From 89a9b21bfff58e31f660a9a37df2872451992e32 Mon Sep 17 00:00:00 2001 From: landaiqing <3517283258@qq.com> Date: Sun, 3 Nov 2024 17:13:08 +0800 Subject: [PATCH] :fire: remove token encrypt code --- middleware/casbin.go | 1 + middleware/jwt.go | 17 ++----- middleware/verify_signature.go | 10 ++-- router/router.go | 6 ++- service/impl/comment_reply_service_impl.go | 22 +++++---- utils/jwt.go | 56 +++++++++++----------- utils/session.go | 6 ++- 7 files changed, 59 insertions(+), 59 deletions(-) diff --git a/middleware/casbin.go b/middleware/casbin.go index aa9f290..b5ac65f 100644 --- a/middleware/casbin.go +++ b/middleware/casbin.go @@ -3,6 +3,7 @@ package middleware import ( ginI18n "github.com/gin-contrib/i18n" "github.com/gin-gonic/gin" + "schisandra-cloud-album/common/result" "schisandra-cloud-album/global" ) diff --git a/middleware/jwt.go b/middleware/jwt.go index 9d8dfcd..3091331 100644 --- a/middleware/jwt.go +++ b/middleware/jwt.go @@ -2,14 +2,16 @@ package middleware import ( "encoding/json" + "strings" + ginI18n "github.com/gin-contrib/i18n" "github.com/gin-gonic/gin" + "schisandra-cloud-album/common/constant" "schisandra-cloud-album/common/redis" "schisandra-cloud-album/common/result" "schisandra-cloud-album/global" "schisandra-cloud-album/utils" - "strings" ) type TokenData struct { @@ -21,7 +23,7 @@ type TokenData struct { func JWTAuthMiddleware() gin.HandlerFunc { return func(c *gin.Context) { - // 默认双Token放在请求头Authorization的Bearer中,并以空格隔开 + // 默认Token放在请求头Authorization的Bearer中,并以空格隔开 authHeader := c.GetHeader(global.CONFIG.JWT.HeaderKey) if authHeader == "" { result.FailWithCodeAndMessage(403, ginI18n.MustGetMessage(c, "AuthVerifyExpired"), c) @@ -43,17 +45,6 @@ func JWTAuthMiddleware() gin.HandlerFunc { c.Abort() return } - uid := c.GetHeader("X-UID") - if uid == "" { - result.FailWithCodeAndMessage(403, ginI18n.MustGetMessage(c, "AuthVerifyExpired"), c) - c.Abort() - return - } - if *parseToken.UserID != uid { - result.FailWithCodeAndMessage(403, ginI18n.MustGetMessage(c, "AuthVerifyExpired"), c) - c.Abort() - return - } token := redis.Get(constant.UserLoginTokenRedisKey + *parseToken.UserID).Val() if token == "" { result.FailWithCodeAndMessage(403, ginI18n.MustGetMessage(c, "AuthVerifyExpired"), c) diff --git a/middleware/verify_signature.go b/middleware/verify_signature.go index c310c2b..84ffc70 100644 --- a/middleware/verify_signature.go +++ b/middleware/verify_signature.go @@ -4,16 +4,18 @@ import ( "bytes" "crypto/md5" "encoding/hex" - ginI18n "github.com/gin-contrib/i18n" - "github.com/gin-gonic/gin" "io" "net/http" + "strconv" + "time" + + ginI18n "github.com/gin-contrib/i18n" + "github.com/gin-gonic/gin" + "schisandra-cloud-album/common/constant" "schisandra-cloud-album/common/redis" "schisandra-cloud-album/common/result" "schisandra-cloud-album/global" - "strconv" - "time" ) func VerifySignature() gin.HandlerFunc { diff --git a/router/router.go b/router/router.go index 2cdcae9..b3718c0 100644 --- a/router/router.go +++ b/router/router.go @@ -1,12 +1,14 @@ package router import ( + "time" + "github.com/gin-contrib/cors" "github.com/gin-gonic/gin" + "schisandra-cloud-album/global" "schisandra-cloud-album/middleware" "schisandra-cloud-album/router/modules" - "time" ) func InitRouter() *gin.Engine { @@ -22,7 +24,7 @@ func InitRouter() *gin.Engine { router.Use(cors.New(cors.Config{ AllowOrigins: []string{global.CONFIG.System.WebURL()}, AllowMethods: []string{"GET", "POST", "PUT", "PATCH", "DELETE", "HEAD"}, - AllowHeaders: []string{"Origin", "Content-Length", "Content-Type", "Authorization", "Accept-Language", "X-Sign", "X-Timestamp", "X-Nonce", "X-UID"}, + AllowHeaders: []string{"Origin", "Content-Length", "Content-Type", "Authorization", "Accept-Language", "X-Sign", "X-Timestamp", "X-Nonce"}, AllowCredentials: true, MaxAge: 12 * time.Hour, })) diff --git a/service/impl/comment_reply_service_impl.go b/service/impl/comment_reply_service_impl.go index 9897fea..aacde8f 100644 --- a/service/impl/comment_reply_service_impl.go +++ b/service/impl/comment_reply_service_impl.go @@ -5,9 +5,14 @@ import ( "encoding/base64" "encoding/json" "fmt" + "strconv" + "sync" + "time" + "github.com/acmestack/gorm-plus/gplus" "go.mongodb.org/mongo-driver/bson" "go.mongodb.org/mongo-driver/mongo" + "schisandra-cloud-album/common/constant" "schisandra-cloud-album/common/enum" "schisandra-cloud-album/common/redis" @@ -16,9 +21,6 @@ import ( "schisandra-cloud-album/model" "schisandra-cloud-album/mq" "schisandra-cloud-album/utils" - "strconv" - "sync" - "time" ) var commentReplyDao = impl.CommentReplyDaoImpl{} @@ -404,17 +406,17 @@ func (CommentReplyServiceImpl) GetCommentListService(uid