81 lines
1.7 KiB
Go
81 lines
1.7 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"net/http"
|
|
|
|
"management/internal/db/model/dto"
|
|
systemservice "management/internal/service/system"
|
|
)
|
|
|
|
var defaultMenus = map[string]bool{
|
|
"/home.html": true,
|
|
"/system/menus": true,
|
|
"/upload/img": true,
|
|
"/upload/file": true,
|
|
"/upload/mutilfile": true,
|
|
"/pear.json": true,
|
|
}
|
|
|
|
func Authorize(next http.Handler) http.Handler {
|
|
fn := func(w http.ResponseWriter, r *http.Request) {
|
|
ctx := r.Context()
|
|
user, ok := isLogin(ctx)
|
|
if !ok {
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
|
return
|
|
}
|
|
|
|
if user == nil {
|
|
http.Error(w, "user not found", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
// 登陆成功 判断权限
|
|
|
|
// 默认权限判断
|
|
path := r.URL.Path
|
|
if b, ok := defaultMenus[path]; ok && b {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
|
|
menus, err := systemservice.MapOwnerMenuByRoleID(ctx, user.RoleID)
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
if _, ok := menus[path]; ok {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
|
|
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
|
}
|
|
|
|
return http.HandlerFunc(fn)
|
|
}
|
|
|
|
func isLogin(ctx context.Context) (*dto.AuthorizeUser, bool) {
|
|
// if exists := session.Exists(ctx, auth.StoreName); exists {
|
|
// b := session.GetBytes(ctx, auth.StoreName)
|
|
// var user dto.AuthorizeUser
|
|
// if err := json.Unmarshal(b, &user); err != nil {
|
|
// return nil, false
|
|
// }
|
|
// return &user, true
|
|
// }
|
|
|
|
return nil, false
|
|
}
|
|
|
|
func AuthUser(ctx context.Context) dto.AuthorizeUser {
|
|
var user dto.AuthorizeUser
|
|
// if exists := session.Exists(ctx, auth.StoreName); exists {
|
|
// b := session.GetBytes(ctx, auth.StoreName)
|
|
// _ = json.Unmarshal(b, &user)
|
|
// }
|
|
return user
|
|
}
|