light-apiengine/controllers/partial/SsoController.go

package partial

import (
	"fmt"
	"git.qianqiusoft.com/qianqiusoft/light-apiengine/config"
	"git.qianqiusoft.com/qianqiusoft/light-apiengine/entitys"
	"git.qianqiusoft.com/qianqiusoft/light-apiengine/logs"
	sysmodel "git.qianqiusoft.com/qianqiusoft/light-apiengine/models"
	sysutils "git.qianqiusoft.com/qianqiusoft/light-apiengine/utils"
	"git.qianqiusoft.com/qianqiusoft/light-apiengine/utils/auth"
	"regexp"
	"strings"

	//"git.qianqiusoft.com/qianqiusoft/light-apiengine/models"
)

// _Login
// @Title _Login
// @Description 用户登录
// @Param	logininfo      false  "登录信息"
// @Success 200 {object} Account
// @Failure 403 :id is empty
func Sso_Login(c *entitys.CtrlContext) {
	iauth := getAuth(c)
	if iauth == nil{
		hostname := sysutils.GetHostname(c.Ctx)
		c.Ctx.JSON(500, sysmodel.SysReturn{500, "iauth of " + hostname + " is nil", nil})
		return
	}
	iauth.Login(c)
}

// _Logout
// @Title _Logout
// @Description 用户退出
// @Success 200 {object} Account
// @Failure 403 :id is empty
func Sso_Logout(c *entitys.CtrlContext) {
	iauth := getAuth(c)
	if iauth == nil{
		hostname := sysutils.GetHostname(c.Ctx)
		c.Ctx.JSON(500, sysmodel.SysReturn{500, "iauth of " + hostname + " is nil", nil})
		return
	}
	iauth.Logout(c)
}

func Sso_Validate(c *entitys.CtrlContext) {
	accessToken := c.Ctx.Query("access_token")
	loginId := c.Ctx.Query("username")
	requesterType := c.Ctx.Query("type")

	if requesterType == "app" {
		//timestamp := c.Ctx.Query("timestamp")
		//signature := c.Ctx.Query("signature")
		//token, err := models.ValidateApp(loginId, accessToken, timestamp, signature)
		//if err != nil {
		//	this.Ctx.WriteString(err.Error())
		//	this.Ctx.Output.SetStatus(401)
		//	return
		//}
		//this.Ctx.Output.JSON(token, false, false)
	} else {
		domain := strings.TrimSpace(strings.ToLower(c.Ctx.Query("domain")))
		token, err := sysutils.Validate(accessToken, loginId, domain)
		if err != nil {
			logs.Error(accessToken, loginId, "校验AccessToken失败:", err)
			c.Ctx.Data(401, "text", []byte(err.Error()))
			return
		}
		c.Ctx.JSON(200, token)
	}
}

// _TokenValidate
// @Title _TokenValidate
// @Description token验证
// @Param	token    string  false  "token"
// @Success 200 {object} Account
// @Failure 403 :id is empty
func Sso_TokenValidate(c *entitys.CtrlContext) {
	token := c.Ctx.Query("token")

	user, err := sysutils.TokenValidate(token)

	if err != nil {
		logs.Error(token, "校验AccessToken失败:", err)
		c.Ctx.Data(401, "text", []byte(err.Error()))
		return
	}
	c.Ctx.JSON(200, user)
}



func getAuth(c *entitys.CtrlContext)auth.IAuth{
	var iauth auth.IAuth = nil
	authMode := config.AppConfig.GetKey("auth_mode")
	if authMode == "local"{
		iauth = auth.GetAuth("qianqiusoft.com")
	}else{
		hostname := sysutils.GetHostname(c.Ctx)
		tld := getTLD(hostname)
		fmt.Println("------>hostname", hostname, "tld", tld)
		iauth = auth.GetAuth(hostname)
		if iauth == nil{
			iauth = auth.GetAuth(tld)
		}
	}
	return iauth
}

/**
* @brief: 获取一级域名
× @param1 hostname: 请求名称
*/
func getTLD(hostname string)string{
	patternstr := `(2(5[0-5]{1}|[0-4]\d{1})|[0-1]?\d{1,2})(\.(2(5[0-5]{1}|[0-4]\d{1})|[0-1]?\d{1,2})){3}`
	reg := regexp.MustCompile(patternstr)
	if res := reg.FindAllString(hostname, -1); res == nil {
		size := 0
		if strings.HasSuffix(hostname, "gov.cn") || strings.HasSuffix(hostname, "edu.cn"){
			size = 3
		}else{
			size = 2
		}
		hnarr := strings.Split(hostname, ".")

		if len(hnarr) >= size{
			tld := hnarr[len(hnarr) - size]
			for i := size - 1; i >= 1; i--{
				tld += "." + hnarr[len(hnarr) - i]
			}
			return tld
		}else{
			// 少于两个的直接返回
			return hostname
		}
	} else {
		// 直接返回ip
		return hostname
	}
}

func __none_func_sso__(params ...interface{}) bool {
	return true
}