1:添加认证登录接口IAuth;2:添加默认认证对象LightAuth;3:启动第三方认证时，根据请求的hostname调用对应的认证对象

controllers/partial/SsoController.go

@@ -2,13 +2,15 @@ package partial
 
 import (
 	"fmt"
+	"git.qianqiusoft.com/qianqiusoft/light-apiengine/config"
 	"git.qianqiusoft.com/qianqiusoft/light-apiengine/entitys"
 	"git.qianqiusoft.com/qianqiusoft/light-apiengine/logs"
 	sysmodel "git.qianqiusoft.com/qianqiusoft/light-apiengine/models"
 	sysutils "git.qianqiusoft.com/qianqiusoft/light-apiengine/utils"
-	"strconv"
+	"git.qianqiusoft.com/qianqiusoft/light-apiengine/utils/auth"
+	"regexp"
 	"strings"
-	"time"
+
 	//"git.qianqiusoft.com/qianqiusoft/light-apiengine/models"
 )
 
@@ -19,51 +21,13 @@ import (
 // @Success 200 {object} Account
 // @Failure 403 :id is empty
 func Sso_Login(c *entitys.CtrlContext) {
-	var logininfo sysmodel.LoginInfo
-	c.Ctx.BindJSON(&logininfo)
-	//fmt.Println(logininfo)
-	var user sysmodel.SysUser
-	ret, err := c.PlatformDbEngine.SQL(sysmodel.SqlUserLogin, logininfo.Account).Get(&user)
-	if ret && err == nil {
-		//TODO check password
-		timestamp := uint64(time.Now().UnixNano())
-		md5Pwd := sysutils.HashPassword(logininfo.Password, "")
-		//密码错误
-		if !strings.EqualFold(user.Password, md5Pwd) {
-			c.Ctx.JSON(200, sysmodel.SysReturn{400, "password incorrect!", nil})
-			return
-		}
-		token := &entitys.Token{}
-		timestamp_str := strconv.FormatUint(timestamp, 10)
-		sec_tooken := sysutils.GenerateToken(logininfo.Account + timestamp_str)
-		if v := sysutils.GetGlobalTokenStore().Get(sec_tooken); v == nil {
-			token.AccessToken = sec_tooken
-			token.RefreshToken = sec_tooken
-			token.LoginID = logininfo.Account
-			token.UserId = user.Id
-			token.Result = 200
-			//token.Password = pwd
-			token.ServerIp = ""
-			token.Domain = user.Domain
-			sysutils.GetGlobalTokenStore().Set(sec_tooken, token)
-			//sysutils.GetGlobalTokenStore().Set(token.LoginID+user.Domain, token)
-		} else {
-			token = v
-		}
-		data := sysmodel.LoginReturnInfo{}
-		data.Id = user.Id
-		data.LoginId = user.LoginId
-		data.Name = user.Name
-		data.Mobile = user.Mobile
-		data.Email = user.Email
-		data.Token = token.AccessToken
-		data.Type = user.Type
-		data.Domain = user.Domain
-		c.Ctx.JSON(200, sysmodel.SysReturn{200, "", data})
-	} else {
-		//fmt.Println(err.Error())
-		c.Ctx.JSON(200, sysmodel.SysReturn{400, "username or password incorrect!", nil})
+	iauth := getAuth(c)
+	if iauth == nil{
+		hostname := sysutils.GetHostname(c.Ctx)
+		c.Ctx.JSON(500, sysmodel.SysReturn{500, "iauth of " + hostname + " is nil", nil})
+		return
 	}
+	iauth.Login(c)
 }
 
 // _Logout
@@ -72,16 +36,13 @@ func Sso_Login(c *entitys.CtrlContext) {
 // @Success 200 {object} Account
 // @Failure 403 :id is empty
 func Sso_Logout(c *entitys.CtrlContext) {
-
-	token := c.Ctx.GetHeader("token")
-	fmt.Println("delete token: ", token)
-	sysutils.GetGlobalTokenStore().Remove(token)
-	ret := __none_func_sso__()
-	if ret {
-		c.Ctx.JSON(200, sysmodel.SysReturn{200, "", nil})
-	} else {
-		c.Ctx.JSON(500, sysmodel.SysReturn{500, "", nil})
+	iauth := getAuth(c)
+	if iauth == nil{
+		hostname := sysutils.GetHostname(c.Ctx)
+		c.Ctx.JSON(500, sysmodel.SysReturn{500, "iauth of " + hostname + " is nil", nil})
+		return
 	}
+	iauth.Logout(c)
 }
 
 func Sso_Validate(c *entitys.CtrlContext) {
@@ -130,6 +91,57 @@ func Sso_TokenValidate(c *entitys.CtrlContext) {
 	c.Ctx.JSON(200, user)
 }
 
