完成登录和鉴权逻辑

gateway/gw/api/api.go

@@ -20,6 +20,9 @@ func NewGateway() {
 
 	appInstance = baize.NewApplication(config.GetGatewayConfig().ApplicationConfig)
 
+	// 注册Router
+	appInstance.Api().PrefixRouter().RegisterVersionedRouter("v1")
+
 	// 创建gateway
 	gatewayInstance = gateway.NewGateway(appInstance.Api())
 

gateway/gw/api/root/root.go

@@ -1,7 +1,7 @@
 package root
 
 import (
-	"baize_scaffold/gateway/gw/api/v1/auth"
+	"baize_scaffold/gateway/gw/api/root/auth"
 
 	"git.sxidc.com/go-framework/baize/framework/core/api"
 	"git.sxidc.com/go-framework/baize/framework/gateway"

gateway/gw/api/v1/auth/auth.go

@@ -1,15 +1,14 @@
 package auth
 
 import (
-	"baize_scaffold/gateway/gw/config"
+	"net/http"
 
 	"git.sxidc.com/go-framework/baize/framework/gateway"
 )
 
-var (
-	umUrl = config.GetGatewayConfig().ServicesConfig.UMBaseUrl + "/utm/api/v1"
-)
-
 func Init(builder *gateway.Builder) {
-
+	builder.GetRoute("/test", func(requestBuilder *gateway.RequestBuilder) {
+		requestBuilder.ApiContext().String(http.StatusOK, "hello world")
+		return
+	})
 }

gateway/middleware/auth.go

@@ -2,17 +2,60 @@ package middleware
 
 import (
 	"baize_scaffold/gateway/gw/config"
-	"fmt"
 	"net/http"
 
-	"github.com/pkg/errors"
-
 	"git.sxidc.com/go-framework/baize/framework/core/api/response"
 	"git.sxidc.com/go-framework/baize/framework/gateway"
 	"git.sxidc.com/service-supports/fslog"
 	"github.com/dgrijalva/jwt-go/request"
+	"github.com/pkg/errors"
 )
 
+type AuthenticationResult struct {
+	response.MsgResponse
+	TenantID   string `json:"tenantId"`
+	TenantName string `json:"tenantName"`
+	UserID     string `json:"userId"`
+	UserName   string `json:"userName"`
+	Roles      []Role `json:"roles"`
+}
+
+type Role struct {
+	ID   string `json:"id"`
+	Name string `json:"name"`
+}
+
+type TenantInfo struct {
+	ID   string
+	Name string
+}
+
+func (t TenantInfo) GetID() string {
+	return t.ID
+}
+
+func (t TenantInfo) GetName() string {
+	return t.Name
+}
+
+type UserInfo struct {
+	ID       string
+	UserName string
+	Roles    []Role
+}
+
+func (u UserInfo) GetID() string {
+	return u.ID
+}
+
+func (u UserInfo) GetUserName() string {
+	return u.UserName
+}
+
+func (u UserInfo) GetName() string {
+	return u.UserName
+}
+
 func Authentication() gateway.Handler {
 	return func(requestBuilder *gateway.RequestBuilder) {
 		c := requestBuilder.ApiContext()
@@ -23,40 +66,56 @@ func Authentication() gateway.Handler {
 			fslog.Error(err)
 			respFunc(c, http.StatusUnauthorized, map[string]any{
 				"accessToken": "",
-			}, errors.New("token错误"))
+			}, err)
 			c.Abort()
 			return
 		}
 
+		var requestErr error
+		authResult := new(AuthenticationResult)
 		requestBuilder.Post(&gateway.PostRequest{
-			Url: config.GetGatewayConfig().ServicesConfig.UMBaseUrl + "/utm/api/v1/checkToken",
+			Url: config.GetGatewayConfig().ServicesConfig.UMBaseUrl + "/utm/api/v1/auth",
 			Body: map[string]any{
 				"token":    token,
 				"resource": c.FullPath(),
 				"action":   c.Request.Method,
 			},
+		}).ResponseErrorCallback(func(c *gateway.RequestBuilderContext, err error) {
+			requestErr = err
 		}).ResponseSuccessCallback(func(c *gateway.RequestBuilderContext) {
-			userID, ok := c.GetResultMapValue("userId").(string)
-			if !ok {
-				fslog.Error(err)
-				respFunc(c.ApiContext(), http.StatusUnauthorized, map[string]any{
-					"accessToken": "",
-				}, errors.New("用户ID获取错误"))
-				c.ApiContext().Abort()
+			err := c.HistoryRequests()[0].Response().Json(authResult)
+			if err != nil {
+				requestErr = err
+				return
+			}
+
+			if !authResult.Success {
+				requestErr = errors.New(authResult.Msg)
+				return
 			}
+
+			return
 		}).Request()
 
