Merge remote-tracking branch 'origin/main' into lichang

lib/core/utils/ctx/ctx.go

@@ -10,9 +10,9 @@ import (
 	"path/filepath"
 	"strings"
 
-	"be.ems/lib/core/vo"
-	commonConstants "be.ems/src/framework/constants/common"
-	tokenConst "be.ems/src/framework/constants/token"
+	"be.ems/src/framework/constants/token"
+	tokenUtils "be.ems/src/framework/utils/token"
+	"be.ems/src/framework/vo"
 	"github.com/gorilla/mux"
 	"golang.org/x/text/language"
 )
@@ -122,12 +122,26 @@ func SaveUploadedFile(r *http.Request, dst string) error {
 
 // Authorization 解析请求头
 func Authorization(r *http.Request) string {
-	authHeader := r.Header.Get(tokenConst.HEADER_KEY)
+	// Query请求查询
+	if authQuery := r.URL.Query().Get(token.ACCESS_TOKEN); authQuery != "" {
+		return authQuery
+	}
+	// Header请求头
+	if authHeader := r.Header.Get(token.ACCESS_TOKEN); authHeader != "" {
+		return authHeader
+	}
+
+	// Query请求查询
+	if authQuery := r.URL.Query().Get(token.RESPONSE_FIELD); authQuery != "" {
+		return authQuery
+	}
+	// Header请求头
+	authHeader := r.Header.Get(token.HEADER_KEY)
 	if authHeader == "" {
 		return ""
 	}
 	// 拆分 Authorization 请求头，提取 JWT 令牌部分
-	arr := strings.Split(authHeader, tokenConst.HEADER_PREFIX)
+	arr := strings.Split(authHeader, token.HEADER_PREFIX)
 	if len(arr) == 2 && arr[1] == "" {
 		return ""
 	}
@@ -164,12 +178,24 @@ type ContextKey string
 
 // LoginUser 登录用户信息需要Authorize中间件
 func LoginUser(r *http.Request) (vo.LoginUser, error) {
-	// 上下文
-	v := r.Context().Value(ContextKey(commonConstants.CTX_LOGIN_USER))
-	if v != nil {
-		return v.(vo.LoginUser), nil
+	// 获取请求头标识信息
+	tokenStr := Authorization(r)
+	if tokenStr == "" {
+		return vo.LoginUser{}, fmt.Errorf("not token info")
 	}
-	return vo.LoginUser{}, fmt.Errorf("No user information")
+	// 验证令牌
+	claims, err := tokenUtils.Verify(tokenStr)
+	if err != nil {
+		return vo.LoginUser{}, fmt.Errorf("token verify fail")
+	}
+
+	// 获取缓存的用户信息
+	loginUser := tokenUtils.LoginUser(claims)
+	if loginUser.UserID == "" {
+		return vo.LoginUser{}, fmt.Errorf("not user info")
+	}
+
+	return loginUser, nil
 }
 
 // LoginUserToUserID 登录用户信息-用户ID
@@ -187,5 +213,5 @@ func LoginUserToUserName(r *http.Request) string {
 	if err != nil {
 		return ""
 	}
-	return loginUser.UserName
+	return loginUser.User.UserName
 }

lib/midware/mml_log.go

@@ -12,7 +12,6 @@ import (
 	"be.ems/lib/core/datasource"
 	"be.ems/lib/core/utils/ctx"
 	"be.ems/lib/core/utils/date"
-	"be.ems/lib/dborm"
 	"be.ems/lib/log"
 )
 
@@ -50,19 +49,12 @@ func LogMML(next http.Handler) http.Handler {
 		resultStr := fmt.Sprintf(`{"status":"%s","size":"%s","content-type":"%s"}`, status, size, contentType)
 
 		// 用户名
-		username := "-"
-		accessToken := r.Header.Get("AccessToken")
-		if accessToken != "" {
-			// 验证令牌 == 这里直接查数据库session
-			se, _ := dborm.XormUpdateSessionShakeTime(accessToken)
-			username = se.AccountId
-		}
-
+		username := ctx.LoginUserToUserName(r)
 		// 执行插入
 		sql := "insert into mml_log (user,ip,ne_type,ne_id,mml,result,log_time)values(?,?,?,?,?,?,?)"
 		_, sqlerr := datasource.ExecDB("", sql, []any{username, ipAddr, neType, neId, mmlCmd, resultStr, timeStr})
 		if sqlerr != nil {
-			log.Errorf("insert row : %v", err.Error())
+			log.Errorf("insert row : %v", sqlerr.Error())
 		}
 	})
 }

lib/routes/routes.go

@@ -174,11 +174,11 @@ func init() {
 	Register("POST", mml.UriMML, mml.PostMMLToNF, midware.LogMML)
 	Register("POST", mml.UriMMLDiscard, mml.PostMMLToNF, nil)
 	Register("POST", mml.UriOmMmlExt, mml.PostMMLToOMC, midware.LogMML)
-	Register("POST", mml.CustomUriMML, mml.PostMMLToNF, midware.LogMML)
-	Register("POST", mml.CustomUriOmMmlExt, mml.PostMMLToOMC, midware.LogMML)
+	Register("POST", mml.CustomUriMML, mml.PostMMLToNF, nil)
+	Register("POST", mml.CustomUriOmMmlExt, mml.PostMMLToOMC, nil)
 	// post mml2 (standard upf port=5002)
 	Register("POST", mml.UriMML2, mml.PostMML2ToNF, midware.LogMML)
-	Register("POST", mml.CustomUriMML2, mml.PostMML2ToNF, midware.LogMML)
+	Register("POST", mml.CustomUriMML2, mml.PostMML2ToNF, nil)
 
 	// Northbound Get NRM
 	Register("GET", nbi.GetNRMUri, nbi.NBIGetNRMFromNF, nil)