♻️ reconstruct the authentication mode

2024-12-21 13:01:10 +08:00
parent f213644aa9
commit 462e811742
25 changed files with 371 additions and 77 deletions
--- a/app/core/api/internal/middleware/authorization_middleware.go
+++ b/app/core/api/internal/middleware/authorization_middleware.go
@@ -1,29 +1,40 @@
 package middleware

 import (
-	"github.com/redis/go-redis/v9"
+	"github.com/zeromicro/go-zero/core/logx"
 	"github.com/zeromicro/go-zero/rest/httpx"
 	"net/http"
-	"schisandra-album-cloud-microservices/app/core/api/common/constant"
 	"schisandra-album-cloud-microservices/app/core/api/common/response"
+	"strconv"
+	"time"
 )

 type AuthorizationMiddleware struct {
-	Redis *redis.Client
 }

-func NewAuthorizationMiddleware(redis *redis.Client) *AuthorizationMiddleware {
-	return &AuthorizationMiddleware{
-		Redis: redis,
-	}
+func NewAuthorizationMiddleware() *AuthorizationMiddleware {
+	return &AuthorizationMiddleware{}
 }

 func (m *AuthorizationMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		userId := r.Context().Value("user_id").(string)
-		redisToken := m.Redis.Get(r.Context(), constant.UserTokenPrefix+userId).Val()
-		if redisToken == "" {
-			httpx.OkJson(w, response.ErrorWithCodeMessage(403, "unauthorized"))
+		expireAtStr := r.Header.Get("X-Expire-At")
+		if expireAtStr == "" {
+			httpx.OkJson(w, response.ErrorWithCodeMessage(http.StatusForbidden, "unauthorized"))
+			return
+		}
+		expireAtInt, err := strconv.ParseInt(expireAtStr, 10, 64)
+		if err != nil {
+			logx.Errorf("Failed to parse X-Expire-At: %v", err)
+			httpx.OkJson(w, response.ErrorWithCodeMessage(http.StatusForbidden, "unauthorized"))
+			return
+		}
+		expireAt := time.Unix(expireAtInt, 0)
+		currentTime := time.Now()
+
+		remainingTime := expireAt.Sub(currentTime)
+		if remainingTime < time.Minute*5 {
+			httpx.OkJson(w, response.ErrorWithCodeMessage(http.StatusUnauthorized, "token about to expire, refresh"))
 			return
 		}
 		next(w, r)
--- a/app/core/api/internal/middleware/nonce_middleware.go
+++ b/app/core/api/internal/middleware/nonce_middleware.go
@@ -0,0 +1,44 @@
+package middleware
+
+import (
+	"github.com/redis/go-redis/v9"
+	"github.com/zeromicro/go-zero/rest/httpx"
+	"net/http"
+	"schisandra-album-cloud-microservices/app/core/api/common/constant"
+	"time"
+)
+
+type NonceMiddleware struct {
+	RedisClient *redis.Client
+}
+
+func NewNonceMiddleware(redisClient *redis.Client) *NonceMiddleware {
+	return &NonceMiddleware{
+		RedisClient: redisClient,
+	}
+}
+
+func (m *NonceMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		nonce := r.Header.Get("X-Nonce")
+		if nonce == "" {
+			httpx.WriteJsonCtx(r.Context(), w, http.StatusBadRequest, "bad request!")
+			return
+		}
+		if len(nonce) != 32 {
+			httpx.WriteJsonCtx(r.Context(), w, http.StatusBadRequest, "bad request!")
+			return
+		}
+		result := m.RedisClient.Get(r.Context(), constant.SystemApiNoncePrefix+nonce).Val()
+		if result != "" {
+			httpx.WriteJsonCtx(r.Context(), w, http.StatusBadRequest, "bad request!")
+			return
+		}
+		err := m.RedisClient.Set(r.Context(), constant.SystemApiNoncePrefix+nonce, nonce, time.Minute*1).Err()
+		if err != nil {
+			httpx.WriteJsonCtx(r.Context(), w, http.StatusInternalServerError, "internal server error!")
+			return
+		}
+		next(w, r)
+	}
+}