wanglei/AuthPlatform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: wanglei:ff0b020166d41f4756b58924f0e517dfd9c2f131
Branches Tags
wanglei:master
...
compare: wanglei:a201651785a4ba3bd64048d051858be5ff0fe67f
Branches Tags
wanglei:master

4 Commits
ff0b020166 ... a201651785

Author SHA1 Message Date
wanglei
a201651785 修改系统接口相关登录和认证代码的业务逻辑,并编写oauth2.0相关接口函数的定义 2025-11-10 19:34:43 +08:00
wanglei
dd364d7ad1 修改默认登录文件名称,并修改文件中的代码 2025-11-10 11:09:03 +08:00
wanglei
6177a66193 修改接口名称和文件目录 2025-11-10 10:52:07 +08:00
wanglei
d315fa4ad2 对前端访问时跨域问题进行修改,允许跨域访问 2025-11-10 09:58:24 +08:00
34 changed files with 525 additions and 104 deletions
Show Stats Expand all files Collapse all files

22
conf/nginx.conf
View File

@ -52,6 +52,16 @@ http {
## 应用路径 todo 路径问题
set $APP_PATH '/home/frankly/work/AuthPlatform';
#访问时允许跨域处理
access_by_lua_block {
ngx.header["Access-Control-Allow-Origin"] = "*"
ngx.header["Access-Control-Allow-Methods"] = "GET, POST, DELETE, PUT"
ngx.header["Access-Control-Allow-Headers"] = "Content-Type, Authorization"
if ngx.var.request_method == "OPTIONS" then
ngx.exit(ngx.HTTP_NOT_ALLOWED)
end
}
#数据列表配置
include 'system/system.conf';
@ -81,10 +91,10 @@ http {
}
}
server {
listen 9081 ssl http2;
server_name *.*;
ssl_certificate ssl/metroid.crt;
ssl_certificate_key ssl/metroid.key;
}
#server {
# listen 9081 ssl http2;
# server_name *.*;
# ssl_certificate ssl/metroid.crt;
# ssl_certificate_key ssl/metroid.key;
#}
}

4
conf/system/system.conf
View File

@ -2,8 +2,8 @@
### 接口相关控制接口文件需要使用jwt进行token验证 ###
######################################################
#用户认证登陆相关
location /api/auth {
content_by_lua_file '${APP_PATH}/src/api/auth/auth.lua';
location /api/user {
content_by_lua_file '${APP_PATH}/src/api/system/login.lua';
}
#账号信息数据接口

73
src/api/oauth/oauth.lua Normal file
View File

@ -0,0 +1,73 @@
---
--- Generated by EmmyLua(https://github.com/EmmyLua)
--- Created by admin.
--- DateTime: 2025/10/28 11:09
---
--解析url路由过滤库
local radix = require("resty.radixtree")
--数据表业务处理
local oauthService = require("service.oauth.oauth")
--定义相关路由前端接口url地址
local routes = {
--------------------------------------------
-------------OAuth2.0认证相关路由配置--------------
--------------------------------------------
--获取授权码
{
paths = { "/api/oauth/v2/authorize" },
methods = { "POST" },
handler = oauthService.authorize,
},
--根据授权码获取Access-Token
{
paths = { "/api/oauth/v2/token" },
methods = { "POST" },
handler = oauthService.token,
},
--根据Access-Token获取相应用户的账户信息
{
paths = { "/api/oauth/v2/userinfo" },
methods = { "POST" },
handler = oauthService.userinfo,
},
--回收Access-Token
{
paths = { "/api/oauth/v2/logout" },
methods = { "POST" },
handler = oauthService.logout,
},
--根据Refresh-Token刷新Access-Token
{
paths = { "/api/oauth/v2/refresh" },
methods = { "POST" },
handler = oauthService.refresh,
},
--验证token是否有效
{
paths = { "/api/oauth/v2/checklogin" },
methods = { "POST" },
handler = oauthService.checklogin,
},
}
-- 初始化路由
local rx, err = radix.new(routes)
if not rx then
ngx.say("Not Found")
ngx.exit(ngx.HTTP_NOT_FOUND)
end
--获取访问的uri地址
local uri = ngx.var.uri
local opts = {
method = ngx.var.request_method,
matched = {}
}
-- 进行路由匹配和相关函数调用
local ok = rx:dispatch(uri, opts, opts.matched)
if not ok then
ngx.say("Not Found")
ngx.exit(ngx.HTTP_NOT_FOUND)
end

