wanglei/AuthPlatform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改jwt-auth文件中优化不需要的代码

Browse Source
This commit is contained in:
wanglei 2025-11-01 15:38:37 +08:00
parent fb068ead3e
commit 6b3f93dfd9
3 changed files with 14 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
conf/nginx.conf
View File

@ -30,10 +30,9 @@ http {
log_not_found off; log_not_found off;
access_log off; access_log off;
} }
## 应用路径 ## 应用路径 todo 路径问题
set $APP_PATH '/home/frankly/work/AuthPlatform'; set $APP_PATH '/home/frankly/work/AuthPlatform';
#access_by_lua_file '${APP_PATH}/src/auth/jwt-auth.lua'; #access_by_lua_file '${APP_PATH}/src/auth/jwt-auth.lua';
#数据列表配置 #数据列表配置
include 'system/system.conf'; include 'system/system.conf';

32
src/auth/jwt-auth.lua
View File

@ -2,56 +2,38 @@ local jwt = require "resty.jwt"
local validators = require "resty.jwt-validators" local validators = require "resty.jwt-validators"
local conf = require("config") local conf = require("config")
--获取用户认证数据信息
local auth_header = ngx.var.http_Authorization local auth_header = ngx.var.http_Authorization
ngx.log(ngx.INFO, auth_header)
----定义响应数据 --如果请求头中没有令牌则直接返回401
local response = {}
----如果请求头中没有令牌则直接返回401
if auth_header == nil or auth_header == "" then if auth_header == nil or auth_header == "" then
ngx.log(ngx.WARN, "没有找到令牌数据") ngx.log(ngx.WARN, "没有找到令牌数据")
response["code"] = ngx.HTTP_UNAUTHORIZED
response["message"] = "没有找到令牌数据"
ngx.status = ngx.HTTP_UNAUTHORIZED ngx.status = ngx.HTTP_UNAUTHORIZED
ngx.header.content_type = "application/json; charset=utf-8"
ngx.body = response
ngx.exit(ngx.HTTP_UNAUTHORIZED) ngx.exit(ngx.HTTP_UNAUTHORIZED)
end end
--[[
--查找令牌中的Bearer前缀字符并进行截取 --查找令牌中的Bearer前缀字符并进行截取 todo 使用jsonscheme进行匹配
local _, _, token = string.find(auth_header, "Bearer%s+(.+)") local _, _, token = string.find(auth_header, "Bearer%s+(.+)")
--如果没有Bearer则表示令牌无效 --如果没有Bearer则表示令牌格式不正确
if token == nil then if token == nil then
response["code"] = ngx.HTTP_UNAUTHORIZED
response["message"] = "令牌格式不正确"
ngx.log(ngx.WARN, "令牌格式不正确") ngx.log(ngx.WARN, "令牌格式不正确")
ngx.status = ngx.HTTP_UNAUTHORIZED ngx.status = ngx.HTTP_UNAUTHORIZED
ngx.header.content_type = "application/json; charset=utf-8"
ngx.body = response
ngx.exit(ngx.HTTP_UNAUTHORIZED) ngx.exit(ngx.HTTP_UNAUTHORIZED)
end end
--]]
--校验令牌 --校验令牌
local jwt_obj = jwt:verify(conf.secret_key, auth_header) local jwt_obj = jwt:verify(conf.secret_key, auth_header)
--如果校验结果中的verified==false则表示令牌无效 --如果校验结果中的verified==false则表示令牌无效
if jwt_obj.verified == false then if jwt_obj.verified == false then
ngx.log(ngx.WARN, "Invalid token: ".. jwt_obj.reason) ngx.log(ngx.WARN, "Invalid token: ".. jwt_obj.reason)
response["code"] = ngx.HTTP_UNAUTHORIZED
response["message"] = "令牌无效"
ngx.status = ngx.HTTP_UNAUTHORIZED ngx.status = ngx.HTTP_UNAUTHORIZED
ngx.header.content_type = "application/json; charset=utf-8"
ngx.body = response
ngx.exit(ngx.HTTP_UNAUTHORIZED) ngx.exit(ngx.HTTP_UNAUTHORIZED)
end end
--判断token是否超时 --判断token是否超时 --令牌已过期
if jwt_obj.payload.exp and os.time() > jwt_obj.payload.exp then if jwt_obj.payload.exp and os.time() > jwt_obj.payload.exp then
ngx.log(ngx.WARN, "token timeout ".. jwt_obj.reason) ngx.log(ngx.WARN, "token timeout ".. jwt_obj.reason)
response["code"] = ngx.HTTP_UNAUTHORIZED
response["message"] = "令牌已过期"
ngx.status = ngx.HTTP_UNAUTHORIZED ngx.status = ngx.HTTP_UNAUTHORIZED
ngx.header.content_type = "application/json; charset=utf-8"
ngx.body = response
ngx.exit(ngx.HTTP_UNAUTHORIZED) ngx.exit(ngx.HTTP_UNAUTHORIZED)
end end

6
src/dao/user.lua
View File

@ -12,6 +12,12 @@ local userModel = model:new('sys_user')
local _M = {} local _M = {}
local user = {
["ID"] = "",
["type"] = 0,
}
--判断用户是否存在 --判断用户是否存在
local function isExistUser(id) local function isExistUser(id)
--根据用户id进行验证用户是否存在 --根据用户id进行验证用户是否存在