first commit

2025-03-21 11:05:42 +08:00
commit 7dffc94035
1717 changed files with 724764 additions and 0 deletions
--- a/internal/middleware/manage/audit/audit.go
+++ b/internal/middleware/manage/audit/audit.go
@@ -0,0 +1,75 @@
+package audit
+
+import (
+	"context"
+	"net/http"
+	"strconv"
+	"strings"
+	"time"
+
+	db "management/internal/db/sqlc"
+	"management/internal/middleware/manage/auth"
+	systemservice "management/internal/service/system"
+
+	"github.com/zhang2092/browser"
+)
+
+func Audit(next http.Handler) http.Handler {
+	fn := func(w http.ResponseWriter, r *http.Request) {
+		start := time.Now()
+		defer func(res http.ResponseWriter, req *http.Request) {
+			// 记录审计日志
+			go writeLog(req, start)
+		}(w, r)
+		next.ServeHTTP(w, r)
+	}
+
+	return http.HandlerFunc(fn)
+}
+
+func writeLog(req *http.Request, start time.Time) {
+	end := time.Now()
+	duration := end.Sub(start)
+	var params string
+	method := req.Method
+	if method == "GET" {
+		params = req.URL.Query().Encode()
+	} else if method == "POST" {
+		contentType := req.Header.Get("Content-Type")
+		if strings.Contains(contentType, "application/json") {
+			body := make([]byte, req.ContentLength)
+			req.Body.Read(body)
+			params = string(body)
+		} else if strings.Contains(contentType, "application/x-www-form-urlencoded") {
+			params = req.Form.Encode()
+		}
+	}
+
+	ctx := req.Context()
+	au := auth.AuthUser(ctx)
+	arg := &db.CreateSysAuditLogParams{
+		CreatedAt:  time.Now(),
+		Email:      au.Email,
+		Username:   au.Username,
+		UserUuid:   au.Uuid,
+		StartAt:    start,
+		EndAt:      end,
+		Duration:   strconv.FormatInt(duration.Milliseconds(), 10),
+		Url:        req.URL.RequestURI(),
+		Method:     method,
+		Parameters: params,
+		RefererUrl: req.Header.Get("Referer"),
+		Ip:         req.RemoteAddr,
+		Remark:     "",
+	}
+	br, err := browser.NewBrowser(req.Header.Get("User-Agent"))
+	if err == nil {
+		arg.Os = br.Platform().Name()
+		arg.Browser = br.Name()
+	}
+
+	c, cancel := context.WithTimeout(context.Background(), time.Second*3)
+	defer cancel()
+
+	_ = systemservice.CreateSysAuditLog(c, arg)
+}
--- a/internal/middleware/manage/auth/authorize.go
+++ b/internal/middleware/manage/auth/authorize.go
@@ -0,0 +1,83 @@
+package auth
+
+import (
+	"context"
+	"encoding/json"
+	"net/http"
+
+	"management/internal/db/model/dto"
+	"management/internal/global/auth"
+	"management/internal/pkg/session"
+	systemservice "management/internal/service/system"
+)
+
+var defaultMenus = map[string]bool{
+	"/home.html":        true,
+	"/system/menus":     true,
+	"/upload/img":       true,
+	"/upload/file":      true,
+	"/upload/mutilfile": true,
+	"/pear.json":        true,
+}
+
+func Authorize(next http.Handler) http.Handler {
+	fn := func(w http.ResponseWriter, r *http.Request) {
+		ctx := r.Context()
+		user, ok := isLogin(ctx)
+		if !ok {
+			http.Redirect(w, r, "/", http.StatusFound)
+			return
+		}
+
+		if user == nil {
+			http.Error(w, "user not found", http.StatusUnauthorized)
+			return
+		}
+
+		// 登陆成功 判断权限
+
+		// 默认权限判断
+		path := r.URL.Path
+		if b, ok := defaultMenus[path]; ok && b {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		menus, err := systemservice.MapOwnerMenuByRoleID(ctx, user.RoleID)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		if _, ok := menus[path]; ok {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+	}
+
+	return http.HandlerFunc(fn)
+}
+
+func isLogin(ctx context.Context) (*dto.AuthorizeUser, bool) {
+	if exists := session.Exists(ctx, auth.StoreName); exists {
+		b := session.GetBytes(ctx, auth.StoreName)
+		var user dto.AuthorizeUser
+		if err := json.Unmarshal(b, &user); err != nil {
+			return nil, false
+		}
+		return &user, true
+	}
+
+	return nil, false
+}
+
+func AuthUser(ctx context.Context) dto.AuthorizeUser {
+	var user dto.AuthorizeUser
+	if exists := session.Exists(ctx, auth.StoreName); exists {
+		b := session.GetBytes(ctx, auth.StoreName)
+		_ = json.Unmarshal(b, &user)
+	}
+	return user
+}
--- a/internal/middleware/manage/nosurf/nocsrf.go
+++ b/internal/middleware/manage/nosurf/nocsrf.go
@@ -0,0 +1,11 @@
+package nosurf
+
+import (
+	"net/http"
+
+	"github.com/justinas/nosurf"
+)
+
+func NoSurf(next http.Handler) http.Handler {
+	return nosurf.New(next)
+}
--- a/internal/middleware/manage/session/session.go
+++ b/internal/middleware/manage/session/session.go
@@ -0,0 +1,11 @@
+package session
+
+import (
+	"net/http"
+
+	"management/internal/pkg/session"
+)
+
+func LoadSession(next http.Handler) http.Handler {
+	return session.LoadAndSave(next)
+}