22
src/api/auth/auth.lua → src/api/system/login.lua
View File

@ -6,7 +6,7 @@
--解析url路由过滤库
local radix = require("resty.radixtree")
--数据表业务处理
local authService = require("service.auth.auth")
local loginService = require("service.system.login")
--定义相关路由前端接口url地址
local routes = {
@ -15,33 +15,33 @@ local routes = {
--------------------------------------------
--用户登录路由接口
{
paths = { "/api/auth/login" },
paths = { "/api/user/login" },
methods = { "POST" },
handler = authService.login,
handler = loginService.login,
},
--用户注册路由接口
{
paths = { "/api/auth/signup" },
paths = { "/api/user/signup" },
methods = { "POST" },
handler = authService.signup,
handler = loginService.signup,
},
--用户退出路由接口
{
paths = { "/api/auth/logout" },
paths = { "/api/user/logout" },
methods = { "POST" },
handler = authService.logout,
handler = loginService.logout,
},
--根据token信息获取用户信息数据
{
paths = { "/api/auth/user" },
paths = { "/api/user/user" },
methods = { "GET" },
handler = authService.user,
handler = loginService.user,
},
--根据token信息获取用户权限数据
{
paths = { "/api/auth/permission" },
paths = { "/api/user/permission" },
methods = { "GET" },
handler = authService.permission,
handler = loginService.permission,
},
}

6
src/api/system/user.lua
View File

@ -11,6 +11,7 @@ local systemUser = require("service.system.user")
--定义相关路由前端接口url地址
local routes = {
--用户相关路由接口
--获取所有用户信息数据
{
paths = { "/api/system/users" },
methods = { "GET" },
@ -20,6 +21,7 @@ local routes = {
end,
handler = systemUser.getSystemUsers,
},
--根据用户id获取用户详情信息
{
paths = { "/api/system/users/:id" },
methods = { "GET" },
@ -29,6 +31,7 @@ local routes = {
end,
handler = systemUser.getSystemUser,
},
--根据增加新的用户信息
{
paths = { "/api/system/users" },
methods = { "POST" },
@ -38,6 +41,7 @@ local routes = {
end,
handler = systemUser.addSystemUser,
},
--根据用户id删除用户信息
{
paths = { "/api/system/users/:id" },
methods = { "DELETE" },
@ -47,6 +51,7 @@ local routes = {
end,
handler = systemUser.deleteSystemUser,
},
--根据用户id编辑用户信息
{
paths = { "/api/system/users/:id" },
methods = { "PUT" },
@ -66,7 +71,6 @@ if not rx then
end
--获取访问的uri地址
--local uri = ngx.var.request_uri
local uri = ngx.var.uri
local opts = {
host = ngx.var.host,

4
src/auth/jwt-auth.lua
View File

@ -1,7 +1,7 @@
local jwt = require "resty.jwt"
local cjson = require("cjson.safe")
local jsonschema = require("jsonschema")
require("config")
local conf = require("config")
-- 定义一个JSON Schema
local schema = {
@ -34,7 +34,7 @@ end
--获取token的数据值
local token = string.sub(auth_header,8)
--校验令牌
local jwt_obj = jwt:verify(SYSTEM_CONFIG.secret_key, token)
local jwt_obj = jwt:verify(conf.secret_key, token)
--如果校验结果中的verified==false则表示令牌无效
if jwt_obj.verified == false then
ngx.log(ngx.WARN, "Invalid token: ".. jwt_obj.reason)

