Compare commits
No commits in common. "64b4e821450fa17280a3edbb51a42670f05848ae" and "70b308f041522525ebcbac9a87b036a8a41e7bca" have entirely different histories.
64b4e82145
...
70b308f041
|
|
@ -30,9 +30,10 @@ http {
|
|||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
## 应用路径 todo 路径问题
|
||||
## 应用路径
|
||||
set $APP_PATH '/home/frankly/work/AuthPlatform';
|
||||
|
||||
|
||||
#access_by_lua_file '${APP_PATH}/src/auth/jwt-auth.lua';
|
||||
#数据列表配置
|
||||
include 'system/system.conf';
|
||||
|
|
|
|||
|
|
@ -2,47 +2,80 @@ local jwt = require "resty.jwt"
|
|||
local validators = require "resty.jwt-validators"
|
||||
local conf = require("config")
|
||||
|
||||
-- 定义一个JSON Schema
|
||||
local schema = {
|
||||
{type = "object", properties = {
|
||||
{name = "username", type = "string", minLength = 8, maxLength = 20},
|
||||
}, required = {"username", "phone", "email", "idcard"}}
|
||||
}
|
||||
|
||||
--获取用户认证数据信息
|
||||
local auth_header = ngx.var.http_Authorization
|
||||
ngx.log(ngx.INFO, auth_header)
|
||||
----定义响应数据
|
||||
local response = {}
|
||||
----如果请求头中没有令牌,则直接返回401
|
||||
--if auth_header == nil then
|
||||
-- ngx.log(ngx.WARN, "No Authorization header")
|
||||
-- ngx.exit(ngx.HTTP_UNAUTHORIZED)
|
||||
--end
|
||||
--
|
||||
--ngx.log(ngx.INFO, "Authorization: " .. auth_header)
|
||||
--
|
||||
---- require Bearer token
|
||||
--local _, _, token = string.find(auth_header, "Bearer%s+(.+)")
|
||||
--
|
||||
--if token == nil then
|
||||
-- ngx.log(ngx.WARN, "Missing token")
|
||||
-- ngx.exit(ngx.HTTP_UNAUTHORIZED)
|
||||
--end
|
||||
--ngx.log(ngx.INFO, "Token: " .. token)
|
||||
--local jwt_obj = jwt:verify(ngx.decode_base64(secret), token)
|
||||
--if jwt_obj.verified == false then
|
||||
-- ngx.log(ngx.WARN, "Invalid token: ".. jwt_obj.reason)
|
||||
-- ngx.status = ngx.HTTP_UNAUTHORIZED
|
||||
-- ngx.header.content_type = "application/json; charset=utf-8"
|
||||
-- ngx.say(cjson.encode(jwt_obj))
|
||||
-- ngx.exit(ngx.HTTP_UNAUTHORIZED)
|
||||
--end
|
||||
--ngx.log(ngx.INFO, "JWT: " .. cjson.encode(jwt_obj))
|
||||
|
||||
--如果请求头中没有令牌,则直接返回401
|
||||
if auth_header == nil or auth_header == "" then
|
||||
ngx.log(ngx.WARN, "没有找到令牌数据")
|
||||
response["code"] = ngx.HTTP_UNAUTHORIZED
|
||||
response["message"] = "没有找到令牌数据"
|
||||
ngx.status = ngx.HTTP_UNAUTHORIZED
|
||||
ngx.header.content_type = "application/json; charset=utf-8"
|
||||
ngx.body = response
|
||||
ngx.exit(ngx.HTTP_UNAUTHORIZED)
|
||||
end
|
||||
|
||||
--查找令牌中的Bearer前缀字符,并进行截取 todo 使用jsonscheme进行匹配
|
||||
--[[
|
||||
--查找令牌中的Bearer前缀字符,并进行截取
|
||||
local _, _, token = string.find(auth_header, "Bearer%s+(.+)")
|
||||
--如果没有Bearer,则表示令牌格式不正确
|
||||
--如果没有Bearer,则表示令牌无效
|
||||
if token == nil then
|
||||
response["code"] = ngx.HTTP_UNAUTHORIZED
|
||||
response["message"] = "令牌格式不正确"
|
||||
ngx.log(ngx.WARN, "令牌格式不正确")
|
||||
ngx.status = ngx.HTTP_UNAUTHORIZED
|
||||
ngx.header.content_type = "application/json; charset=utf-8"
|
||||
ngx.body = response
|
||||
ngx.exit(ngx.HTTP_UNAUTHORIZED)
|
||||
end
|
||||
|
||||
--]]
|
||||
--校验令牌
|
||||
local jwt_obj = jwt:verify(conf.secret_key, auth_header)
|
||||
--如果校验结果中的verified==false,则表示令牌无效
|
||||
if jwt_obj.verified == false then
|
||||
ngx.log(ngx.WARN, "Invalid token: ".. jwt_obj.reason)
|
||||
response["code"] = ngx.HTTP_UNAUTHORIZED
|
||||
response["message"] = "令牌无效"
|
||||
ngx.status = ngx.HTTP_UNAUTHORIZED
|
||||
ngx.header.content_type = "application/json; charset=utf-8"
|
||||
ngx.body = response
|
||||
ngx.exit(ngx.HTTP_UNAUTHORIZED)
|
||||
end
|
||||
|
||||
--判断token是否超时 --令牌已过期
|
||||
--判断token是否超时
|
||||
if jwt_obj.payload.exp and os.time() > jwt_obj.payload.exp then
|
||||
ngx.log(ngx.WARN, "token timeout ".. jwt_obj.reason)
|
||||
response["code"] = ngx.HTTP_UNAUTHORIZED
|
||||
response["message"] = "令牌已过期"
|
||||
ngx.status = ngx.HTTP_UNAUTHORIZED
|
||||
ngx.header.content_type = "application/json; charset=utf-8"
|
||||
ngx.body = response
