": 400,
+			"msg":  "验证失败",
+		})
+	}
 }
 func ActionLogin(w http.ResponseWriter, r *http.Request) {
 	html := tools.FileGetContent("html/login.html")
 	t, _ := template.New("login").Parse(html)
 	t.Execute(w, nil)
 }
+
 //验证接口
 func LoginCheck(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("content-type", "text/json;charset=utf-8;")
--- a/controller/main.go
+++ b/controller/main.go
@ -1,10 +1,12 @@
 package controller

 import (
+	"github.com/gin-gonic/gin"
 	"github.com/taoshihan1991/imaptool/tmpl"
 	"github.com/taoshihan1991/imaptool/tools"
 	"net/http"
 )
+
 func ActionMain(w http.ResponseWriter, r *http.Request) {
 	sessionId := tools.GetCookie(r, "session_id")
 	info := AuthCheck(sessionId)
@ -15,3 +17,18 @@ func ActionMain(w http.ResponseWriter, r *http.Request){
 	render := tmpl.NewRender(w)
 	render.Display("main", render)
 }
+func MainCheckAuth(c *gin.Context) {
+	token := c.Query("token")
+	r := CheckAuth(token)
+	if !r {
+		c.JSON(200, gin.H{
+			"code": 400,
+			"msg":  "验证失败",
+		})
+	} else {
+		c.JSON(200, gin.H{
+			"code": 200,
+			"msg":  "验证成功",
+		})
+	}
+}
--- a/controller/notice.go
+++ b/controller/notice.go
@ -7,8 +7,10 @@ import (
 	"log"
 	"net/http"
 )
+
 var upgrader = websocket.Upgrader{}
 var oldFolders map[string]int
+
 //推送新邮件到达
 func PushMailServer(w http.ResponseWriter, r *http.Request) {
 	c, err := upgrader.Upgrade(w, r, nil)
--- a/controller/setting.go
+++ b/controller/setting.go
@ -10,7 +10,6 @@ import (
 	"os"
 )

-
 func ActionSetting(w http.ResponseWriter, r *http.Request) {
 	render := tmpl.NewSettingHtml(w)
 	render.SetLeft("setting_left")
--- a/controller/timer.go
+++ b/controller/timer.go
@ -10,8 +10,11 @@ import (
 	"syscall"
 	"time"
 )
+
 var osType = runtime.GOOS
+
 const expireTime = 30 * 60
+
 //检测权限文件是否过期,超过30分钟删除掉
 func TimerSessFile() {
 	go func() {
--- a/controller/timer_linux.go
+++ b/controller/timer_linux.go
@ -8,8 +8,11 @@ import (
 	"runtime"
 	"time"
 )
+
 var osType = runtime.GOOS
+
 const expireTime = 30 * 60
+
 //检测权限文件是否过期,超过30分钟删除掉
 func TimerSessFile() {
 	go func() {
--- a/go.mod
+++ b/go.mod
@ -6,6 +6,7 @@ require github.com/emersion/go-imap v1.0.4

 require (
 	github.com/axgle/mahonia v0.0.0-20180208002826-3358181d7394
+	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/emersion/go-message v0.11.2
 	github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21
 	github.com/emersion/go-smtp v0.13.0
--- a/go.sum
+++ b/go.sum
@ -9,6 +9,8 @@ github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwc
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/emersion/go-imap v1.0.4 h1:uiCAIHM6Z5Jwkma1zdNDWWXxSCqb+/xHBkHflD7XBro=
 github.com/emersion/go-imap v1.0.4/go.mod h1:yKASt+C3ZiDAiCSssxg9caIckWF/JG7ZQTO7GAmvicU=
 github.com/emersion/go-message v0.11.1/go.mod h1:C4jnca5HOTo4bGN9YdqNQM9sITuT3Y0K6bSUw9RklvY=
--- a/server.go
+++ b/server.go
@ -1,25 +1,32 @@
 package main

 import (
-	"github.com/taoshihan1991/imaptool/controller"
 	"github.com/gin-gonic/gin"
+	"github.com/taoshihan1991/imaptool/controller"
 	"github.com/taoshihan1991/imaptool/tmpl"
 	"golang.org/x/net/websocket"
 	"log"
 	"net/http"
 	"time"
 )
+
 func main() {
 	baseServer := "127.0.0.1:8080"
 	log.Println("start server...\r\ngo：http://" + baseServer)
 	engine := gin.Default()
+	engine.LoadHTMLGlob("static/html/*")
 	//登陆界面
 	engine.GET("/login", tmpl.PageLogin)
 	//咨询界面
 	engine.GET("/chat_page", tmpl.PageChat)
 	//登陆验证
 	engine.POST("/check", controller.LoginCheckPass)
-
+	//框架界面
+	engine.GET("/main", tmpl.PageMain)
+	//框架界面
+	engine.GET("/chat_main", tmpl.PageChatMain)
+	//验证权限
+	engine.GET("/check_auth", controller.MainCheckAuth)
 	//------------------old code-----------------------------
 	mux := &http.ServeMux{}
 	//根路径
--- a/static/html/login.html
+++ b/static/html/login.html
@ -160,7 +160,7 @@
                              message: data.msg,
                              type: 'success'
                            });
-                            window.location.href="/";
+                            //window.location.href="/";
                        }else{
                            _this.$message({
                              message: data.msg,
@ -195,7 +195,7 @@
                                    message: data.msg,
                                    type: 'success'
                                });
-                                window.location.href="/main";
+                                //window.location.href="/main";
                            }else{
                                _this.$message({
                                    message: data.msg,
--- a/tmpl/common.go
+++ b/tmpl/common.go
@ -1,6 +1,7 @@
 package tmpl

