验证码

app/system/controller/token.go

@@ -4,6 +4,8 @@ import (
 	"fmt"
 	"github.com/gin-gonic/gin"
 	"github.com/golang-jwt/jwt"
+	"github.com/mojocn/base64Captcha"
+	"github.com/satori/go.uuid"
 	"strconv"
 	"time"
 
@@ -18,21 +20,13 @@ var Auth = new(auth)
 
 type auth struct{}
 
-type JwtToken struct {
-	jwt.StandardClaims
-	TenantId  string `json:"tenant_id"`
-	UserId    int64  `json:"user_id"`
-	TokenType string `json:"token_type"`
-	ClientId  string `json:"client_id"`
-	RoleId    string `json:"role_id"`
-	RoleName  string `json:"role_name"`
-	DeptId    string `json:"dept_id"`
-	PostId    string `json:"post_id"`
-	OauthId   string `json:"oauth_id"`
-	Account   string `json:"account"`
-	UserName  string `json:"user_name"`
-	NickName  string `json:"nick_name"`
-	Random    string `json:"random"`
+var driver = &base64Captcha.DriverString{
+	Height:          48,
+	Width:           130,
+	NoiseCount:      100,
+	ShowLineOptions: 2,
+	Length:          5,
+	BgColor:         nil,
 }
 
 func (c *auth) Token(ctx *gin.Context) {
@@ -98,17 +92,40 @@ func (c *auth) Token(ctx *gin.Context) {
 	})
 }
 
-//checkLock 校验用户登录失败次数
-func checkLock() {
+func (c *auth) Logout(ctx *gin.Context) {
+	emptyKeyFunc := func(t *jwt.Token) (interface{}, error) { return []byte(config.Instance().Server.TokenSign), nil }
+	authorization := ctx.GetHeader("Authorization")
+	token, err := jwt.ParseWithClaims(authorization, &model.JwtToken{}, emptyKeyFunc)
+	if err != nil {
+		ctx.JSON(http.StatusUnauthorized, util.NormalResponse(http.StatusUnauthorized, err.Error(), nil))
+		return
+	}
+	jwtToken := token.Claims.(*model.JwtToken)
+	err = util.Redis.Del(getAccessTokenKey(jwtToken.TenantId, jwtToken.UserId, jwtToken.Random)).Err()
+	//todo 操作记录
+	ctx.JSON(http.StatusOK, util.SuccessResponse("", nil))
+}
 
+func (c *auth) Captcha(ctx *gin.Context) {
+	id := uuid.NewV1().String()
+	code := util.RandomString2(5)
+	gotItem, _ := driver.DrawCaptcha(code)
+	image := gotItem.EncodeB64string()
+	rsp := model.RspCaptcha{
+		Key:   id,
+		Image: image,
+	}
+	util.Redis.Set(getCaptchaKey(id), code, 5*time.Minute)
+	ctx.JSON(http.StatusOK, rsp)
 }
 
-func getAccessTokenKey(tenantId string, uId int64, random string) string {
-	return fmt.Sprintf("access_token_%s_%d_%s", tenantId, uId, random)
+//checkLock 校验用户登录失败次数
+func checkLock() {
+
 }
 
 func getAccessToken(info model.UserInfo, random string) (string, error) {
-	jwtToken := JwtToken{StandardClaims: jwt.StandardClaims{
+	jwtToken := model.JwtToken{StandardClaims: jwt.StandardClaims{
 		Audience:  "audience",
 		ExpiresAt: time.Now().Add(2 * time.Hour).Unix(),
 		Issuer:    "issuser",
@@ -152,9 +169,13 @@ func grant(token model.Token, ctx *gin.Context) (*model.UserInfo, *util.Errors)
 	key := ctx.GetHeader(model.CaptchaHeaderKey)
 	code := ctx.GetHeader(model.CaptchaHeaderCode)
 	// 获取验证码
-	redisCode := util.Redis.Get(model.CaptchaKey + key).String()
+	result, err := util.Redis.Get(getCaptchaKey(key)).Result()
+	if err != nil {
+		return nil, util.NormalResponse(http.StatusBadRequest, model.CaptchaNotCorrect, nil)
+	}
+	redisCode := result
 	// 判断验证码
-	if config.Instance().Server.CodeEnable && (code == "" || !strings.EqualFold(redisCode, code)) {
+	if config.Instance().Server.CodeEnabled && (key == "" || code == "" || !strings.EqualFold(redisCode, code)) {
 		return nil, util.NormalResponse(http.StatusBadRequest, model.CaptchaNotCorrect, nil)
 	}
 
@@ -179,20 +200,10 @@ func grant(token model.Token, ctx *gin.Context) (*model.UserInfo, *util.Errors)
 	return info, nil
 }
 
-func (c *auth) Logout(ctx *gin.Context) {
-	emptyKeyFunc := func(t *jwt.Token) (interface{}, error) { return []byte(config.Instance().Server.TokenSign), nil }
-	authorization := ctx.GetHeader("Authorization")
-	token, err := jwt.ParseWithClaims(authorization, &JwtToken{}, emptyKeyFunc)
-	if err != nil {
-		ctx.JSON(http.StatusUnauthorized, util.NormalResponse(http.StatusUnauthorized, err.Error(), nil))
-		return
-	}
-	jwtToken := token.Claims.(*JwtToken)
-	err = util.Redis.Del(getAccessTokenKey(jwtToken.TenantId, jwtToken.UserId, jwtToken.Random)).Err()
-	//todo 操作记录
-	ctx.JSON(http.StatusOK, util.SuccessResponse("", nil))
+func getAccessTokenKey(tenantId string, uId int64, random string) string {
+	return fmt.Sprintf("access_token_%s_%d_%s", tenantId, uId, random)
 }
 