38
src/config.lua
View File

@ -4,38 +4,38 @@
--- DateTime: 2025/9/24 16:31
--- 配置文件配置信息
SYSTEM_CONFIG = {
APP_ENV = "dev", -- dev/prod
local _M = {
APP_ENV = "dev", -- dev/prod
locale = 'zh',
time_zone = "+8:00", -- UTC + 8
time_zone = "+8:00", -- UTC + 8
secret_key = "!@#$5412$#@!", -- 确保这个密钥足够安全并保密
secret_key = "!@#$5412$#@!", -- 确保这个密钥足够安全并保密
REDIS_PREFIX = 'Auth:',
-- 配置redis数据库连接
REDIS = {
HOST = "127.0.0.1", -- redis host
PORT = 6379, -- redis port
PASSWORD = nil, -- redis password
HOST = "127.0.0.1", -- redis host
PORT = 6379, -- redis port
PASSWORD = nil, -- redis password
POOL_MAX_IDLE_TIME = 10000,
POOL_TIMEOUT = 1000, -- pool timeout
POOL_SIZE = 20, -- pool size
TIMEOUT = 1000, -- timeout
POOL_TIMEOUT = 1000, -- pool timeout
POOL_SIZE = 20, -- pool size
TIMEOUT = 1000, -- timeout
},
-- 配置PostgresSQL数据库连接
POSTGRES = {
HOST = "127.0.0.1", -- postgres host
PORT = 5432, -- postgres port
USERNAME = "postgres",
HOST = "127.0.0.1", -- postgres host
PORT = 5432, -- postgres port
USERNAME = "postgres", -- postgres user name
PASSWORD = "1qaz2wsx", -- postgres password
DATABASE = "postgres",
DATABASE = "postgres", -- postgres database name
CHARSET = 'utf8',
POOL_TIMEOUT = 1000, -- postgresql pool timeout
POOL_SIZE = 100, -- postgresql pool size
TIMEOUT = 1000, -- postgresql timeout
POOL_TIMEOUT = 1000, -- postgresql pool timeout
POOL_SIZE = 100, -- postgresql pool size
TIMEOUT = 1000, -- postgresql timeout
}
}
return _M

2
src/dao/auth.lua → src/dao/oauth/oauth.lua
View File

@ -3,7 +3,7 @@
--- Created by frankly.
--- DateTime: 2025/10/29 23:36
---
local userDao = require("dao.user")
local userDao = require("dao.system.user")
local _M = {}

0
src/dao/account.lua → src/dao/system/account.lua
View File

0
src/dao/application.lua → src/dao/system/application.lua
View File

0
src/dao/department.lua → src/dao/system/department.lua
View File

70
src/dao/system/login.lua Normal file
View File

@ -0,0 +1,70 @@
---
--- Generated by EmmyLua(https://github.com/EmmyLua)
--- Created by frankly.
--- DateTime: 2025/10/29 23:36
---
local userDao = require("dao.system.user")
local _M = {}
--认证用户返回用户数据信息
local function authenticate(name, passwd)
--验证用户名是否为空
if name == "" then
return 0x010003, nil
end
--验证密码是否为空
if passwd == "" then
return 0x010002, nil
end
return userDao:adjustUser(name, passwd)
end
--用户登录业务逻辑处理
function _M.login(jsonData)
--解析json中的键和数据值
local name = jsonData["username"]
local passwd = jsonData["password"]
local captcha = jsonData["captcha"]
local checkKey = jsonData["checkKey"]
--验证用户名是否为空
local code, res = authenticate(name, passwd)
if code ~= 0 then
return 0x000001,res
end
local num = 0
if res ~= nil then
num = table.getn(res)
end
--用户存在时返回用户已经存在
if num <= 0 then
return 0x01000C,nil
end
local userid = res[1].id
--获取用户id查询角色信息
local err, rest = userDao:userRole(userid)
if rest == nil then
return 0x01000C,nil
end
res[1].role_id = rest[1].role_id
res[1].role_name = rest[1].role_name
return 0, res
end
--用户登出业务逻辑处理
function _M.logout(jsonData)
local code = 0
local ret = "{}"
return code, ret
end
--用户注册业务逻辑处理
function _M.signup(jsonData)
return userDao:addSystemUser(jsonData)
end
function _M.getUser(userid)
return userDao:getSystemUser(userid)
end
return _M

0
src/dao/permission.lua → src/dao/system/permission.lua
View File

0
src/dao/position.lua → src/dao/system/position.lua
View File

0
src/dao/role.lua → src/dao/system/role.lua
View File

2
src/dao/user.lua → src/dao/system/user.lua
View File

@ -10,7 +10,7 @@ local model = require("share.model")
--创建一个数据表相关的模型
local userModel = model:new('sys_user')
local roles = require("dao.role")
local roles = require("dao.system.role")
local _M = {}