+
+
+func getAuth(c *entitys.CtrlContext)auth.IAuth{
+	var iauth auth.IAuth = nil
+	authMode := config.AppConfig.GetKey("auth_mode")
+	if authMode == "local"{
+		iauth = auth.GetAuth("qianqiusoft.com")
+	}else{
+		hostname := sysutils.GetHostname(c.Ctx)
+		tld := getTLD(hostname)
+		fmt.Println("------>hostname", hostname, "tld", tld)
+		iauth = auth.GetAuth(hostname)
+		if iauth == nil{
+			iauth = auth.GetAuth(tld)
+		}
+	}
+	return iauth
+}
+
+/**
+* @brief: 获取一级域名
+× @param1 hostname: 请求名称
+*/
+func getTLD(hostname string)string{
+	patternstr := `(2(5[0-5]{1}|[0-4]\d{1})|[0-1]?\d{1,2})(\.(2(5[0-5]{1}|[0-4]\d{1})|[0-1]?\d{1,2})){3}`
+	reg := regexp.MustCompile(patternstr)
+	if res := reg.FindAllString(hostname, -1); res == nil {
+		size := 0
+		if strings.HasSuffix(hostname, "gov.cn") || strings.HasSuffix(hostname, "edu.cn"){
+			size = 3
+		}else{
+			size = 2
+		}
+		hnarr := strings.Split(hostname, ".")
+
+		if len(hnarr) >= size{
+			tld := hnarr[len(hnarr) - size]
+			for i := size - 1; i >= 1; i--{
+				tld += "." + hnarr[len(hnarr) - i]
+			}
+			return tld
+		}else{
+			// 少于两个的直接返回
+			return hostname
+		}
+	} else {
+		// 直接返回ip
+		return hostname
+	}
+}
+
 func __none_func_sso__(params ...interface{}) bool {
 	return true
 }

utils/auth/auth.go

@@ -0,0 +1,95 @@
+package auth
+
+import(
+	"git.qianqiusoft.com/qianqiusoft/light-apiengine/entitys"
+	sysmodel "git.qianqiusoft.com/qianqiusoft/light-apiengine/models"
+	sysutils "git.qianqiusoft.com/qianqiusoft/light-apiengine/utils"
+	"strconv"
+	"time"
+)
+
+type IAuth interface {
+	Init()
+	Login(*entitys.CtrlContext)
+	Logout(*entitys.CtrlContext)
+}
+
+var iauthMap map[string]IAuth
+
+func init(){
+	iauthMap = make(map[string]IAuth)
+}
+
+/**
+ * @brief: 注册自定登录对象, 会调用Init进行初始化
+ * @param1 t: key
+ * @param2 a: 认证对象
+ * @return none
+ */
+func RegisterAuth(t string, a IAuth){
+	if t == "" || a == nil{
+		return
+	}
+
+	var ok bool
+	if _, ok = iauthMap[t]; ok{
+		return
+	}else{
+		a.Init()
+		iauthMap[t] = a
+	}
+}
+
+/**
+ * @brief: 获取认证对象
+ * @param1 t: key
+ * @return1 认证对象
+ */
+func GetAuth(t string)IAuth{
+	var iauth IAuth
+	var ok bool
+	if iauth, ok = iauthMap[t]; ok{
+		return iauth
+	}else{
+		return nil
+	}
+}
+
+/**
+ * @brief: 添加token到全局缓存中
+ * @param1 userInfo: 用户信息
+ */
+func AddToGlobalTokenStore(userInfo *sysmodel.SysUser)*sysmodel.LoginReturnInfo{
+	token := &entitys.Token{}
+	timestamp := uint64(time.Now().UnixNano())
+	timestamp_str := strconv.FormatUint(timestamp, 10)
+	sec_tooken := sysutils.GenerateToken(userInfo.LoginId + timestamp_str)
+	if v := sysutils.GetGlobalTokenStore().Get(sec_tooken); v == nil {
+		token.AccessToken = sec_tooken
+		token.RefreshToken = sec_tooken
+		token.LoginID = userInfo.LoginId
+		token.UserId = userInfo.Id
+		token.Result = 200
+		//token.Password = pwd
+		token.ServerIp = ""
+		token.Domain = userInfo.Domain
+		sysutils.GetGlobalTokenStore().Set(sec_tooken, token)
+		//sysutils.GetGlobalTokenStore().Set(token.LoginID+user.Domain, token)
+	} else {
+		token = v
+	}
+	data := sysmodel.LoginReturnInfo{}
+	data.Id = userInfo.Id
+	data.LoginId = userInfo.LoginId
+	data.Name = userInfo.Name
+	data.Mobile = userInfo.Mobile
+	data.Email = userInfo.Email
+	data.Token = token.AccessToken
+	data.Type = userInfo.Type
+	data.Domain = userInfo.Domain
+
+	return &data
+}
+
+
+