 import (
+	"github.com/gin-gonic/gin"
 	"github.com/taoshihan1991/imaptool/tools"
 	"html/template"
 	"net/http"
@ -13,6 +14,7 @@ type CommonHtml struct{
 	Bottom template.HTML
 	Rw     http.ResponseWriter
 }
+
 func NewRender(rw http.ResponseWriter) *CommonHtml {
 	obj := new(CommonHtml)
 	obj.Rw = rw
@ -38,3 +40,16 @@ func (obj *CommonHtml)Display(file string,data interface{}){
 	t, _ := template.New(file).Parse(main)
 	t.Execute(obj.Rw, data)
 }
+
+//登陆界面
+func PageMain(c *gin.Context) {
+	nav := tools.FileGetContent("html/nav.html")
+	c.HTML(http.StatusOK, "main.html", gin.H{
+		"Nav": template.HTML(nav),
+	})
+}
+
+//客服界面
+func PageChatMain(c *gin.Context) {
+	c.HTML(http.StatusOK, "chat_main.html", nil)
+}
--- a/tmpl/detail.go
+++ b/tmpl/detail.go
@ -7,6 +7,7 @@ type DetailHtml struct {
 	Fid string
 	Id  uint32
 }
+
 func NewDetailHtml(w http.ResponseWriter) *DetailHtml {
 	obj := new(DetailHtml)
 	parent := NewRender(w)
--- a/tmpl/folder.go
+++ b/tmpl/folder.go
@ -1,4 +1,5 @@
 package tmpl
+
 import "net/http"

 type FolderHtml struct {
@ -6,10 +7,10 @@ type FolderHtml struct {
 	CurrentPage int
 	Fid         string
 }
+
 func NewFolderHtml(w http.ResponseWriter) *FolderHtml {
 	obj := new(FolderHtml)
 	parent := NewRender(w)
 	obj.CommonHtml = parent
 	return obj
 }
-
--- a/tmpl/login.go
+++ b/tmpl/login.go
@ -6,17 +6,15 @@ import (
 	"html/template"
 	"net/http"
 )
+
 //登陆界面
 func PageLogin(c *gin.Context) {
-	html := tools.FileGetContent("html/login.html")
-	c.Header("Content-Type", "text/html; charset=utf-8")
-	c.String(200, html)
+	c.HTML(http.StatusOK, "login.html", nil)
 }
+
 //咨询界面
 func PageChat(c *gin.Context) {
-	html := tools.FileGetContent("html/chat_page.html")
-	c.Header("Content-Type", "text/html; charset=utf-8")
-	c.String(200, html)
+	c.HTML(http.StatusOK, "chat_page.html", nil)
 }
 func RenderLogin(w http.ResponseWriter, render interface{}) {
 	html := tools.FileGetContent("html/login.html")
--- a/tmpl/setting.go
+++ b/tmpl/setting.go
@ -6,6 +6,7 @@ type SettingHtml struct {
 	*CommonHtml
 	Username, Password string
 }
+
 func NewSettingHtml(w http.ResponseWriter) *SettingHtml {
 	obj := new(SettingHtml)
 	parent := NewRender(w)
--- a/tools/imap.go
+++ b/tools/imap.go
@ -63,6 +63,7 @@ func connect(server string, email string, password string) *client.Client {
 	}
 	return c
 }
+
 //获取邮件总数
 func GetMailNum(server string, email string, password string) map[string]int {
 	var c *client.Client
@ -90,6 +91,7 @@ func GetMailNum(server string, email string, password string) map[string]int {
 	}
 	return folders
 }
+
 //获取邮件夹
 func GetFolders(server string, email string, password string, folder string) map[string]int {
 	var c *client.Client
@ -221,7 +223,6 @@ func GetMessage(server string, email string, password string, folder string, id
 	// Create a new mail reader
 	mr, _ := mail.CreateReader(r)

-
 	// Print some info about the message
 	header := mr.Header
 	date, _ := header.Date()
--- a/tools/jwt.go
+++ b/tools/jwt.go
@ -0,0 +1,25 @@
+package tools
+
+import (
+	"github.com/dgrijalva/jwt-go"
+	"time"
+)
+
+const SECRET = "taoshihan"
+
+func MakeToken(obj map[string]interface{}) (string, error) {
+	obj["time"] = time.Now().Unix()
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims(obj))
+	tokenString, err := token.SignedString([]byte(SECRET))
+	return tokenString, err
+}
+func ParseToken(tokenStr string) map[string]interface{} {
+	token, err := jwt.Parse(tokenStr, func(token *jwt.Token) (i interface{}, e error) {
+		return []byte(SECRET), nil
+	})
+	if err != nil {
+		return nil
+	}
+	finToken := token.Claims.(jwt.MapClaims)
+	return finToken
+}
--- a/tools/stringutil.go
+++ b/tools/stringutil.go
@ -13,6 +13,7 @@ import (
 	"net/http"
 	"strings"
 )
+
 //获取URL的GET参数
 func GetUrlArg(r *http.Request, name string) string {
 	var arg string
@ -20,6 +21,7 @@ func GetUrlArg(r *http.Request,name string)string{
 	arg = values.Get(name)
 	return arg
 }
+
 // Reverse 将其实参字符串以符文为单位左右反转。
 func Reverse(s string) string {
 	r := []rune(s)
@ -47,6 +49,7 @@ func DetermineEncoding(html string) (encoding.Encoding, string) {
 	e, name, _ := charset.DetermineEncoding([]byte(html), "")
 	return e, name
 }
+
 //获取文件内容，可以打包到二进制
 func FileGetContent(file string) string {
 	str := ""
@ -57,6 +60,7 @@ func FileGetContent(file string) string {
 	}
 	return content
 }
+
 //md5加密
 func Md5(src string) string {
 	m := md5.New()