fix
This commit is contained in:
laodaming
22
utils/ldap_lib/auth.go
Normal file
22
utils/ldap_lib/auth.go
Normal file
@@ -0,0 +1,22 @@
|
||||
package ldap_lib
|
||||
|
||||
import "github.com/zeromicro/go-zero/core/logx"
|
||||
|
||||
// 验证权限
|
||||
func (l *Ldap) VerifyAuthority(token, jwtSecret string) bool {
|
||||
info, err := l.ParseJwtToken(token, jwtSecret)
|
||||
if err != nil {
|
||||
logx.Error("解析token失败", err, "----token:", token)
|
||||
return false
|
||||
}
|
||||
//查询ldap
|
||||
userInfo, err := l.GetLdapUserInfo(info.UserDN)
|
||||
if err != nil {
|
||||
logx.Error("获取ldap用户信息失败", err, "----user_dn:", info.UserDN)
|
||||
}
|
||||
if userInfo.Status != 1 {
|
||||
return false
|
||||
}
|
||||
// TODO 查询权限组相关信息
|
||||
return true
|
||||
}
|
||||
@@ -13,14 +13,14 @@ type UserInfo struct {
|
||||
}
|
||||
|
||||
// 生成token
|
||||
func (l *Ldap) GenJwtToken(userId, expireTime int64, userDN, password string) (token string, err error) {
|
||||
func (l *Ldap) GenJwtToken(userId, expireTime int64, userDN, secret string) (token string, err error) {
|
||||
t := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
|
||||
"user_dn": userDN,
|
||||
"user_id": userId,
|
||||
"exp": time.Now().Add(time.Second * time.Duration(expireTime)).Unix(), //过期时间
|
||||
"iss": "fusen",
|
||||
})
|
||||
token, err = t.SignedString([]byte(password))
|
||||
token, err = t.SignedString([]byte(secret))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
@@ -28,13 +28,13 @@ func (l *Ldap) GenJwtToken(userId, expireTime int64, userDN, password string) (t
|
||||
}
|
||||
|
||||
// 解释token
|
||||
func (l *Ldap) ParseJwtToken(token, password string) (UserInfo, error) {
|
||||
func (l *Ldap) ParseJwtToken(token, secret string) (UserInfo, error) {
|
||||
if len(token) <= 7 || token[:7] != "Bearer " {
|
||||
return UserInfo{}, errors.New("无效的token")
|
||||
}
|
||||
token = token[7:]
|
||||
t, err := jwt.ParseWithClaims(token, jwt.MapClaims{}, func(token *jwt.Token) (interface{}, error) {
|
||||
return []byte(password), nil
|
||||
return []byte(secret), nil
|
||||
})
|
||||
if err != nil {
|
||||
return UserInfo{}, err
|
||||
@@ -49,3 +49,5 @@ func (l *Ldap) ParseJwtToken(token, password string) (UserInfo, error) {
|
||||
}
|
||||
return userInfo, nil
|
||||
}
|
||||
|
||||
//
|
||||
|
||||
Reference in New Issue
Block a user