conf/nginx.conf

@@ -56,7 +56,7 @@ http {
         access_by_lua_block {
             ngx.header["Access-Control-Allow-Origin"] = "*";
             ngx.header["Access-Control-Allow-Methods"] = "GET, POST, DELETE, PUT";
-            ngx.header["Access-Control-Allow-Headers"] = "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization";
+            ngx.header["Access-Control-Allow-Headers"] = "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range";
             ngx.header["Access-Control-Max-Age"] = 1728000;
             ngx.header["Access-Control-Expose-Headers"] = "Content-Length,Content-Range";
             if ngx.var.request_method == "OPTIONS" then

src/dao/system/user.lua

@@ -47,17 +47,17 @@ function _M:getUserByUsername(username)
 end
 
 -- 查询数据表中的所有用户信息
-function _M:getSystemUsers(pageNum, pageSize)
+function _M.getSystemUsers(pageNum, pageSize)
     return userModel:paginate(pageNum, pageSize)
 end
 
 --根据用户id获取用户信息
-function _M:getSystemUser(id)
+function _M.getSystemUser(id)
     return userModel:find(id)
 end
 
 --增加用户信息到数据表
-function _M:addSystemUser(jsonData)
+function _M.addSystemUser(jsonData)
     if jsonData == nil or jsonData == "" then
         return 0x000001, nil
     end

src/service/oauth/oauth.lua

@@ -12,7 +12,6 @@ local rsa = require("util.rsa")
 local authcode = require("util.authcode")
 local token = require("util.token")
 local client = require("util.client")
-local conf = require("config")
 
 local _M = {}
 
@@ -152,19 +151,17 @@ local function authorizateCode(args)
         return
     end
     -- 4.生成密钥对
-    --local pub_key, priv_key, err = rsa.generate_rsa_keys(2048)
+    local pub_key, priv_key, err = rsa.generate_rsa_keys(2048)
-    --if err then
+    if err then
-    --    print("密钥生成失败: ", err)
+        print("密钥生成失败: ", err)
-    --    local result = resp:json(0x00001)
+        local result = resp:json(0x00001)
-    --    resp:send(result)
+        resp:send(result)
-    --    return
+        return
-    --end
+    end
-    --print("token pubkey:", pub_key)
+    print("token pubkey:", pub_key)
-    local priv_key = conf.secret_key
     local user_id = code_data.user_id
     local client_id = code_data.client_id
     local scope = code_data.scope
-    print("authorizateCode user_id:", user_id, " client_id:", client_id)
     -- 5.生成新 Access Token
     local new_access_token = token.generate_access_token(priv_key, user_id, client_id, scope)
     -- 生成新 Refresh Token（滚动刷新）
@@ -252,7 +249,6 @@ function _M:userinfo()
     --end
     -- 4.对token进行验证
     --print("userinfo pubkey:", pub_key)
-    local pub_key = conf.secret_key
     local jwt_obj = jwt:verify(pub_key, token)
     --如果校验结果中的verified==false，则表示令牌无效
     if jwt_obj.verified == false then
@@ -268,14 +264,10 @@ function _M:userinfo()
         ngx.exit(ngx.HTTP_UNAUTHORIZED)
     end
     --通过用户id获取用户信息
-    print("-- get jwt_obj.payload value --")
-    for key, value in pairs(jwt_obj.payload) do
-        print("jwt_obj.payload: ", key, "  ", value)
-    end
     local user_id = jwt_obj.payload.sub
     local code, rest = oauthDao.getUser(user_id)
     --读取数据错误
-    if code ~= 0 or rest == nil then
+    if code ~= 0 or table.getn(ret) < 0 then
         local result = resp:json(0x000001)
         resp:send(result)
         return