-		c.SetUserInfo(&UserInfoWithRoles{
-			ID:                 umCheckResult.UserID,
-			UserName:           umCheckResult.UserName,
-			Updated:            umCheckResult.Updated,
-			ProfileName:        tangentSimpleUserInfo.Name,
-			OrgInfo:            currentTenant,
-			RoleInfos:          roles,
-			TangentUserProfile: tangentSimpleUserInfo,
+		if requestErr != nil {
+			fslog.Error(err)
+			respFunc(requestBuilder.ApiContext(), http.StatusUnauthorized, map[string]any{
+				"accessToken": "",
+			}, requestErr)
+			requestBuilder.ApiContext().Abort()
+			return
+		}
+
+		c.SetUserInfo(&UserInfo{
+			ID:       authResult.UserID,
+			UserName: authResult.UserName,
+			Roles:    authResult.Roles,
 		})
 
-		c.SetTenantInfo(currentTenant)
+		c.SetTenantInfo(&TenantInfo{
+			ID:   authResult.TenantID,
+			Name: authResult.TenantName,
+		})
 
 		c.Next()
 	}

utm/application/domain/auth/info.go

@@ -9,12 +9,6 @@ type AuthenticationResult struct {
 }
 
 type Role struct {
-	ID          string       `json:"id"`
-	Name        string       `json:"name"`
-	Permissions []Permission `json:"permissions"`
-}
-
-type Permission struct {
-	Resource string `json:"resource"`
-	Action   string `json:"action"`
+	ID   string `json:"id"`
+	Name string `json:"name"`
 }

utm/application/service/auth.go

@@ -122,18 +122,9 @@ func (svc *AuthService) v1(appInstance *application.App) {
 
 			resultRoles := make([]auth.Role, 0)
 			for _, role := range roles {
-				resultRolePermissions := make([]auth.Permission, 0)
-				for _, permission := range role.Permissions {
-					resultRolePermissions = append(resultRolePermissions, auth.Permission{
-						Resource: permission.Resource,
-						Action:   permission.Action,
-					})
-				}
-
 				resultRoles = append(resultRoles, auth.Role{
-					ID:          role.ID,
-					Name:        role.Name,
-					Permissions: resultRolePermissions,
+					ID:   role.ID,
+					Name: role.Name,
 				})
 			}
 

utm/data_loader/data_loader.go

@@ -10,50 +10,12 @@ import (
 	"gopkg.in/yaml.v3"
 )
 
-var dataLoaderInstance *DataLoader
+var dataLoaderInstance = &DataLoader{}
 
 func GetDataLoader() *DataLoader {
 	return dataLoaderInstance
 }
 
-func Init() {
-	dataDir := os.Getenv("DATA_LOADER_DATA_DIR")
-	if strutils.IsStringEmpty(dataDir) {
-		panic("DATA_LOADER_DATA_DIR环境变量未设置")
-	}
-
-	dataDirAbs, err := filepath.Abs(dataDir)
-	if err != nil {
-		panic(err)
-	}
-
-	if !fileutils.PathExists(dataDirAbs) {
-		panic("数据目录不存在")
-	}
-
-	tenantsDataFilePath := filepath.Join(dataDirAbs, "tenants.yaml")
-	if !fileutils.PathExists(tenantsDataFilePath) {
-		panic("租户数据不存在")
-	}
-
-	usersDataFilePath := filepath.Join(dataDirAbs, "users.yaml")
-	if !fileutils.PathExists(usersDataFilePath) {
-		panic("用户数据不存在")
-	}
-
-	rolesDataFilePath := filepath.Join(dataDirAbs, "roles.yaml")
-	if !fileutils.PathExists(rolesDataFilePath) {
-		panic("角色数据不存在")
-	}
-
-	d, err := LoadData(tenantsDataFilePath, usersDataFilePath, rolesDataFilePath)
-	if err != nil {
-		panic(err)
-	}
-
-	dataLoaderInstance = d
-}
-
 type Tenant struct {
 	ID   string `yaml:"id"`
 	Name string `yaml:"name"`
@@ -84,43 +46,12 @@ type DataLoader struct {
 	Roles   []Role   `yaml:"roles"`
 }
 
