登录与授权等

2024-01-07 15:13:35 +08:00
parent 968eab9b06
commit ec548f4256
22 changed files with 248 additions and 53 deletions
--- a/internal/api/v1/handler/admin.go
+++ b/internal/api/v1/handler/admin.go
@@ -5,12 +5,12 @@ import (
 	"mc-client-updater-server/internal/service"
 	"mc-client-updater-server/pkg/param"
 	"mc-client-updater-server/pkg/result"
+	"mc-client-updater-server/pkg/util"
+	"time"
 )

 func HandleLogin(c *gin.Context) {
-	srv := service.NewUserService(c)
 	res := result.NewResult(c)
-
 	loginParam := param.LoginParam{}
 	err := c.ShouldBindJSON(&loginParam)
 	if err != nil {
@@ -18,6 +18,62 @@ func HandleLogin(c *gin.Context) {
 		return
 	}

+	srv := service.NewUserService(c)
 	srv.Login(loginParam.Username, loginParam.Password)
-
+}
+
+func HandleGrantAdd(c *gin.Context) {
+	res := result.NewResult(c)
+	p := param.NewGrantTokenParam{}
+	err := c.ShouldBindJSON(&p)
+	if err != nil {
+		res.BadRequest()
+		return
+	}
+	if p.ExpireAt != "" {
+		isValid := util.IsSQLTimeFormat(p.ExpireAt)
+		if !isValid {
+			res.BadRequestWithMsg("请求参数错误：时间格式错误，应为2006-01-02 15:04:05格式")
+			return
+		}
+	} else {
+		if p.TTL == 0 {
+			res.BadRequestWithMsg("请求参数错误：至少提供expire_at和ttl中的一项且不为0")
+			return
+		}
+		p.ExpireAt = util.ToSQLTimeFormat(time.Now().Add(time.Duration(p.TTL) * time.Second))
+	}
+
+	srv := service.NewInstanceService(c)
+	// 验证 target -> instance(name) 是否存在
+	_, err = srv.GetInstanceByName(p.Target)
+	if err != nil {
+		res.InvalidInstance(p.Target)
+		return
+	}
+
+	grantEntity, err := srv.NewGrantToken(p.Target, p.ExpireAt)
+	if err != nil {
+		res.InternalServerError("生成授权码失败")
+		return
+	}
+	res.Success(grantEntity)
+}
+
+func HandleNewInstance(c *gin.Context) {
+	res := result.NewResult(c)
+	p := param.AddInstanceParam{}
+	err := c.ShouldBindJSON(&p)
+	if err != nil {
+		res.BadRequest()
+		return
+	}
+
+	srv := service.NewInstanceService(c)
+	inst, err := srv.AddInstance(p.Name, p.UpdateURL)
+	if err != nil {
+		res.DuplicatedValue("实例名称已存在")
+		return
+	}
+	res.Success(inst)
 }
--- a/internal/api/v1/handler/instance.go
+++ b/internal/api/v1/handler/instance.go
@@ -0,0 +1,5 @@
+package handler
+
+func HandleInstanceUpdate() {
+
+}
--- a/internal/api/v1/middleware/admin.go
+++ b/internal/api/v1/middleware/admin.go
@@ -11,7 +11,7 @@ func AdminRequired(c *gin.Context) {
 	res := result.NewResult(c)
 	authorization := c.GetHeader("Authorization")
 	if authorization == "" {
-		res.Unauthorized()
+		res.UnLogin()
 		return
 	}

--- a/internal/api/v1/middleware/grant.go
+++ b/internal/api/v1/middleware/grant.go
@@ -2,10 +2,37 @@ package middleware

 import (
 	"github.com/gin-gonic/gin"
-	"mc-client-updater-server/pkg/log"
+	"gorm.io/gorm"
+	"mc-client-updater-server/internal/service"
+	"mc-client-updater-server/pkg/result"
 )

 func GrantRequired(c *gin.Context) {
 	instName := c.Param("name")
-	log.Logger.Info(instName)
+	// 判断instance name是否存在
+	srv := service.NewInstanceService(c)
+	res := result.NewResult(c)
+	instEntity, err := srv.GetInstanceByName(instName)
+	if err == gorm.ErrRecordNotFound {
+		res.InvalidInstance(instName)
+		return
+	} else if err != nil {
+		res.InternalServerError("查询实例对象时出现错误")
+		return
+	}
+	c.Set("instance", instEntity)
+
+	// 判断grant_code是否合法
+	grantCode := c.GetHeader("GrantCode")
+	if grantCode == "" {
+		res.Unauthorized()
+		return
+	}
+	grantEntity, err := srv.GetGrantByToken(grantCode)
+	if err != nil {
+		res.Unauthorized()
+		return
+	}
+	c.Set("grant", grantEntity)
+	c.Next()
 }
--- a/internal/api/v1/router.go
+++ b/internal/api/v1/router.go
@@ -27,7 +27,7 @@ func NewRouter() *gin.Engine {
 	*/
 	inst := v1.Group("/instance/:name", middleware.GrantRequired)
 	{
-		inst.GET("/detail")
+		inst.POST("/upload", )
 	}

