SCHISANDRA/schisandra-cloud-album
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🐛 fix jwt token issue

Browse Source
This commit is contained in:
landaiqing
2024-08-20 21:45:14 +08:00
parent 1094957ea4
commit 58ca15768b
7 changed files with 26 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/oauth_api/gitee_api.go
View File

@@ -170,7 +170,7 @@ func (OAuthAPI) GiteeCallback(c *gin.Context) {
} }
Id := strconv.Itoa(giteeUser.ID) Id := strconv.Itoa(giteeUser.ID)
userSocial, err := userSocialService.QueryUserSocialByUUID(Id) userSocial, err := userSocialService.QueryUserSocialByUUID(Id, enum.OAuthSourceGitee)
if errors.Is(err, gorm.ErrRecordNotFound) { if errors.Is(err, gorm.ErrRecordNotFound) {
// 第一次登录,创建用户 // 第一次登录,创建用户
uid := idgen.NextId() uid := idgen.NextId()
@@ -220,7 +220,7 @@ func (OAuthAPI) GiteeCallback(c *gin.Context) {
formattedScript := fmt.Sprintf(script, tokenData, global.CONFIG.System.Web) formattedScript := fmt.Sprintf(script, tokenData, global.CONFIG.System.Web)
c.Data(http.StatusOK, "text/html; charset=utf-8", []byte(formattedScript)) c.Data(http.StatusOK, "text/html; charset=utf-8", []byte(formattedScript))
} else { } else {
user, err := userService.QueryUserByUsername(giteeUser.Login) user, err := userService.QueryUserById(userSocial.UserID)
if err != nil { if err != nil {
global.LOG.Error(err) global.LOG.Error(err)
return return

4
api/oauth_api/github_api.go
View File

@@ -175,7 +175,7 @@ func (OAuthAPI) Callback(c *gin.Context) {
return return
} }
Id := strconv.Itoa(gitHubUser.ID) Id := strconv.Itoa(gitHubUser.ID)
userSocial, err := userSocialService.QueryUserSocialByUUID(Id) userSocial, err := userSocialService.QueryUserSocialByUUID(Id, enum.OAuthSourceGithub)
if errors.Is(err, gorm.ErrRecordNotFound) { if errors.Is(err, gorm.ErrRecordNotFound) {
// 第一次登录,创建用户 // 第一次登录,创建用户
uid := idgen.NextId() uid := idgen.NextId()
@@ -225,7 +225,7 @@ func (OAuthAPI) Callback(c *gin.Context) {
formattedScript := fmt.Sprintf(script, tokenData, global.CONFIG.System.Web) formattedScript := fmt.Sprintf(script, tokenData, global.CONFIG.System.Web)
c.Data(http.StatusOK, "text/html; charset=utf-8", []byte(formattedScript)) c.Data(http.StatusOK, "text/html; charset=utf-8", []byte(formattedScript))
} else { } else {
user, err := userService.QueryUserByUsername(gitHubUser.Login) user, err := userService.QueryUserById(userSocial.UserID)
if err != nil { if err != nil {
global.LOG.Error(err) global.LOG.Error(err)
return return

2
api/oauth_api/wechat_api.go
View File

@@ -201,7 +201,7 @@ func wechatLoginHandler(openId string, clientId string) bool {
if openId == "" { if openId == "" {
return false return false
} }
authUserSocial, err := userSocialService.QueryUserSocialByOpenID(openId) authUserSocial, err := userSocialService.QueryUserSocialByOpenID(openId, enum.OAuthSourceWechat)
if errors.Is(err, gorm.ErrRecordNotFound) { if errors.Is(err, gorm.ErrRecordNotFound) {
uid := idgen.NextId() uid := idgen.NextId()
uidStr := strconv.FormatInt(uid, 10) uidStr := strconv.FormatInt(uid, 10)

6
api/user_api/user_api.go
View File

@@ -339,8 +339,10 @@ func (UserAPI) RefreshHandler(c *gin.Context) {
result.FailWithMessage(ginI18n.MustGetMessage(c, "LoginExpired"), c) result.FailWithMessage(ginI18n.MustGetMessage(c, "LoginExpired"), c)
return return
} }
token := redis.Get(constant.UserLoginTokenRedisKey + *parseRefreshToken.UserID).Val()
if token == "" { token, err := redis.Get(constant.UserLoginTokenRedisKey + *parseRefreshToken.UserID).Result()
if token == "" || err != nil {
global.LOG.Errorln(err)
result.FailWithMessage(ginI18n.MustGetMessage(c, "LoginExpired"), c) result.FailWithMessage(ginI18n.MustGetMessage(c, "LoginExpired"), c)
return return
} }

12
service/user_social_service/user_social_service.go
View File

@@ -17,10 +17,10 @@ func (UserSocialService) AddUserSocial(user model.ScaAuthUserSocial) error {
return nil return nil
} }
// QueryUserSocialByOpenID 根据openID查询用户信息 // QueryUserSocialByOpenID 根据openID和source查询用户信息
func (UserSocialService) QueryUserSocialByOpenID(openID string) (model.ScaAuthUserSocial, error) { func (UserSocialService) QueryUserSocialByOpenID(openID string, source string) (model.ScaAuthUserSocial, error) {
var user model.ScaAuthUserSocial var user model.ScaAuthUserSocial
result := global.DB.Where("open_id = ? and deleted = 0", openID).First(&user) result := global.DB.Where("open_id = ? and source = ? and deleted = 0", openID, source).First(&user)
if result.Error != nil { if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) { if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return model.ScaAuthUserSocial{}, result.Error return model.ScaAuthUserSocial{}, result.Error
@@ -30,10 +30,10 @@ func (UserSocialService) QueryUserSocialByOpenID(openID string) (model.ScaAuthUs
return user, nil return user, nil
} }
// QueryUserSocialByUUID 根据uuid查询用户信息 // QueryUserSocialByUUID 根据uuid和source查询用户信息
func (UserSocialService) QueryUserSocialByUUID(openID string) (model.ScaAuthUserSocial, error) { func (UserSocialService) QueryUserSocialByUUID(openID string, source string) (model.ScaAuthUserSocial, error) {
var user model.ScaAuthUserSocial var user model.ScaAuthUserSocial
result := global.DB.Where("uuid = ? and deleted = 0", openID).First(&user) result := global.DB.Where("uuid = ? and source = ? and deleted = 0", openID, source).First(&user)
if result.Error != nil { if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) { if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return model.ScaAuthUserSocial{}, result.Error return model.ScaAuthUserSocial{}, result.Error