14
src/init.lua
View File

@ -19,7 +19,7 @@ end
-- return
--end
require("config")
local conf = require("config")
print("init application woker id:", ngx.worker.id())
--初始化获取系统默认的用户权限为实现RBAC框架做权限数据准备
@ -28,17 +28,17 @@ local function handler()
local redis = require("resty.redis")
local red = redis:new()
-- 设置超时时间
red:set_timeout(SYSTEM_CONFIG.REDIS.TIMEOUT) -- 1秒
red:set_timeout(conf.REDIS.TIMEOUT) -- 1秒
-- 连接到 Redis
local ok, err = red:connect(SYSTEM_CONFIG.REDIS.HOST, SYSTEM_CONFIG.REDIS.PORT)
local ok, err = red:connect(conf.REDIS.HOST, conf.REDIS.PORT)
if not ok then
ngx.log(ngx.ERR, "redis failed to connect: "..err)
return
end
--需要密码时对密码进行处理
if SYSTEM_CONFIG.REDIS.PASSWORD ~= nil then
local res, err = red:auth(SYSTEM_CONFIG.REDIS.PASSWORD)
if conf.REDIS.PASSWORD ~= nil then
local res, err = red:auth(conf.REDIS.PASSWORD)
if not res then
ngx.log(ngx.ERR, "redis failed to connect, password error: "..err)
return
@ -46,10 +46,10 @@ local function handler()
end
-- 从连接池中获取连接
--red:set_keepalive(SYSTEM_CONFIG.REDIS.POOL_MAX_IDLE_TIME, SYSTEM_CONFIG.REDIS.POOL_SIZE)
--red:set_keepalive(conf.REDIS.POOL_MAX_IDLE_TIME, conf.REDIS.POOL_SIZE)
--读取用户表、角色表和权限表中配置的权限数据
local roleDao = require("dao.role")
local roleDao = require("dao.system.role")
--获取数据表中的记录数
local code, res = roleDao:getAllSystemRoles()
if res == nil then return end

110
src/service/oauth/oauth.lua Normal file
View File

@ -0,0 +1,110 @@
---
--- Generated by EmmyLua(https://github.com/EmmyLua)
--- Created by admin.
--- DateTime: 2025/10/28 11:09
--- 用于
local resp = require("util.response")
local authDao = require("dao.oauth.oauth")
local validator = require("validator.oauth.oauth")
local cjson = require("cjson.safe")
local token = require("util.uuid")
local _M = {}
--获取授权码
function _M:authorize()
--读取请求体的数据
ngx.req.read_body()
--获取请求数据
local body_data = ngx.req.get_body_data()
-- 验证数据是否符合json
local ok = validatorJson.validatorAuthorize(body_data)
--验证失败则返回
if not ok then
local result = resp:json(0x000001)
resp:send(result)
return
end
end
--根据授权码获取Access-Token
function _M:token()
--读取请求体的数据
ngx.req.read_body()
--获取请求数据
local body_data = ngx.req.get_body_data()
-- 验证数据是否符合json
local ok = validatorJson.validatorToken(body_data)
--验证失败则返回
if not ok then
local result = resp:json(0x000001)
resp:send(result)
return
end
end
--根据Access-Token获取相应用户的账户信息
function _M:userinfo()
--读取请求体的数据
ngx.req.read_body()
--获取请求数据
local body_data = ngx.req.get_body_data()
-- 验证数据是否符合json
local ok = validatorJson.validatorJson(body_data)
--验证失败则返回
if not ok then
local result = resp:json(0x000001)
resp:send(result)
return
end
end
--回收Access-Token
function _M:logout()
--读取请求体的数据
ngx.req.read_body()
--获取请求数据
local body_data = ngx.req.get_body_data()
-- 验证数据是否符合json
local ok = validatorJson.validatorJson(body_data)
--验证失败则返回
if not ok then
local result = resp:json(0x000001)
resp:send(result)
return
end
end
--根据Refresh-Token刷新Access-Token
function _M:refresh()
--读取请求体的数据
ngx.req.read_body()
--获取请求数据
local body_data = ngx.req.get_body_data()
-- 验证数据是否符合json
local ok = validatorJson.validatorJson(body_data)
--验证失败则返回
if not ok then
local result = resp:json(0x000001)
resp:send(result)
return
end
end
--验证token是否有效
function _M:checklogin()
--读取请求体的数据
ngx.req.read_body()
--获取请求数据
local body_data = ngx.req.get_body_data()
-- 验证数据是否符合json
local ok = validatorJson.validatorJson(body_data)
--验证失败则返回
if not ok then
local result = resp:json(0x000001)
resp:send(result)
return
end
end
return _M

