| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 |
- package middleware
- import (
- "github.com/gin-gonic/gin"
- "github.com/lejianwen/rustdesk-api/v2/global"
- "github.com/lejianwen/rustdesk-api/v2/service"
- )
- func RustAuth() gin.HandlerFunc {
- return func(c *gin.Context) {
- //fmt.Println(c.Request.URL, c.Request.Header)
- //获取HTTP_AUTHORIZATION
- token := c.GetHeader("Authorization")
- if token == "" {
- c.JSON(401, gin.H{
- "error": "Unauthorized",
- })
- c.Abort()
- return
- }
- if len(token) <= 7 {
- c.JSON(401, gin.H{
- "error": "Unauthorized",
- })
- c.Abort()
- return
- }
- //提取token,格式是Bearer {token}
- //这里只是简单的提取
- token = token[7:]
- //验证token
- //检查是否设置了jwt key
- if len(global.Jwt.Key) > 0 {
- uid, _ := service.AllService.UserService.VerifyJWT(token)
- if uid == 0 {
- c.JSON(401, gin.H{
- "error": "Unauthorized",
- })
- c.Abort()
- return
- }
- }
- user, ut := service.AllService.UserService.InfoByAccessToken(token)
- if user.Id == 0 {
- c.JSON(401, gin.H{
- "error": "Unauthorized",
- })
- c.Abort()
- return
- }
- if !service.AllService.UserService.CheckUserEnable(user) {
- c.JSON(401, gin.H{
- "error": "Unauthorized",
- })
- c.Abort()
- return
- }
- c.Set("curUser", user)
- c.Set("token", token)
- service.AllService.UserService.AutoRefreshAccessToken(ut)
- c.Next()
- }
- }
|
