diff --git a/Cargo.lock b/Cargo.lock index 50badb0..e29ce07 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -476,7 +476,6 @@ name = "domain" version = "0.1.0" dependencies = [ "chrono", - "library", "serde", "sqlx", "tracing", @@ -1061,12 +1060,14 @@ dependencies = [ "axum", "axum-extra", "chrono", + "domain", "futures-util", "http", "http-body", "http-body-util", "jsonwebtoken", "lazy_static", + "moka", "once_cell", "reqwest", "serde", diff --git a/domain/Cargo.toml b/domain/Cargo.toml index 767e42b..bca7433 100644 --- a/domain/Cargo.toml +++ b/domain/Cargo.toml @@ -13,5 +13,3 @@ chrono = { workspace = true, features = ["serde"]} tracing = { workspace = true } tracing-appender = { workspace = true } tracing-subscriber = { workspace = true, features = ["json"] } - -library = { path = "../library" } \ No newline at end of file diff --git a/library/Cargo.toml b/library/Cargo.toml index 3a58909..3cccdd3 100644 --- a/library/Cargo.toml +++ b/library/Cargo.toml @@ -26,4 +26,7 @@ futures-util = { workspace = true } jsonwebtoken = { workspace = true } reqwest = { workspace = true, features = ["blocking", "json"] } validator = { workspace = true } -lazy_static = { workspace = true } \ No newline at end of file +moka = { workspace = true, features = ["future", "logging"] } +lazy_static = { workspace = true } + +domain = { path = "../domain" } \ No newline at end of file diff --git a/service/src/utils/login_cache.rs b/library/src/cache/login_cache.rs similarity index 100% rename from service/src/utils/login_cache.rs rename to library/src/cache/login_cache.rs diff --git a/service/src/utils/mod.rs b/library/src/cache/mod.rs similarity index 100% rename from service/src/utils/mod.rs rename to library/src/cache/mod.rs diff --git a/library/src/lib.rs b/library/src/lib.rs index e0a4514..6e954fd 100644 --- a/library/src/lib.rs +++ b/library/src/lib.rs @@ -4,4 +4,5 @@ pub mod core; pub mod resp; pub mod middleware; pub mod token; -pub mod social; \ No newline at end of file +pub mod social; +pub mod cache; \ No newline at end of file diff --git a/library/src/middleware/req_token.rs b/library/src/middleware/req_token.rs index f9bd830..c0031c5 100644 --- a/library/src/middleware/req_token.rs +++ b/library/src/middleware/req_token.rs @@ -2,7 +2,7 @@ use axum::{extract::Request, middleware::Next, response::{IntoResponse, Response use http::{header, StatusCode}; use jsonwebtoken::{decode, DecodingKey, Validation}; -use crate::{config, token::Claims}; +use crate::{cache::login_cache::LOGIN_CACHE, config, token::Claims}; pub async fn authenticate_access_token(mut req: Request, next: Next) -> Response { @@ -21,8 +21,16 @@ pub async fn authenticate_access_token(mut req: Request, next: Next) -> Response let validation = Validation::default(); match decode::(token, &DecodingKey::from_secret(config!().jwt.token_secret.as_bytes()), &validation) { Ok(decoded) => { + let account = LOGIN_CACHE.get(&decoded.claims.sub).await; + if account.is_none() { + return (StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response(); + } + let account = account.unwrap(); + if account.token != token { + return (StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response(); + } // 将Claims附加到请求扩展中,以便后续处理使用 - req.extensions_mut().insert(decoded.claims); + req.extensions_mut().insert(account); next.run(req).await }, Err(_) => (StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response(), diff --git a/library/src/token.rs b/library/src/token.rs index 75b6020..bb5af3f 100644 --- a/library/src/token.rs +++ b/library/src/token.rs @@ -5,8 +5,8 @@ use crate::config; #[derive(Debug, Serialize, Deserialize, Clone)] pub struct Claims { - sub: String, // 用户ID - exp: i64, // Token过期时间戳 + pub sub: String, // 用户ID + pub exp: i64, // Token过期时间戳 } pub fn generate_token(sub: &str) -> String { diff --git a/service/src/account.rs b/service/src/account.rs index 18f5164..c392131 100644 --- a/service/src/account.rs +++ b/service/src/account.rs @@ -1,13 +1,12 @@ use chrono::Utc; use domain::dto::account::AuthenticateGooleAccountReq; use domain::entities::account::Account; +use library::cache::login_cache::{LoginAccount, LOGIN_CACHE}; use library::resp::response::ResErr::ErrPerm; use library::resp::response::{ResErr, ResOK, ResResult}; use library::social::google::GOOGLE_SOCIAL; use library::{db, token}; -use crate::utils::login_cache::{LoginAccount, LOGIN_CACHE}; - pub async fn authenticate_google( req: AuthenticateGooleAccountReq, ) -> ResResult> { diff --git a/service/src/lib.rs b/service/src/lib.rs index 775057a..c42d539 100644 --- a/service/src/lib.rs +++ b/service/src/lib.rs @@ -1,5 +1,3 @@ pub mod account; pub mod feedback; pub mod sys_account; - -pub mod utils; \ No newline at end of file diff --git a/service/src/sys_account.rs b/service/src/sys_account.rs index 6f0be19..c6f569f 100644 --- a/service/src/sys_account.rs +++ b/service/src/sys_account.rs @@ -4,12 +4,9 @@ use domain::{ entities::account::{Account, Role}, }; use library::{ - db, - resp::response::{ResErr, ResOK, ResResult}, - token::{generate_refresh_token, generate_token}, + cache::login_cache::{LoginAccount, LOGIN_CACHE}, db, resp::response::{ResErr, ResOK, ResResult}, token::{generate_refresh_token, generate_token} }; -use crate::utils::login_cache::{LoginAccount, LOGIN_CACHE}; pub async fn authticate_with_password( req: AuthenticateWithPassword,