BIN
tmp/schisandra_cloud_album_linux_linux Normal file
View File

Binary file not shown.

19
utils/jwt.go
View File

@@ -18,8 +18,11 @@ type AccessJWTPayload struct {
RoleID []*int64 `json:"role_id"` RoleID []*int64 `json:"role_id"`
Type *string `json:"type" default:"access"` Type *string `json:"type" default:"access"`
} }
type JWTClaims struct { type AccessJWTClaims struct {
AccessJWTPayload AccessJWTPayload
jwt.RegisteredClaims
}
type RefreshJWTClaims struct {
RefreshJWTPayload RefreshJWTPayload
jwt.RegisteredClaims jwt.RegisteredClaims
} }
@@ -29,7 +32,7 @@ var MySecret []byte
// GenerateAccessToken generates a JWT token with the given payload // GenerateAccessToken generates a JWT token with the given payload
func GenerateAccessToken(payload AccessJWTPayload) (string, error) { func GenerateAccessToken(payload AccessJWTPayload) (string, error) {
MySecret = []byte(global.CONFIG.JWT.Secret) MySecret = []byte(global.CONFIG.JWT.Secret)
claims := JWTClaims{ claims := AccessJWTClaims{
AccessJWTPayload: payload, AccessJWTPayload: payload,
RegisteredClaims: jwt.RegisteredClaims{ RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 2)), ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 2)),
@@ -53,10 +56,10 @@ func GenerateAccessToken(payload AccessJWTPayload) (string, error) {
// GenerateRefreshToken generates a JWT token with the given payload, and returns the accessToken and refreshToken // GenerateRefreshToken generates a JWT token with the given payload, and returns the accessToken and refreshToken
func GenerateRefreshToken(payload RefreshJWTPayload, days time.Duration) (string, int64) { func GenerateRefreshToken(payload RefreshJWTPayload, days time.Duration) (string, int64) {
MySecret = []byte(global.CONFIG.JWT.Secret) MySecret = []byte(global.CONFIG.JWT.Secret)
refreshClaims := JWTClaims{ refreshClaims := RefreshJWTClaims{
RefreshJWTPayload: payload, RefreshJWTPayload: payload,
RegisteredClaims: jwt.RegisteredClaims{ RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(time.Now().Add(days)), // 7天 ExpiresAt: jwt.NewNumericDate(time.Now().Add(days)),
IssuedAt: jwt.NewNumericDate(time.Now()), IssuedAt: jwt.NewNumericDate(time.Now()),
NotBefore: jwt.NewNumericDate(time.Now()), NotBefore: jwt.NewNumericDate(time.Now()),
Issuer: global.CONFIG.JWT.Issuer, Issuer: global.CONFIG.JWT.Issuer,
@@ -84,14 +87,14 @@ func ParseAccessToken(tokenString string) (*AccessJWTPayload, bool, error) {
global.LOG.Error(err) global.LOG.Error(err)
return nil, false, err return nil, false, err
} }
token, err := jwt.ParseWithClaims(string(plaintext), &JWTClaims{}, func(token *jwt.Token) (interface{}, error) { token, err := jwt.ParseWithClaims(string(plaintext), &AccessJWTClaims{}, func(token *jwt.Token) (interface{}, error) {
return MySecret, nil return MySecret, nil
}) })
if err != nil { if err != nil {
global.LOG.Error(err) global.LOG.Error(err)
return nil, false, err return nil, false, err
} }
if claims, ok := token.Claims.(*JWTClaims); ok && token.Valid { if claims, ok := token.Claims.(*AccessJWTClaims); ok && token.Valid {
return &claims.AccessJWTPayload, true, nil return &claims.AccessJWTPayload, true, nil
} }
return nil, false, err return nil, false, err
@@ -105,14 +108,14 @@ func ParseRefreshToken(tokenString string) (*RefreshJWTPayload, bool, error) {
global.LOG.Error(err) global.LOG.Error(err)
return nil, false, err return nil, false, err
} }
token, err := jwt.ParseWithClaims(string(plaintext), &JWTClaims{}, func(token *jwt.Token) (interface{}, error) { token, err := jwt.ParseWithClaims(string(plaintext), &RefreshJWTClaims{}, func(token *jwt.Token) (interface{}, error) {
return MySecret, nil return MySecret, nil
}) })
if err != nil { if err != nil {
global.LOG.Error(err) global.LOG.Error(err)
return nil, false, err return nil, false, err
} }
if claims, ok := token.Claims.(*JWTClaims); ok && token.Valid { if claims, ok := token.Claims.(*RefreshJWTClaims); ok && token.Valid {
return &claims.RefreshJWTPayload, true, nil return &claims.RefreshJWTPayload, true, nil
} }
return nil, false, err return nil, false, err