pricing/app/fns.go

package app

import (
	"context"
	"errors"
	"github.com/go-chi/jwtauth/v5"
	"github.com/lestrrat-go/jwx/v2/jwt"
	"github.com/rs/xid"
	"golang.org/x/crypto/bcrypt"
	"gorm.io/gorm"
	"net/http"
	"time"
)

func HashPassword(password string) (string, error) {
	bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
	return string(bytes), err
}

func CheckPasswordHash(password, hash string) bool {
	err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
	return err == nil
}

func GenerateAuthToken(r *Request, uid uint) (*UserToken, error) {
	code := xid.New().String()

	rawToken, err := jwt.NewBuilder().
		//Audience().
		Expiration(time.Now().Add(time.Hour*24)).
		Issuer(r.URL.Hostname()).
		IssuedAt(time.Now()).
		//JwtID().
		//NotBefore().
		//Subject().
		Claim("code", code).
		Build()
	if err != nil {
		return nil, err
	}

	claims, err := rawToken.AsMap(r.Context())
	if err != nil {
		return nil, err
	}

	_, accessToken, err := tokenAuth.Encode(claims)
	if err != nil {
		return nil, NewError(1, "生成授权令牌失败")
	}

	if err = rawToken.Set(jwt.ExpirationKey, time.Now().Add(time.Hour*24*30)); err != nil {
		return nil, err
	}
	if claims, err = rawToken.AsMap(r.Context()); err != nil {
		return nil, err
	}
	_, refreshToken, err := tokenAuth.Encode(claims)
	if err != nil {
		return nil, NewError(1, "生成刷新令牌失败")
	}

	return &UserToken{
		Code:         code,
		UserID:       uid,
		AccessToken:  accessToken,
		RefreshToken: refreshToken,
		CreatedAt:    time.Now(),
	}, nil
}

func AuthInfo(r *Request) (*UserToken, error) {
	token, _, err := jwtauth.FromContext(r.Context())
	if err != nil {
		return nil, err
	}

	code, ok := token.Get("code")
	if !ok {
		return nil, ErrInvalidToken
	}
	if _, ok = code.(string); !ok {
		return nil, ErrInvalidToken
	}

	var ut UserToken
	err = DB.Model(&UserToken{}).Preload("User").First(&ut, "code = ?", code).Error
	if err != nil {
		if errors.Is(err, gorm.ErrRecordNotFound) {
			return nil, ErrInvalidToken
		}
		return nil, err
	}

	return &ut, nil
}

var ErrInvalidToken = &Error{
	Status:  http.StatusForbidden,
	Code:    401,
	Message: "错误令牌",
}

func UserTokenFromContext(ctx context.Context) (*UserToken, bool) {
	ut, ok := ctx.Value("USER_TOKEN").(*UserToken)
	return ut, ok
}

func CheckAuthToken(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		token, _, _ := jwtauth.FromContext(r.Context())
		if code, ok := token.Get("code"); !ok {
			NewResponseWriter(w).Error(ErrInvalidToken)
		} else if codeString, ok := code.(string); !ok {
			NewResponseWriter(w).Error(ErrInvalidToken)
		} else if _, err := xid.FromString(codeString); err != nil {
			NewResponseWriter(w).Error(ErrInvalidToken)
		} else {
			var ut UserToken
			err = DB.Model(&UserToken{}).Preload("User").First(&ut, "code = ?", codeString).Error
			if err != nil {
				NewResponseWriter(w).Error(ErrInvalidToken)
			} else {
				ctx := context.WithValue(r.Context(), "USER_TOKEN", &ut)
				next.ServeHTTP(w, r.WithContext(ctx))
			}
		}
	})
}
feat: :sparkles: 新增函数工具 2 years ago			`package app`

feat: :sparkles: 支持刷新令牌 2 years ago			`import (`
feat: :sparkles: 支持管理员角色 2 years ago			`"context"`
feat: :sparkles: 支持刷新令牌 2 years ago			`"errors"`
			`"github.com/go-chi/jwtauth/v5"`
			`"github.com/lestrrat-go/jwx/v2/jwt"`
			`"github.com/rs/xid"`
			`"golang.org/x/crypto/bcrypt"`
			`"gorm.io/gorm"`
			`"net/http"`
			`"time"`
			`)`
feat: :sparkles: 新增函数工具 2 years ago
			`func HashPassword(password string) (string, error) {`
			`bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)`
			`return string(bytes), err`
			`}`

			`func CheckPasswordHash(password, hash string) bool {`
			`err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))`
			`return err == nil`
			`}`
feat: :sparkles: 支持刷新令牌 2 years ago
			`func GenerateAuthToken(r Request, uid uint) (UserToken, error) {`
			`code := xid.New().String()`

