forked from GoAdminGroup/go-admin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.go
137 lines (112 loc) · 3.61 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
package auth
import (
"github.com/chenhg5/go-admin/context"
"github.com/chenhg5/go-admin/modules/config"
"github.com/chenhg5/go-admin/modules/connections"
"github.com/chenhg5/go-admin/plugins/admin/modules"
"golang.org/x/crypto/bcrypt"
"strconv"
"strings"
)
func Check(password string, username string) (user User, ok bool) {
admin, _ := connections.GetConnection().Query("select * from goadmin_users where username = ?", username)
if len(admin) < 1 {
ok = false
} else {
if ComparePassword(password, admin[0]["password"].(string)) {
ok = true
roleModel, _ := connections.GetConnection().Query("select r.id, r.name, r.slug from goadmin_role_users "+
"as u left join goadmin_roles as r on u.role_id = r.id where user_id = ?", admin[0]["id"])
user.ID = strconv.FormatInt(admin[0]["id"].(int64), 10)
user.Level = roleModel[0]["slug"].(string)
user.LevelName = roleModel[0]["name"].(string)
user.Name = admin[0]["name"].(string)
user.CreateAt = admin[0]["created_at"].(string)
if admin[0]["avatar"].(string) == "" || config.Get().STORE.PREFIX == "" {
user.Avatar = ""
} else {
user.Avatar = "/" + config.Get().STORE.PREFIX + "/" + admin[0]["avatar"].(string)
}
// TODO: 支持多角色
permissionModel := GetPermissions(roleModel[0]["id"])
var permissions []Permission
for i := 0; i < len(permissionModel); i++ {
var methodArr []string
if permissionModel[i]["http_method"].(string) != "" {
methodArr = strings.Split(permissionModel[i]["http_method"].(string), ",")
} else {
methodArr = []string{""}
}
permissions = append(permissions, Permission{
methodArr,
strings.Split(permissionModel[i]["http_path"].(string), "\n"),
})
}
user.Permissions = permissions
menuIdsModel, _ := connections.GetConnection().Query("select menu_id, parent_id from goadmin_role_menu left join "+
"goadmin_menu on goadmin_menu.id = goadmin_role_menu.menu_id where goadmin_role_menu.role_id = ?", roleModel[0]["id"])
var menuIds []int64
for _, mid := range menuIdsModel {
if parent_id, ok := mid["parent_id"].(int64); ok && parent_id != 0 {
for _, mid2 := range menuIdsModel {
if mid2["menu_id"].(int64) == mid["parent_id"].(int64) {
menuIds = append(menuIds, mid["menu_id"].(int64))
break
}
}
} else {
menuIds = append(menuIds, mid["menu_id"].(int64))
}
}
user.Menus = menuIds
newPwd := EncodePassword([]byte(password))
connections.GetConnection().Exec("update goadmin_users set password = ? where id = ?", newPwd, user.ID)
} else {
ok = false
}
}
return
}
func ComparePassword(comPwd, pwdHash string) bool {
err := bcrypt.CompareHashAndPassword([]byte(pwdHash), []byte(comPwd))
if err != nil {
return false
} else {
return true
}
}
func EncodePassword(pwd []byte) string {
hash, err := bcrypt.GenerateFromPassword(pwd, bcrypt.DefaultCost)
if err != nil {
return ""
}
return string(hash[:])
}
func SetCookie(ctx *context.Context, user User) bool {
InitSession(ctx).Set("user_id", user.ID)
return true
}
func DelCookie(ctx *context.Context) bool {
InitSession(ctx).Clear()
return true
}
type CSRFToken []string
var TokenHelper = new(CSRFToken)
func (token *CSRFToken) AddToken() string {
tokenStr := modules.Uuid(35)
if len(*token) == 1 && (*token)[0] == "" {
(*token)[0] = tokenStr
} else {
*token = append(*token, tokenStr)
}
return tokenStr
}
func (token *CSRFToken) CheckToken(tocheck string) bool {
for i := 0; i < len(*token); i++ {
if (*token)[i] == tocheck {
*token = append((*token)[0:i], (*token)[i:len(*token)]...)
return true
}
}
return false
}