string, topicId string, } likeMap[commentId] = exists // `exists` 为 true 则表示已点赞,false 则表示未点赞 } - //queryLike, l := gplus.NewQuery[model.ScaCommentLikes]() - //queryLike.Eq(&l.TopicId, topicId).Eq(&l.UserId, uid).In(&l.CommentId, commentIds) - //likes, likesDB := gplus.SelectList(queryLike) - //if likesDB.Error != nil { + // queryLike, l := gplus.NewQuery[model.ScaCommentLikes]() + // queryLike.Eq(&l.TopicId, topicId).Eq(&l.UserId, uid).In(&l.CommentId, commentIds) + // likes, likesDB := gplus.SelectList(queryLike) + // if likesDB.Error != nil { // global.LOG.Errorln(likesDB.Error) // return - //} - //for _, like := range likes { + // } + // for _, like := range likes { // likeMap[like.CommentId] = true // _ = redis.SAdd(redisKey, like.CommentId) - //} + // } } }() diff --git a/utils/jwt.go b/utils/jwt.go index b7a89d5..17e5866 100644 --- a/utils/jwt.go +++ b/utils/jwt.go @@ -1,11 +1,11 @@ package utils import ( - "fmt" - "github.com/golang-jwt/jwt/v5" - "github.com/wumansgy/goEncrypt/aes" - "schisandra-cloud-album/global" "time" + + "github.com/golang-jwt/jwt/v5" + + "schisandra-cloud-album/global" ) type RefreshJWTPayload struct { @@ -39,15 +39,15 @@ func GenerateAccessToken(payload AccessJWTPayload) (string, error) { }, } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) - signedString, err := token.SignedString(MySecret) + accessToken, err := token.SignedString(MySecret) if err != nil { return "", err } - accessToken, err := aes.AesCtrEncryptHex([]byte(signedString), []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV)) - if err != nil { - fmt.Println(err) - return "", err - } + // accessToken, err := aes.AesCtrEncryptHex([]byte(signedString), []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV)) + // if err != nil { + // fmt.Println(err) + // return "", err + // } return accessToken, nil } @@ -69,23 +69,23 @@ func GenerateRefreshToken(payload RefreshJWTPayload, days time.Duration) (string global.LOG.Error(err) return "", 0 } - refreshTokenEncrypted, err := aes.AesCtrEncryptHex([]byte(refreshTokenString), []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV)) - if err != nil { - fmt.Println(err) - return "", 0 - } - return refreshTokenEncrypted, refreshClaims.ExpiresAt.Time.Unix() + // refreshTokenEncrypted, err := aes.AesCtrEncryptHex([]byte(refreshTokenString), []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV)) + // if err != nil { + // fmt.Println(err) + // return "", 0 + // } + return refreshTokenString, refreshClaims.ExpiresAt.Time.Unix() } // ParseAccessToken parses a JWT token and returns the payload func ParseAccessToken(tokenString string) (*AccessJWTPayload, bool, error) { MySecret = []byte(global.CONFIG.JWT.Secret) - plaintext, err := aes.AesCtrDecryptByHex(tokenString, []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV)) - if err != nil { - global.LOG.Error(err) - return nil, false, err - } - token, err := jwt.ParseWithClaims(string(plaintext), &AccessJWTClaims{}, func(token *jwt.Token) (interface{}, error) { + // plaintext, err := aes.AesCtrDecryptByHex(tokenString, []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV)) + // if err != nil { + // global.LOG.Error(err) + // return nil, false, err + // } + token, err := jwt.ParseWithClaims(tokenString, &AccessJWTClaims{}, func(token *jwt.Token) (interface{}, error) { return MySecret, nil }) if err != nil { @@ -100,12 +100,12 @@ func ParseAccessToken(tokenString string) (*AccessJWTPayload, bool, error) { // ParseRefreshToken parses a JWT token and returns the payload func ParseRefreshToken(tokenString string) (*RefreshJWTPayload, bool, error) { MySecret = []byte(global.CONFIG.JWT.Secret) - plaintext, err := aes.AesCtrDecryptByHex(tokenString, []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV)) - if err != nil { - global.LOG.Error(err) - return nil, false, err - } - token, err := jwt.ParseWithClaims(string(plaintext), &RefreshJWTClaims{}, func(token *jwt.Token) (interface{}, error) { + // plaintext, err := aes.AesCtrDecryptByHex(tokenString, []byte(global.CONFIG.Encrypt.Key), []byte(global.CONFIG.Encrypt.IV)) + // if err != nil { + // global.LOG.Error(err) + // return nil, false, err + // } + token, err := jwt.ParseWithClaims(tokenString, &RefreshJWTClaims{}, func(token *jwt.Token) (interface{}, error) { return MySecret, nil }) if err != nil { diff --git a/utils/session.go b/utils/session.go index 394448f..d1790e2 100644 --- a/utils/session.go +++ b/utils/session.go @@ -2,9 +2,11 @@ package utils import ( "encoding/json" - "github.com/gin-gonic/gin" - "schisandra-cloud-album/global" "time" + + "github.com/gin-gonic/gin" + + "schisandra-cloud-album/global" ) // ResponseData 返回数据