 	/**
@@ -37,9 +37,8 @@ func NewRouter() *gin.Engine {
 	*/
 	admin := v1.Group("/admin", middleware.AdminRequired)
 	{
-		admin.GET("/instances")
-		admin.GET("/users")
-		admin.GET("/updates")
+		admin.POST("/new_instance", handler.HandleNewInstance)
+		admin.POST("/grant/add", handler.HandleGrantAdd)
 	}

 	return r
--- a/internal/service/instance.go
+++ b/internal/service/instance.go
@@ -0,0 +1,54 @@
+package service
+
+import (
+	"github.com/gin-gonic/gin"
+	"mc-client-updater-server/pkg/dao"
+	"mc-client-updater-server/pkg/dao/entity"
+	"mc-client-updater-server/pkg/util"
+)
+
+type InstanceService struct {
+	ctx *gin.Context
+}
+
+func NewInstanceService(c *gin.Context) *InstanceService {
+	return &InstanceService{ctx: c}
+}
+
+func (s *InstanceService) AddInstance(name, updateURL string) (*entity.Instance, error) {
+	instEntity := entity.Instance{
+		Name:      name,
+		UpdateURL: updateURL,
+	}
+	tx := dao.DB().Create(&instEntity)
+	if tx.Error != nil {
+		return nil, tx.Error
+	}
+
+	tx = dao.DB().Where(&instEntity).Last(&instEntity)
+	return &instEntity, tx.Error
+}
+
+func (s *InstanceService) GetInstanceByName(name string) (*entity.Instance, error) {
+	instEntity := entity.Instance{}
+	tx := dao.DB().Where("name=?", name).Last(&instEntity)
+	return &instEntity, tx.Error
+}
+
+func (s *InstanceService) NewGrantToken(instName string, expireStr string) (*entity.Grant, error) {
+	expireAt := util.MustParseSQLTime(expireStr)
+	grantEntity := entity.Grant{GrantTo: instName, ExpireAt: expireAt, Token: util.RandStr(32)}
+	tx := dao.DB().Create(&grantEntity)
+	if tx.Error != nil {
+		return nil, tx.Error
+	}
+
+	tx = dao.DB().Where(&grantEntity).Last(&grantEntity)
+	return &grantEntity, tx.Error
+}
+
+func (s *InstanceService) GetGrantByToken(token string) (*entity.Grant, error) {
+	grantEntity := entity.Grant{}
+	tx := dao.DB().Where("token=?", token).Last(&grantEntity)
+	return &grantEntity, tx.Error
+}
--- a/internal/service/token.go
+++ b/internal/service/token.go
@@ -22,7 +22,7 @@ func (s *TokenService) VerifyToken(token string) (*entity.Token, bool) {
 	// 是否存在
 	tokenRow := s.getToken(token)
 	if tokenRow == nil {
-		res.Unauthorized()
+		res.UnLogin()
 		return nil, false
 	}
 	// 是否过期
@@ -34,8 +34,8 @@ func (s *TokenService) VerifyToken(token string) (*entity.Token, bool) {
 }

 func (s *TokenService) getToken(token string) *entity.Token {
-	tokenRow := entity.Token{Token: token}
-	tx := dao.DB().Last(&tokenRow)
+	tokenRow := entity.Token{}
+	tx := dao.DB().Where("token=?", token).Last(&tokenRow)
 	if tx.Error == gorm.ErrRecordNotFound {
 		return nil
 	}
@@ -43,8 +43,8 @@ func (s *TokenService) getToken(token string) *entity.Token {
 }

 func (s *TokenService) getTokenByUsername(username string) *entity.Token {
-	tokenRow := entity.Token{GrantTo: username}
-	tx := dao.DB().First(&tokenRow)
+	tokenRow := entity.Token{}
+	tx := dao.DB().Where("grant_to=?", username).Last(&tokenRow)
 	if tx.Error == gorm.ErrRecordNotFound {
 		return nil
 	}
--- a/internal/service/user.go
+++ b/internal/service/user.go
@@ -64,8 +64,8 @@ func (s *UserService) hasRole(role string, user *entity.User) bool {
 }

 func (s *UserService) getUserByUsername(name string) *entity.User {
-	user := entity.User{Username: name}
-	tx := dao.DB().First(&user)
+	user := entity.User{}
+	tx := dao.DB().Where("username=?", name).First(&user)
 	if tx.Error != nil {
 		return nil
 	}