diff --git a/api/controller/user.go b/api/controller/user.go index f61f78c..af9197c 100644 --- a/api/controller/user.go +++ b/api/controller/user.go @@ -10,6 +10,8 @@ import ( "hospital-admin-api/global" "hospital-admin-api/utils" "strconv" + "strings" + "time" ) type User struct{} @@ -226,3 +228,39 @@ func (r *User) PutUserPassword(c *gin.Context) { } responses.Ok(c) } + +// LoginOut 退出登陆 +func (b *User) LoginOut(c *gin.Context) { + userId := c.GetInt64("UserId") + if userId == 0 { + responses.FailWithMessage("用户错误", c) + return + } + + // 获取用户信息 + adminUserDao := dao.AdminUserDao{} + adminUser, err := adminUserDao.GetAdminUserFirstById(userId) + if err != nil || adminUser == nil { + responses.FailWithMessage("用户数据错误", c) + return + } + + // token加入黑名单 + authorization := c.Request.Header.Get("Authorization") + if authorization == "" || !strings.HasPrefix(authorization, "Bearer ") { + responses.FailWithMessage("退出登陆失败", c) + return + } + + // 去除Bearer + authorization = authorization[7:] // 截取字符 + + // 增加缓存 + _, err = global.Redis.Set(c, "jwt_black_"+authorization, time.Now().Unix(), 60*time.Second).Result() + if err != nil { + responses.FailWithMessage("退出登陆失败", c) + return + } + + responses.Ok(c) +} diff --git a/api/middlewares/auth.go b/api/middlewares/auth.go index de13856..3678115 100644 --- a/api/middlewares/auth.go +++ b/api/middlewares/auth.go @@ -1,6 +1,7 @@ package middlewares import ( + "fmt" "github.com/gin-gonic/gin" "hospital-admin-api/api/dao" "hospital-admin-api/api/responses" @@ -29,6 +30,8 @@ func Auth() gin.HandlerFunc { return } + fmt.Println(1111) + // 获取用户数据 adminUserDao := dao.AdminUserDao{} adminUser, err := adminUserDao.GetAdminUserFirstById(userId) @@ -65,12 +68,6 @@ func Auth() gin.HandlerFunc { return } - // 超级管理员不验证权限 - if adminRole.IsAdmin == 1 { - c.Next() - return - } - // 检测角色是否已被禁用 if adminRole.RoleStatus == 2 { responses.FailWithMessage("角色已被禁用", c) @@ -78,6 +75,12 @@ func Auth() gin.HandlerFunc { return } + // 超级管理员不验证权限 + if adminRole.IsAdmin == 1 { + c.Next() + return + } + // 获取用户部门数据 if adminUser.DeptID != 0 { adminDeptDao := dao.AdminDeptDao{} diff --git a/api/middlewares/jwt.go b/api/middlewares/jwt.go index 94a154e..dff67c6 100644 --- a/api/middlewares/jwt.go +++ b/api/middlewares/jwt.go @@ -1,11 +1,13 @@ package middlewares import ( + "fmt" "github.com/gin-gonic/gin" "hospital-admin-api/consts" "hospital-admin-api/global" "hospital-admin-api/utils" "net/http" + "strconv" "strings" ) @@ -29,6 +31,7 @@ func Jwt() gin.HandlerFunc { // 检测是否存在黑名单 res, _ := global.Redis.Get(c, "jwt_black_"+authorization).Result() + fmt.Println(res) if res != "" { c.JSON(http.StatusOK, gin.H{ "message": "token错误/过期", @@ -53,10 +56,59 @@ func Jwt() gin.HandlerFunc { return } - c.Set("UserId", t.UserId) // 用户id - c.Set("RoleId", t.RoleId) // 角色id - c.Set("DeptId", t.DeptId) // 部门id - c.Set("PostId", t.PostId) // 岗位id + // 转换类型 + userId, err := strconv.ParseInt(t.UserId, 10, 64) + if err != nil { + c.JSON(http.StatusOK, gin.H{ + "message": "token错误", + "code": consts.TOKEN_ERROR, + "data": "", + }) + + c.Abort() + return + } + + roleId, err := strconv.ParseInt(t.RoleId, 10, 64) + if err != nil { + c.JSON(http.StatusOK, gin.H{ + "message": "token错误", + "code": consts.TOKEN_ERROR, + "data": "", + }) + + c.Abort() + return + } + + deptId, err := strconv.ParseInt(t.DeptId, 10, 64) + if err != nil { + c.JSON(http.StatusOK, gin.H{ + "message": "token错误", + "code": consts.TOKEN_ERROR, + "data": "", + }) + + c.Abort() + return + } + + postId, err := strconv.ParseInt(t.PostId, 10, 64) + if err != nil { + c.JSON(http.StatusOK, gin.H{ + "message": "token错误", + "code": consts.TOKEN_ERROR, + "data": "", + }) + + c.Abort() + return + } + + c.Set("UserId", userId) // 用户id + c.Set("RoleId", roleId) // 角色id + c.Set("DeptId", deptId) // 部门id + c.Set("PostId", postId) // 岗位id c.Next() } } diff --git a/api/router/router.go b/api/router/router.go index bd36dd8..89a57ff 100644 --- a/api/router/router.go +++ b/api/router/router.go @@ -62,6 +62,7 @@ func publicRouter(r *gin.Engine, api controller.Api) { // 登陆 basicGroup.POST("login", api.Basic.Login) + } } @@ -133,6 +134,9 @@ func privateRouter(r *gin.Engine, api controller.Api) { // 修改用户密码 userGroup.PUT("/password", api.User.PutUserPassword) + + // 退出登陆 + userGroup.PUT("loginout", api.User.LoginOut) } // 接口 diff --git a/api/service/basic.go b/api/service/basic.go index 0be2a64..2a93f4b 100644 --- a/api/service/basic.go +++ b/api/service/basic.go @@ -41,24 +41,25 @@ func (b *BasicService) Login(LoginRequest requests.Login) (basicResponse.Login, } token := &utils.Token{ - UserId: adminUser.UserID, - RoleId: adminUser.RoleID, - DeptId: adminUser.DeptID, - PostId: adminUser.PostID, + UserId: strconv.FormatInt(adminUser.UserID, 10), + RoleId: strconv.FormatInt(adminUser.RoleID, 10), + DeptId: strconv.FormatInt(adminUser.DeptID, 10), + PostId: strconv.FormatInt(adminUser.PostID, 10), } + // 生成jwt jwt, err := token.NewJWT() if err != nil { return basicResponse.Login{}, errors.New("登陆失败") } - // 生成jwt result := basicResponse.Login{ UserId: strconv.FormatInt(adminUser.UserID, 10), NickName: adminUser.NickName, Avatar: adminUser.Avatar, Token: jwt, } + result.GetFullAvatar() return result, nil diff --git a/utils/jwt.go b/utils/jwt.go index 092c604..5b39dcb 100644 --- a/utils/jwt.go +++ b/utils/jwt.go @@ -7,11 +7,11 @@ import ( ) type Token struct { - UserId int64 `json:"user_id"` // 用户id - RoleId int64 `json:"role_id"` // 角色id - DeptId int64 `json:"dept_id"` // 部门id - PostId int64 `json:"post_id"` // 岗位id - jwt.RegisteredClaims // v5版本新加的方法 + UserId string `json:"user_id"` // 用户id + RoleId string `json:"role_id"` // 角色id + DeptId string `json:"dept_id"` // 部门id + PostId string `json:"post_id"` // 岗位id + jwt.RegisteredClaims // v5版本新加的方法 } // NewJWT GenerateJWT 生成JWT