zero-doc/docs/zero/中间件使用.md

中间件使用

概要

jwt携带用户id信息 jwt 用户信息与header用户信息校验

修改jwt token生成逻辑

编辑loginlogic.go,将getJwtToken方法中添加userId参数，并将其添加到jwt token生成逻辑中，变更内容如下

getJwtToken方法

func (l *LoginLogic) getJwtToken(secretKey string, iat, seconds, userId int64) (string, error) {
	...
	claims["userId"] = userId 
	...
}

Login方法

func (l *LoginLogic) Login(req types.LoginReq) (*types.UserReply, error) {
	...
		jwtToken, err := l.getJwtToken(l.svcCtx.Config.Auth.AccessSecret, now, accessExpire, userInfo.Id)
    ...
}

添加中间件

添加middleware文件夹，并新建usercheckmiddleware.go

$ cd book/user/api/internal
$ mkdir middleware && cd middleware
$ touch usercheckmiddleware.go

修改user.api文件

在/user/info路由所在service上添加middleware标识，然后重新生成代码

...

@server(
	jwt: Auth
	middleware: UserCheck
)
service user-api {
	@handler userInfo
	get /user/info () returns (UserReply)
}

填充ServiceContext

$ vi ~/book/user/api/internal/svc/servicecontext.go

package svc

import (
	"book/user/api/internal/config"
	"book/user/api/internal/middleware"
	"book/user/model"

	"github.com/tal-tech/go-zero/core/stores/sqlx"
	"github.com/tal-tech/go-zero/rest"
)

type ServiceContext struct {
	Config    config.Config
	UserModel model.UserModel
	UserCheck rest.Middleware
}

func NewServiceContext(c config.Config) *ServiceContext {
	conn := sqlx.NewMysql(c.Mysql.DataSource)
	um := model.NewUserModel(conn)
	return &ServiceContext{
		Config:    c,
		UserModel: um,
		UserCheck: middleware.NewUserCheckMiddleware().Handle,
	}
}

填充中间件逻辑

usercheckmiddleware.go

package middleware

import (
	"encoding/json"
	"errors"
	"fmt"
	"net/http"

	"github.com/tal-tech/go-zero/rest/httpx"
)

var (
	errorUserInfo = errors.New("用户信息获取失败")
	authDeny      = errors.New("用户信息不一致")
)

const userKey = `x-user-id`

type UserCheckMiddleware struct {
}

func NewUserCheckMiddleware() *UserCheckMiddleware {
	return &UserCheckMiddleware{}
}

func (m *UserCheckMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		userId := r.Header.Get(userKey)
		jwtUserId := r.Context().Value("userId")
		userInt, err := json.Number(userId).Int64()
		if err != nil {
			httpx.Error(w, errorUserInfo)
			return
		}

		jwtInt, err := json.Number(fmt.Sprintf("%v", jwtUserId)).Int64()
		if err != nil {
			httpx.Error(w, errorUserInfo)
			return
		}

		if jwtInt != userInt {
			httpx.Error(w, authDeny)
			return
		}

		next(w, r)
	}
}

验证

$ curl -X GET \
  http://127.0.0.1:8888/user/info \
  -H 'authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDM2NDA5NTMsImlhdCI6MTYwMzU1NDU1MywidXNlcklkIjoxfQ.clyoXd7_5AJLJ_y41Wc8g9nmzvmO2qPYu_JIODK_RAQ' \
  -H 'x-user-id: 2'