2
src/service/system/account.lua
View File

@ -4,7 +4,7 @@
--- DateTime: 2025/9/25 08:25
--- 业务逻辑 对账户数据表进行数据表业务处理
local resp = require("util.response")
local accountDao = require("dao.account")
local accountDao = require("dao.system.account")
local validatorJson = require("validator.system.account")
local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")

2
src/service/system/application.lua
View File

@ -4,7 +4,7 @@
--- DateTime: 2025/9/27 16:02
--- 业务逻辑 对应用数据表进行数据表业务处理
local resp = require("util.response")
local applicationDao = require("dao.application")
local applicationDao = require("dao.system.application")
local validatorJson = require("validator.system.application")
local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")

2
src/service/system/department.lua
View File

@ -4,7 +4,7 @@
--- DateTime: 2025/9/28 10:22
--- 业务逻辑 对组织架构数据表进行数据表业务处理
local resp = require("util.response")
local departmentDao = require("dao.department")
local departmentDao = require("dao.system.department")
local validatorJson = require("validator.system.department")
local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")

12
src/service/auth/auth.lua → src/service/system/login.lua
View File

@ -4,8 +4,8 @@
--- DateTime: 2025/10/28 11:09
--- 用于
local resp = require("util.response")
local authDao = require("dao.auth")
local validator = require("validator.auth.auth")
local loginDao = require("dao.system.login")
local validator = require("validator.system.login")
local cjson = require("cjson.safe")
local token = require("util.token")
@ -29,7 +29,7 @@ function _M.login()
return
end
--ngx.say(body_data)
local code, ret = authDao.login(cjson.decode(body_data))
local code, ret = loginDao.login(cjson.decode(body_data))
--读取数据错误
if code ~= 0 or table.getn(ret) < 0 then
local result = resp:json(0x000001)
@ -64,7 +64,7 @@ function _M.signup()
return
end
--ngx.say(body_data)
local code, ret = authDao.signup(cjson.decode(body_data))
local code, ret = loginDao.signup(cjson.decode(body_data))
--读取数据错误
if code ~= 0 or table.getn(ret) < 0 then
local result = resp:json(0x000001)
@ -114,7 +114,7 @@ function _M.user()
end
--验证成功获取用户id信息
local userid = retToken["body"]["payload"]["userid"]
local code, ret = authDao.getUser(userid)
local code, ret = loginDao.getUser(userid)
--读取数据错误
if code ~= 0 or table.getn(ret) < 0 then
local result = resp:json(0x000001)
@ -145,7 +145,7 @@ function _M.permission()
local role_id = retToken["body"]["payload"]["role_id"]
local role_name = retToken["body"]["payload"]["role_name"]
--通过用户id查询到用户的权限信息
local code, ret = authDao.getUser(userid)
local code, ret = loginDao.getUser(userid)
--读取数据错误
if code ~= 0 or table.getn(ret) < 0 then
local result = resp:json(0x000001)

2
src/service/system/permission.lua
View File

@ -4,7 +4,7 @@
--- DateTime: 2025/9/27 17:06
--- 业务逻辑 对权限数据表进行数据表业务处理
local resp = require("util.response")
local permissionDao = require("dao.permission")
local permissionDao = require("dao.system.permission")
local validatorJson = require("validator.system.permission")
local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")

2
src/service/system/position.lua
View File

@ -4,7 +4,7 @@
--- DateTime: 2025/11/04 15:01
--- 业务逻辑 对岗位数据表进行数据表业务处理
local resp = require("util.response")
local positionDao = require("dao.position")
local positionDao = require("dao.system.position")
local validatorJson = require("validator.system.position")
local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")