-func LoadData(tenantsDataFilePath string, usersDataFilePath string, rolesDataFilePath string) (*DataLoader, error) {
-	dataLoader := new(DataLoader)
-
-	tenantsData, err := os.ReadFile(tenantsDataFilePath)
-	if err != nil {
-		return nil, err
-	}
-
-	err = yaml.Unmarshal(tenantsData, &dataLoader.Tenants)
-	if err != nil {
-		return nil, err
-	}
-
-	usersData, err := os.ReadFile(usersDataFilePath)
-	if err != nil {
-		return nil, err
-	}
-
-	err = yaml.Unmarshal(usersData, &dataLoader.Users)
-	if err != nil {
-		return nil, err
-	}
-
-	rolesData, err := os.ReadFile(rolesDataFilePath)
-	if err != nil {
-		return nil, err
-	}
-
-	err = yaml.Unmarshal(rolesData, &dataLoader.Roles)
+func (d *DataLoader) GetUserByUserNameAndPassword(userName string, password string) (User, error) {
+	err := d.loadData()
 	if err != nil {
-		return nil, err
+		return User{}, err
 	}
 
-	return dataLoader, nil
-}
-
-func (d *DataLoader) GetUserByUserNameAndPassword(userName string, password string) (User, error) {
 	for _, user := range d.Users {
 		if user.UserName == userName && user.Password == password {
 			return user, nil
@@ -131,6 +62,11 @@ func (d *DataLoader) GetUserByUserNameAndPassword(userName string, password stri
 }
 
 func (d *DataLoader) GetUserByID(userID string) (User, error) {
+	err := d.loadData()
+	if err != nil {
+		return User{}, err
+	}
+
 	for _, user := range d.Users {
 		if user.ID == userID {
 			return user, nil
@@ -141,6 +77,11 @@ func (d *DataLoader) GetUserByID(userID string) (User, error) {
 }
 
 func (d *DataLoader) GetTenantByID(tenantID string) (Tenant, error) {
+	err := d.loadData()
+	if err != nil {
+		return Tenant{}, err
+	}
+
 	for _, tenant := range d.Tenants {
 		if tenant.ID == tenantID {
 			return tenant, nil
@@ -151,6 +92,11 @@ func (d *DataLoader) GetTenantByID(tenantID string) (Tenant, error) {
 }
 
 func (d *DataLoader) GetRolesByIDs(roleIDs []string) ([]Role, error) {
+	err := d.loadData()
+	if err != nil {
+		return nil, err
+	}
+
 	roles := make([]Role, 0)
 
 	if roleIDs == nil || len(roleIDs) == 0 {
@@ -167,3 +113,66 @@ func (d *DataLoader) GetRolesByIDs(roleIDs []string) ([]Role, error) {
 
 	return roles, nil
 }
+
+func (d *DataLoader) loadData() error {
+	dataDir := os.Getenv("DATA_LOADER_DATA_DIR")
+	if strutils.IsStringEmpty(dataDir) {
+		panic("DATA_LOADER_DATA_DIR环境变量未设置")
+	}
+
+	dataDirAbs, err := filepath.Abs(dataDir)
+	if err != nil {
+		panic(err)
+	}
+
+	if !fileutils.PathExists(dataDirAbs) {
+		panic("数据目录不存在")
+	}
+
+	tenantsDataFilePath := filepath.Join(dataDirAbs, "tenants.yaml")
+	if !fileutils.PathExists(tenantsDataFilePath) {
+		panic("租户数据不存在")
+	}
+
+	usersDataFilePath := filepath.Join(dataDirAbs, "users.yaml")
+	if !fileutils.PathExists(usersDataFilePath) {
+		panic("用户数据不存在")
+	}
+
+	rolesDataFilePath := filepath.Join(dataDirAbs, "roles.yaml")
+	if !fileutils.PathExists(rolesDataFilePath) {
+		panic("角色数据不存在")
+	}
+
+	tenantsData, err := os.ReadFile(tenantsDataFilePath)
+	if err != nil {
+		return err
+	}
+
+	err = yaml.Unmarshal(tenantsData, &d.Tenants)
+	if err != nil {
+		return err
+	}
+
+	usersData, err := os.ReadFile(usersDataFilePath)
+	if err != nil {
+		return err
+	}
+
+	err = yaml.Unmarshal(usersData, &d.Users)
+	if err != nil {
+		return err
+	}
+
+	rolesData, err := os.ReadFile(rolesDataFilePath)
+	if err != nil {
+		return err
+	}
+
+	err = yaml.Unmarshal(rolesData, &d.Roles)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

utm/deployment/data/roles.yaml

@@ -3,7 +3,7 @@
   permissions:
     - resource: /xxx/yyy
       action: POST
-    - resource: /bbb/ccc
+    - resource: /gw/api/v1/test
       action: GET
 - id: e26f06abd88d42879f1e64d7cddcc85
   name: 普通用户

utm/main.go

@@ -2,15 +2,12 @@ package main
 
 import (
 	"baize_scaffold/utm/application"
-	"baize_scaffold/utm/data_loader"
 	"syscall"
 
 	DEATH "github.com/vrecan/death"
 )
 
 func main() {
-	data_loader.Init()
-
 	application.NewApp()
 	defer application.DestroyApp()