utils/auth/light_auth.go

@@ -0,0 +1,79 @@
+package auth
+
+import (
+	"fmt"
+	"git.qianqiusoft.com/qianqiusoft/light-apiengine/entitys"
+	sysutils "git.qianqiusoft.com/qianqiusoft/light-apiengine/utils"
+	sysmodel "git.qianqiusoft.com/qianqiusoft/light-apiengine/models"
+	"strconv"
+	"strings"
+	"time"
+)
+
+type LightAuth struct {
+
+}
+
+func init(){
+	lightAuth := &LightAuth{}
+	RegisterAuth("qianqiusoft.com", lightAuth)
+}
+
+func (la *LightAuth)Init(){
+
+}
+
+func (la *LightAuth)Login(c *entitys.CtrlContext){
+	var logininfo sysmodel.LoginInfo
+	c.Ctx.BindJSON(&logininfo)
+	//fmt.Println(logininfo)
+	var user sysmodel.SysUser
+	ret, err := c.PlatformDbEngine.SQL(sysmodel.SqlUserLogin, logininfo.Account).Get(&user)
+	if ret && err == nil {
+		//TODO check password
+		timestamp := uint64(time.Now().UnixNano())
+		md5Pwd := sysutils.HashPassword(logininfo.Password, "")
+		//密码错误
+		if !strings.EqualFold(user.Password, md5Pwd) {
+			c.Ctx.JSON(200, sysmodel.SysReturn{400, "password incorrect!", nil})
+			return
+		}
+		token := &entitys.Token{}
+		timestamp_str := strconv.FormatUint(timestamp, 10)
+		sec_tooken := sysutils.GenerateToken(logininfo.Account + timestamp_str)
+		if v := sysutils.GetGlobalTokenStore().Get(sec_tooken); v == nil {
+			token.AccessToken = sec_tooken
+			token.RefreshToken = sec_tooken
+			token.LoginID = logininfo.Account
+			token.UserId = user.Id
+			token.Result = 200
+			//token.Password = pwd
+			token.ServerIp = ""
+			token.Domain = user.Domain
+			sysutils.GetGlobalTokenStore().Set(sec_tooken, token)
+			//sysutils.GetGlobalTokenStore().Set(token.LoginID+user.Domain, token)
+		} else {
+			token = v
+		}
+		data := sysmodel.LoginReturnInfo{}
+		data.Id = user.Id
+		data.LoginId = user.LoginId
+		data.Name = user.Name
+		data.Mobile = user.Mobile
+		data.Email = user.Email
+		data.Token = token.AccessToken
+		data.Type = user.Type
+		data.Domain = user.Domain
+		c.Ctx.JSON(200, sysmodel.SysReturn{200, "", data})
+	} else {
+		//fmt.Println(err.Error())
+		c.Ctx.JSON(200, sysmodel.SysReturn{400, "username or password incorrect!", nil})
+	}
+}
+
+func (la *LightAuth)Logout(c *entitys.CtrlContext) {
+	token := c.Ctx.GetHeader("token")
+	fmt.Println("delete token: ", token)
+	sysutils.GetGlobalTokenStore().Remove(token)
+	c.Ctx.JSON(200, sysmodel.SysReturn{200, "", nil})
+}