feat 废弃jwt 、 学识分

internal/handler/http_handler/login.go

@@ -1,18 +1,14 @@
 package http_handler
 
 import (
-	"context"
-	"fmt"
 	"git.hlsq.asia/mmorpg/service-common/db/redis"
 	"git.hlsq.asia/mmorpg/service-common/log"
 	"git.hlsq.asia/mmorpg/service-common/net/grpc/grpc_client"
 	"git.hlsq.asia/mmorpg/service-common/net/http/http_resp"
 	"git.hlsq.asia/mmorpg/service-common/proto/rs/grpc_pb"
 	"git.hlsq.asia/mmorpg/service-common/utils"
-	"git.hlsq.asia/mmorpg/service-gateway/config"
 	"git.hlsq.asia/mmorpg/service-gateway/internal/global"
 	"github.com/gin-gonic/gin"
-	"time"
 )
 
 // 这个模块处理用户登录
@@ -71,7 +67,12 @@ func Login(c *gin.Context) {
 		return
 	}
 
-	at, rt, err := genToken(c, usn)
+	at, rt, err := sessionLogin(c, usn)
+	if err != nil {
+		log.Errorf("Login sessionLogin error: %v, usn: %v", err, usn)
+		http_resp.JsonOK(c, http_resp.Error(http_resp.Failed))
+		return
+	}
 	http_resp.JsonOK(c, http_resp.Success(&LoginResp{
 		USN:          usn,
 		Name:         name,
@@ -81,7 +82,7 @@ func Login(c *gin.Context) {
 }
 
 type RefreshTokenReq struct {
-	RefreshToken string `json:"refreshToken" binding:"required,min=1"`
+	RefreshToken string `json:"refreshToken"`
 }
 
 type RefreshTokenResp struct {
@@ -95,18 +96,27 @@ func RefreshToken(c *gin.Context) {
 		http_resp.JsonBadRequest(c)
 		return
 	}
-	claims, err := utils.ParseToken(req.RefreshToken, config.Get().Auth.Secret)
-	if err != nil {
+	if req.RefreshToken == "" {
+		cookie, err := c.Cookie("refresh_token")
+		if err != nil {
+			http_resp.JsonUnauthorized(c)
+			return
+		}
+		req.RefreshToken = cookie
+	}
+
+	usn, _ := redis.GetClient().HGet(c, global.KeyGatewayRefreshToken+req.RefreshToken, (&utils.UserSession{}).GetUsnKey()).Int64()
+	if usn == 0 {
 		http_resp.JsonUnauthorized(c)
 		return
 	}
-	if redis.GetClient().Get(c, fmt.Sprintf(global.KeyGatewayRefreshToken, claims.USN)).Val() != req.RefreshToken {
-		http_resp.JsonUnauthorized(c)
-		return
+
+	if err := sessionLogout(c, req.RefreshToken); err != nil {
+		log.Errorf("RefreshToken sessionLogout error: %v, usn: %v", err, usn)
 	}
-	at, rt, err := genToken(c, claims.USN)
+	at, rt, err := sessionLogin(c, usn)
 	if err != nil {
-		log.Errorf("RefreshToken genToken error: %v, usn: %v", err, claims.USN)
+		log.Errorf("RefreshToken sessionLogin error: %v, usn: %v", err, usn)
 		http_resp.JsonOK(c, http_resp.Error(http_resp.Failed))
 		return
 	}
@@ -117,23 +127,29 @@ func RefreshToken(c *gin.Context) {
 	}))
 }
 
-func genToken(ctx context.Context, usn int64) (string, string, error) {
-	at, err := genTokenOne(ctx, global.KeyGatewayAccessToken, usn, time.Duration(config.Get().Auth.ShortExpire)*time.Minute)
-	if err != nil {
-		return "", "", err
-	}
-	rt, err := genTokenOne(ctx, global.KeyGatewayRefreshToken, usn, time.Duration(config.Get().Auth.LongExpire)*time.Minute)
-	if err != nil {
-		return "", "", err
-	}
-	return at, rt, nil
+type LogoutReq struct {
+	RefreshToken string `json:"refreshToken"`
 }
 
-func genTokenOne(ctx context.Context, key string, usn int64, ttl time.Duration) (string, error) {
-	token, err := utils.GenToken(usn, config.Get().Auth.Secret, ttl)
-	if err != nil {
-		return "", err
-	}
-	redis.GetClient().Set(ctx, fmt.Sprintf(key, usn), token, ttl)
-	return token, err
+type LogoutResp struct {
+}
+
+func Logout(c *gin.Context) {
+	req := &LogoutReq{}
+	if err := c.ShouldBindJSON(req); err != nil {
+		http_resp.JsonBadRequest(c)
+		return
+	}
+	if req.RefreshToken == "" {
+		cookie, err := c.Cookie("refresh_token")
+		if err != nil {
+			http_resp.JsonUnauthorized(c)
+			return
+		}
+		req.RefreshToken = cookie
+	}
+	if err := sessionLogout(c, req.RefreshToken); err != nil {
+		log.Errorf("Logout sessionLogout error: %v", err)
+	}
+	http_resp.JsonOK(c, http_resp.Success(&LogoutResp{}))
 }