2
src/service/system/role.lua
View File

@ -4,7 +4,7 @@
--- DateTime: 2025/9/27 15:19
--- 业务逻辑 对用户角色数据表进行数据表业务处理
local resp = require("util.response")
local roleDao = require("dao.role")
local roleDao = require("dao.system.role")
local validatorJson = require("validator.system.role")
local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")

2
src/service/system/user.lua
View File

@ -4,7 +4,7 @@
--- DateTime: 2025/9/25 08:19
--- 业务逻辑 对用户数据表进行数据表业务处理
local resp = require("util.response")
local userDao = require("dao.user")
local userDao = require("dao.system.user")
local validatorJson = require("validator.system.user")
local cjson = require("cjson.safe")
local token = require("util.token")

4
src/share/helpers.lua
View File

@ -5,7 +5,7 @@
---
local snowflake = require("share.snowflake")
local cjson = require("cjson.safe")
require("config")
local conf = require("config")
local _M = {}
@ -128,7 +128,7 @@ local function get_cookie(key)
end
local function get_local_time()
local time_zone = ngx.re.match(SYSTEM_CONFIG.time_zone, "[0-9]+")
local time_zone = ngx.re.match(conf.time_zone, "[0-9]+")
if time_zone == nil then
local err = "not set time zone or format error, time zone should look like `+8:00` current is: " .. config.time_zone
ngx.log(ngx.ERR, err)

38
src/share/model.lua
View File

@ -1,4 +1,4 @@
require("config")
local conf = require("config")
local Database = require('share.database')
local helpers = require('share.helpers')
local implode = helpers.implode
@ -11,28 +11,28 @@ local WRITE = 'WRITE'
local READ = 'READ'
local database_write = Database:new({
host = SYSTEM_CONFIG.POSTGRES.HOST,
port = SYSTEM_CONFIG.POSTGRES.PORT,
user = SYSTEM_CONFIG.POSTGRES.USERNAME,
password = SYSTEM_CONFIG.POSTGRES.PASSWORD,
database = SYSTEM_CONFIG.POSTGRES.DATABASE,
charset = SYSTEM_CONFIG.POSTGRES.CHARSET,
timeout = SYSTEM_CONFIG.POSTGRES.TIMEOUT,
db_pool_timeout = SYSTEM_CONFIG.POSTGRES.POOL_TIMEOUT,
db_pool_size = SYSTEM_CONFIG.POSTGRES.POOL_SIZE,
host = conf.POSTGRES.HOST,
port = conf.POSTGRES.PORT,
user = conf.POSTGRES.USERNAME,
password = conf.POSTGRES.PASSWORD,
database = conf.POSTGRES.DATABASE,
charset = conf.POSTGRES.CHARSET,
timeout = conf.POSTGRES.TIMEOUT,
db_pool_timeout = conf.POSTGRES.POOL_TIMEOUT,
db_pool_size = conf.POSTGRES.POOL_SIZE,
db_type = WRITE
})
local database_read = Database:new({
host = SYSTEM_CONFIG.POSTGRES.HOST,
port = SYSTEM_CONFIG.POSTGRES.PORT,
user = SYSTEM_CONFIG.POSTGRES.USERNAME,
password = SYSTEM_CONFIG.POSTGRES.PASSWORD,
database = SYSTEM_CONFIG.POSTGRES.DATABASE,
charset = SYSTEM_CONFIG.POSTGRES.CHARSET,
timeout = SYSTEM_CONFIG.POSTGRES.TIMEOUT,
db_pool_timeout = SYSTEM_CONFIG.POSTGRES.POOL_TIMEOUT,
db_pool_size = SYSTEM_CONFIG.POSTGRES.POOL_SIZE,
host = conf.POSTGRES.HOST,
port = conf.POSTGRES.PORT,
user = conf.POSTGRES.USERNAME,
password = conf.POSTGRES.PASSWORD,
database = conf.POSTGRES.DATABASE,
charset = conf.POSTGRES.CHARSET,
timeout = conf.POSTGRES.TIMEOUT,
db_pool_timeout = conf.POSTGRES.POOL_TIMEOUT,
db_pool_size = conf.POSTGRES.POOL_SIZE,
db_type = READ
})

