liyunjia/chuanyue-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

登录用户缓存迁移至library,token请求中间件添加缓存用户校验

Browse Source
This commit is contained in:
李运家 2024-05-30 16:50:39 +08:00
parent 8bbf847de0
commit b5e96b688a
11 changed files with 22 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Cargo.lock generated
View File

@ -476,7 +476,6 @@ name = "domain"
version = "0.1.0" version = "0.1.0"
dependencies = [ dependencies = [
"chrono", "chrono",
"library",
"serde", "serde",
"sqlx", "sqlx",
"tracing", "tracing",
@ -1061,12 +1060,14 @@ dependencies = [
"axum", "axum",
"axum-extra", "axum-extra",
"chrono", "chrono",
"domain",
"futures-util", "futures-util",
"http", "http",
"http-body", "http-body",
"http-body-util", "http-body-util",
"jsonwebtoken", "jsonwebtoken",
"lazy_static", "lazy_static",
"moka",
"once_cell", "once_cell",
"reqwest", "reqwest",
"serde", "serde",

2
domain/Cargo.toml
View File

@ -13,5 +13,3 @@ chrono = { workspace = true, features = ["serde"]}
tracing = { workspace = true } tracing = { workspace = true }
tracing-appender = { workspace = true } tracing-appender = { workspace = true }
tracing-subscriber = { workspace = true, features = ["json"] } tracing-subscriber = { workspace = true, features = ["json"] }
library = { path = "../library" }

5
library/Cargo.toml
View File

@ -26,4 +26,7 @@ futures-util = { workspace = true }
jsonwebtoken = { workspace = true } jsonwebtoken = { workspace = true }
reqwest = { workspace = true, features = ["blocking", "json"] } reqwest = { workspace = true, features = ["blocking", "json"] }
validator = { workspace = true } validator = { workspace = true }
lazy_static = { workspace = true } moka = { workspace = true, features = ["future", "logging"] }
lazy_static = { workspace = true }
domain = { path = "../domain" }

0
service/src/utils/login_cache.rs → library/src/cache/login_cache.rs vendored
View File

0
service/src/utils/mod.rs → library/src/cache/mod.rs vendored
View File

3
library/src/lib.rs
View File

@ -4,4 +4,5 @@ pub mod core;
pub mod resp; pub mod resp;
pub mod middleware; pub mod middleware;
pub mod token; pub mod token;
pub mod social; pub mod social;
pub mod cache;

12
library/src/middleware/req_token.rs
View File

@ -2,7 +2,7 @@ use axum::{extract::Request, middleware::Next, response::{IntoResponse, Response
use http::{header, StatusCode}; use http::{header, StatusCode};
use jsonwebtoken::{decode, DecodingKey, Validation}; use jsonwebtoken::{decode, DecodingKey, Validation};
use crate::{config, token::Claims}; use crate::{cache::login_cache::LOGIN_CACHE, config, token::Claims};
pub async fn authenticate_access_token(mut req: Request, next: Next) -> Response { pub async fn authenticate_access_token(mut req: Request, next: Next) -> Response {
@ -21,8 +21,16 @@ pub async fn authenticate_access_token(mut req: Request, next: Next) -> Response
let validation = Validation::default(); let validation = Validation::default();
match decode::<Claims>(token, &DecodingKey::from_secret(config!().jwt.token_secret.as_bytes()), &validation) { match decode::<Claims>(token, &DecodingKey::from_secret(config!().jwt.token_secret.as_bytes()), &validation) {
Ok(decoded) => { Ok(decoded) => {
let account = LOGIN_CACHE.get(&decoded.claims.sub).await;
if account.is_none() {
return (StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response();
}
let account = account.unwrap();
if account.token != token {
return (StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response();
}
// 将Claims附加到请求扩展中以便后续处理使用 // 将Claims附加到请求扩展中以便后续处理使用
req.extensions_mut().insert(decoded.claims); req.extensions_mut().insert(account);
next.run(req).await next.run(req).await
}, },
Err(_) => (StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response(), Err(_) => (StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response(),

4
library/src/token.rs
View File

@ -5,8 +5,8 @@ use crate::config;
#[derive(Debug, Serialize, Deserialize, Clone)] #[derive(Debug, Serialize, Deserialize, Clone)]
pub struct Claims { pub struct Claims {
sub: String, // 用户ID pub sub: String, // 用户ID
exp: i64, // Token过期时间戳 pub exp: i64, // Token过期时间戳
} }
pub fn generate_token(sub: &str) -> String { pub fn generate_token(sub: &str) -> String {

3
service/src/account.rs
View File

@ -1,13 +1,12 @@
use chrono::Utc; use chrono::Utc;
use domain::dto::account::AuthenticateGooleAccountReq; use domain::dto::account::AuthenticateGooleAccountReq;
use domain::entities::account::Account; use domain::entities::account::Account;
use library::cache::login_cache::{LoginAccount, LOGIN_CACHE};
use library::resp::response::ResErr::ErrPerm; use library::resp::response::ResErr::ErrPerm;
use library::resp::response::{ResErr, ResOK, ResResult}; use library::resp::response::{ResErr, ResOK, ResResult};
use library::social::google::GOOGLE_SOCIAL; use library::social::google::GOOGLE_SOCIAL;
use library::{db, token}; use library::{db, token};
use crate::utils::login_cache::{LoginAccount, LOGIN_CACHE};
pub async fn authenticate_google( pub async fn authenticate_google(
req: AuthenticateGooleAccountReq, req: AuthenticateGooleAccountReq,
) -> ResResult<ResOK<(String, String)>> { ) -> ResResult<ResOK<(String, String)>> {

2
service/src/lib.rs
View File

@ -1,5 +1,3 @@
pub mod account; pub mod account;
pub mod feedback; pub mod feedback;
pub mod sys_account; pub mod sys_account;
pub mod utils;

5
service/src/sys_account.rs
View File

@ -4,12 +4,9 @@ use domain::{
entities::account::{Account, Role}, entities::account::{Account, Role},
}; };
use library::{ use library::{
db, cache::login_cache::{LoginAccount, LOGIN_CACHE}, db, resp::response::{ResErr, ResOK, ResResult}, token::{generate_refresh_token, generate_token}
resp::response::{ResErr, ResOK, ResResult},
token::{generate_refresh_token, generate_token},
}; };
use crate::utils::login_cache::{LoginAccount, LOGIN_CACHE};
pub async fn authticate_with_password( pub async fn authticate_with_password(
req: AuthenticateWithPassword, req: AuthenticateWithPassword,