|
||||
ngx.exit(ngx.HTTP_UNAUTHORIZED)
|
||||
end
|
||||
|
||||
--全部校验完成后,说明令牌有效,返回令牌数据
|
||||
ngx.log(ngx.INFO, "令牌校验通过 JWT: " .. cjson.encode(jwt_obj))
|
||||
|
|
@ -12,12 +12,6 @@ local userModel = model:new('sys_user')
|
|||
|
||||
local _M = {}
|
||||
|
||||
local user = {
|
||||
["ID"] = "",
|
||||
["type"] = 0,
|
||||
|
||||
}
|
||||
|
||||
--判断用户是否存在
|
||||
local function isExistUser(id)
|
||||
--根据用户id进行验证用户是否存在
|
||||
|
|
|
|||
|
|
@ -13,9 +13,6 @@ local _M = {}
|
|||
|
||||
--用户登录业务逻辑处理
|
||||
function _M.login()
|
||||
--获取远端客户端的IP地址
|
||||
local client_ip = ngx.var.remote_addr
|
||||
ngx.log(ngx.INFO, "client_ip:"..client_ip.." login system")
|
||||
--读取请求体的数据
|
||||
ngx.req.read_body()
|
||||
--获取请求数据
|
||||
|
|
@ -44,6 +41,7 @@ function _M.login()
|
|||
end
|
||||
|
||||
--获取的登陆的用户信息,返回tocken
|
||||
--ngx.log(ngx.INFO, "userid:"..id.." username:"..username)
|
||||
local jwt_token = token.generateToken(id, username)
|
||||
local data = {}
|
||||
data["token"] = jwt_token
|
||||
|
|
|
|||
|
|
@ -92,44 +92,6 @@ else
|
|||
end
|
||||
--]]
|
||||
|
||||
--用于接收前端数据的对象
|
||||
local args=nil
|
||||
--获取前端的请求方式 并获取传递的参数
|
||||
local request_method = ngx.var.request_method
|
||||
--判断是get请求还是post请求并分别拿出相应的数据
|
||||
if"GET" == request_method then
|
||||
args = ngx.req.get_uri_args()
|
||||
elseif "POST" == request_method then
|
||||
ngx.req.read_body()
|
||||
args = ngx.req.get_post_args()
|
||||
--兼容请求使用post请求,但是传参以get方式传造成的无法获取到数据的bug
|
||||
if (args == nil or args.data == null) then
|
||||
args = ngx.req.get_uri_args()
|
||||
end
|
||||
end
|
||||
|
||||
--获取前端传递的name值
|
||||
local name =
|
||||
--响应前端
|
||||
ngx.say("linux hello:"..name)
|
||||
|
||||
--[[
|
||||
local M = {}
|
||||
local charset = {} do -- [0-9a-zA-Z]
|
||||
for c = 48, 57 do table.insert(charset, string.char(c)) end
|
||||
for c = 65, 90 do table.insert(charset, string.char(c)) end
|
||||
for c = 97, 122 do table.insert(charset, string.char(c)) end
|
||||
end
|
||||
function M.uuid(length)
|
||||
local res = ""
|
||||
for i = 1, length do
|
||||
res = res .. charset[math.random(1, #charset)]
|
||||
end
|
||||
return res
|
||||
end
|
||||
return M
|
||||
--]]
|
||||
|
||||
--[[
|
||||
local jwt = require("resty.jwt")
|
||||
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ function _M.generateToken(userid, username)
|
|||
obj.payload.username = username
|
||||
--获取的登陆的用户信息,返回tocken
|
||||
local jwt_token = jwt:sign(conf.secret_key, obj)
|
||||
return "Bearer "..jwt_token
|
||||
return jwt_token
|
||||
end
|
||||
|
||||
--令牌校验
|
||||
|
|
@ -45,7 +45,7 @@ function _M.authorizationToken(auth_header)
|
|||
response["message"] = "没有找到令牌数据"
|
||||
return response
|
||||
end
|
||||
|
||||
--[[
|
||||
--查找令牌中的Bearer前缀字符,并进行截取
|
||||
local _, _, token = string.find(auth_header, "Bearer%s+(.+)")
|
||||
--如果没有Bearer,则表示令牌无效
|
||||
|
|
@ -54,7 +54,7 @@ function _M.authorizationToken(auth_header)
|
|||
response["message"] = "令牌格式不正确"
|
||||
return response
|
||||
end
|
||||
|
||||
--]]
|
||||
--校验令牌
|
||||
local jwt_obj = jwt:verify(conf.secret_key, auth_header)
|
||||
--如果校验结果中的verified==false,则表示令牌无效
|
||||
|
|
|
|||
|
|
@ -10,13 +10,13 @@ local _M = {}
|
|||
-- 定义一个JSON Schema
|
||||
local schema = {
|
||||
{type = "object", properties = {
|
||||
{name = "username", type = "string", minLength = 8, maxLength = 20},
|
||||
{name = "phone", type = "string",minLength = 11},
|
||||
{name = "username", type = "string"},
|
||||
{name = "phone", type = "string"},
|
||||
{name = "email", type = "string"},
|
||||
{name = "idcard", type = "string"},
|
||||
{name = "name", type = "string"},
|
||||
{name = "office_phone", type = "string"},
|
||||
{name = "telephone", type = "string",minLength = 11},
|
||||
{name = "telephone", type = "string"},
|
||||
{name = "display_name", type = "string"},
|
||||
}, required = {"username", "phone", "email", "idcard"}}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user