			`rawToken, err := jwt.NewBuilder().`
			`//Audience().`
			`Expiration(time.Now().Add(time.Hour*24)).`
			`Issuer(r.URL.Hostname()).`
			`IssuedAt(time.Now()).`
			`//JwtID().`
			`//NotBefore().`
			`//Subject().`
			`Claim("code", code).`
			`Build()`
			`if err != nil {`
			`return nil, err`
			`}`

			`claims, err := rawToken.AsMap(r.Context())`
			`if err != nil {`
			`return nil, err`
			`}`

			`_, accessToken, err := tokenAuth.Encode(claims)`
			`if err != nil {`
			`return nil, NewError(1, "生成授权令牌失败")`
			`}`

			`if err = rawToken.Set(jwt.ExpirationKey, time.Now().Add(time.Hour2430)); err != nil {`
			`return nil, err`
			`}`
			`if claims, err = rawToken.AsMap(r.Context()); err != nil {`
			`return nil, err`
			`}`
			`_, refreshToken, err := tokenAuth.Encode(claims)`
			`if err != nil {`
			`return nil, NewError(1, "生成刷新令牌失败")`
			`}`

			`return &UserToken{`
			`Code: code,`
feat: :sparkles: 支持管理员角色 2 years ago			`UserID: uid,`
feat: :sparkles: 支持刷新令牌 2 years ago			`AccessToken: accessToken,`
			`RefreshToken: refreshToken,`
			`CreatedAt: time.Now(),`
			`}, nil`
			`}`

feat: :sparkles: 支持管理员角色 2 years ago			`func AuthInfo(r Request) (UserToken, error) {`
feat: :sparkles: 支持刷新令牌 2 years ago			`token, _, err := jwtauth.FromContext(r.Context())`
			`if err != nil {`
feat: :sparkles: 支持管理员角色 2 years ago			`return nil, err`
feat: :sparkles: 支持刷新令牌 2 years ago			`}`

			`code, ok := token.Get("code")`
			`if !ok {`
feat: :sparkles: 支持管理员角色 2 years ago			`return nil, ErrInvalidToken`
feat: :sparkles: 支持刷新令牌 2 years ago			`}`
			`if _, ok = code.(string); !ok {`
feat: :sparkles: 支持管理员角色 2 years ago			`return nil, ErrInvalidToken`
feat: :sparkles: 支持刷新令牌 2 years ago			`}`

			`var ut UserToken`
feat: :sparkles: 支持管理员角色 2 years ago			`err = DB.Model(&UserToken{}).Preload("User").First(&ut, "code = ?", code).Error`
			`if err != nil {`
feat: :sparkles: 支持刷新令牌 2 years ago			`if errors.Is(err, gorm.ErrRecordNotFound) {`
feat: :sparkles: 支持管理员角色 2 years ago			`return nil, ErrInvalidToken`
feat: :sparkles: 支持刷新令牌 2 years ago			`}`
feat: :sparkles: 支持管理员角色 2 years ago			`return nil, err`
feat: :sparkles: 支持刷新令牌 2 years ago			`}`

feat: :sparkles: 支持管理员角色 2 years ago			`return &ut, nil`
			`}`

			`var ErrInvalidToken = &Error{`
			`Status: http.StatusForbidden,`
			`Code: 401,`
			`Message: "错误令牌",`
			`}`

feat: :sparkles: 新增获取登录用户信息函数 2 years ago			`func UserTokenFromContext(ctx context.Context) (*UserToken, bool) {`
			`ut, ok := ctx.Value("USER_TOKEN").(*UserToken)`
			`return ut, ok`
			`}`

feat: :sparkles: 支持管理员角色 2 years ago			`func CheckAuthToken(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`token, _, _ := jwtauth.FromContext(r.Context())`
			`if code, ok := token.Get("code"); !ok {`
			`NewResponseWriter(w).Error(ErrInvalidToken)`
			`} else if codeString, ok := code.(string); !ok {`
			`NewResponseWriter(w).Error(ErrInvalidToken)`
			`} else if _, err := xid.FromString(codeString); err != nil {`
			`NewResponseWriter(w).Error(ErrInvalidToken)`
			`} else {`
			`var ut UserToken`
feat: :sparkles: 中间件校验时预加载用户信息 2 years ago			`err = DB.Model(&UserToken{}).Preload("User").First(&ut, "code = ?", codeString).Error`
feat: :sparkles: 支持管理员角色 2 years ago			`if err != nil {`
			`NewResponseWriter(w).Error(ErrInvalidToken)`
			`} else {`
			`ctx := context.WithValue(r.Context(), "USER_TOKEN", &ut)`
			`next.ServeHTTP(w, r.WithContext(ctx))`
			`}`
			`}`
			`})`
feat: :sparkles: 支持刷新令牌 2 years ago			`}`