-func (c *auth) Captcha(ctx *gin.Context) {
-	ctx.JSON(0, nil)
+func getCaptchaKey(uId string) string {
+	return fmt.Sprintf("auth:captcha:%s", uId)
 }

app/system/model/token.go

@@ -1,6 +1,26 @@
 package model
 
-import "iot_manager_service/app/system/dao"
+import (
+	"github.com/golang-jwt/jwt"
+	"iot_manager_service/app/system/dao"
+)
+
+type JwtToken struct {
+	jwt.StandardClaims
+	TenantId  string `json:"tenant_id"`
+	UserId    int64  `json:"user_id"`
+	TokenType string `json:"token_type"`
+	ClientId  string `json:"client_id"`
+	RoleId    string `json:"role_id"`
+	RoleName  string `json:"role_name"`
+	DeptId    string `json:"dept_id"`
+	PostId    string `json:"post_id"`
+	OauthId   string `json:"oauth_id"`
+	Account   string `json:"account"`
+	UserName  string `json:"user_name"`
+	NickName  string `json:"nick_name"`
+	Random    string `json:"random"`
+}
 
 type Token struct {
 	TenantId     string
@@ -37,6 +57,11 @@ type RspToken struct {
 	License      string `json:"license"`
 }
 
+type RspCaptcha struct {
+	Key   string `json:"key"`
+	Image string `json:"image"`
+}
+
 // JWT
 const (
 	Iss       = "iss"
@@ -70,6 +95,4 @@ const (
 	HEADER_KEY                    = "Authorization"
 	HEADER_PREFIX                 = "Basic "
 	DEFAULT_AVATAR                = "https://gw.alipayobjects.com/zos/rmsportal/BiazfanxmamNRoxxVxka.png"
-
-	CaptchaKey = "blade:auth::blade:captcha:"
 )

config/config.go

@@ -41,9 +41,9 @@ type config struct {
 }
 
 type server struct {
-	Address    string `yaml:"address"`
-	CodeEnable bool   `yaml:"code_enable"`
-	TokenSign  string `yaml:"token_sign"`
+	Address     string `yaml:"address"`
+	CodeEnabled bool   `yaml:"code_enabled"`
+	TokenSign   string `yaml:"token_sign"`
 }
 
 type database struct {

go.mod

@@ -8,6 +8,8 @@ require (
 	github.com/go-sql-driver/mysql v1.6.0
 	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/jinzhu/gorm v1.9.16
+	github.com/mojocn/base64Captcha v1.3.5
+	github.com/satori/go.uuid v1.2.0
 	gopkg.in/yaml.v2 v2.4.0
 )
 
@@ -17,6 +19,7 @@ require (
 	github.com/go-playground/universal-translator v0.18.0 // indirect
 	github.com/go-playground/validator/v10 v10.10.0 // indirect
 	github.com/goccy/go-json v0.9.7 // indirect
+	github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 // indirect
 	github.com/google/go-cmp v0.5.8 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
@@ -29,6 +32,7 @@ require (
 	github.com/pelletier/go-toml/v2 v2.0.1 // indirect
 	github.com/ugorji/go/codec v1.2.7 // indirect
 	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
+	golang.org/x/image v0.0.0-20190501045829-6d32002ffd75 // indirect
 	golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4 // indirect
 	golang.org/x/sys v0.0.0-20220422013727-9388b58f7150 // indirect
 	golang.org/x/text v0.3.7 // indirect

go.sum

@@ -38,6 +38,8 @@ github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keL
 github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY=
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
+github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 h1:DACJavvAHhabrF08vX0COfcOBJRhZ8lUbR+ZWIs0Y5g=
+github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
 github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
@@ -85,6 +87,8 @@ github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 h1:ZqeYNhU3OH
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/mojocn/base64Captcha v1.3.5 h1:Qeilr7Ta6eDtG4S+tQuZ5+hO+QHbiGAJdi4PfoagaA0=
+github.com/mojocn/base64Captcha v1.3.5/go.mod h1:/tTTXn4WTpX9CfrmipqRytCpJ27Uw3G6I7NcP2WwcmY=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
 github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
@@ -109,6 +113,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8=
 github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
+github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww=
+github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
@@ -130,6 +136,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/image v0.0.0-20190501045829-6d32002ffd75 h1:TbGuee8sSq15Iguxu4deQ7+Bqq/d2rsQejGcEtADAMQ=
+golang.org/x/image v0.0.0-20190501045829-6d32002ffd75/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY=
 golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=

router/router.go

@@ -339,6 +339,6 @@ func InitRouter(engine *gin.Engine) {
 	{
 		auth.POST("/oauth/token", user.Auth.Token)
 		auth.POST("/oauth/logout", user.Auth.Logout)
-		auth.POST("/oauth/captcha", user.Auth.Captcha)
+		auth.GET("/oauth/captcha", user.Auth.Captcha)
 	}
 }

util/common.go

@@ -25,3 +25,13 @@ func RandomString(n int) string {
 	}
 	return string(b)
 }
+
+func RandomString2(n int) string {
+	var letters = []rune("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
+	rand.Seed(time.Now().Unix())
+	b := make([]rune, n)
+	for i := range b {
+		b[i] = letters[rand.Intn(len(letters))]
+	}
+	return string(b)
+}