4
src/share/redis.lua
View File

@ -1,9 +1,9 @@
local redis = require("resty.redis")
require("config")
local conf = require("config")
local _M = setmetatable({}, {__index = function(self, key)
local red = redis:new()
local ok, err = red:connect(SYSTEM_CONFIG.REDIS.HOST, SYSTEM_CONFIG.REDIS.PORT)
local ok, err = red:connect(conf.REDIS.HOST, conf.REDIS.PORT)
if not ok then
ngx.log(ngx.ERR, err)
end

40
src/test/test.lua
View File

@ -9,11 +9,13 @@ local jsonschema = require("jsonschema")
local cjson = require("cjson.safe")
local redis = require("share.redis")
--local workerId = 0 -- 假设当前机器的ID是1范围在[0, 31]之间
--local datacenterId = 0 -- 数据中心ID范围在[0, 31]之间
--local snow = snowflake.new(workerId, datacenterId)
--local id = snow:generateUniqueId()-- 生成ID
--[[
local workerId = 0 -- 假设当前机器的ID是1范围在[0, 31]之间
local datacenterId = 0 -- 数据中心ID范围在[0, 31]之间
local snow = snowflake.new(workerId, datacenterId)
local id = snow:generateUniqueId()-- 生成ID
--ngx.say("Generated ID:"..snow.int64_to_string(id))
--]]
--max =a and b or c--a?b:c
@ -123,17 +125,22 @@ if val6 ~= nil then
end
--]]
local uuid = require("util.uuid")
--app_id 应用程序id
local uid = uuid.generateUuid()
ngx.say("uuid:"..uid)
--app_secret 应用程序密钥
math.randomseed(os.time() + (os.clock() * 1000000)) -- 增强随机性
local charset = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
local result = {}
for i = 1, #uid do
local rand = math.random(1, #charset)
table.insert(result, string.sub(charset, rand, rand))
end
print(generate_12char_uuid()) -- 示例输出aB3eF7hJ9kL2
--[[
local uuid = require("resty.jit-uuid")
uuid.seed()
local val = uuid()
local uid = uuid.generate_v4() ---> v4 UUID
local uid1 = uuid.generate_v3() ---> v3 UUID (name-based with MD5)
local uid2 = uuid.generate_v5() ---> v5 UUID (name-based with SHA-1)
uuid.is_valid() ---> true/false (automatic JIT PCRE or Lua patterns)
--ngx.say(val.." "..uid)
local args = ngx.req.get_uri_args()
local pageNum = args["pagenum"] or 1
local pageSize = args["pagesize"] or 10
@ -333,6 +340,7 @@ else
end
--]]
--[[
local perm = require("util.permissionfilter")
local perms = {}
--获取角色的所所有全新信息
@ -352,8 +360,9 @@ end
--清除角色的权限数据
--perm:clearRolePermissions("admin")
--]]
--[[
local generateCert = require("util.generatorssl")
-- 使用示例
local success, files = generateCert:generate_self_signed_cert(
@ -370,6 +379,7 @@ if success then
else
print("证书生成失败")
end
--]]
--[[
--读取用户表、角色表和权限表中配置的权限数据

8
src/util/token.lua
View File

@ -6,7 +6,7 @@
local jwt = require("resty.jwt")
local jsonschema = require("jsonschema")
require("config")
local conf = require("config")
local _M = {}
@ -32,6 +32,7 @@ local obj = {
}
}
--通过参数生存jwt相关的token值
function _M.generateToken(userid, username, role_id, role_name)
if userid == nil or username == nil or role_id == nil or role_name == nil then
return ""
@ -42,7 +43,7 @@ function _M.generateToken(userid, username, role_id, role_name)
obj.payload.role_id = role_id
obj.payload.role_name = role_name
--获取的登陆的用户信息返回tocken
local jwt_token = jwt:sign(SYSTEM_CONFIG.secret_key, obj)
local jwt_token = jwt:sign(conf.secret_key, obj)
return "Bearer "..jwt_token
end
@ -57,6 +58,7 @@ function _M.authorizationToken(auth_header)
return response
end
--验证令牌是否符合要求
local validator = jsonschema.generate_validator(schema)
local data = {}
data.Authorization = auth_header
@ -71,7 +73,7 @@ function _M.authorizationToken(auth_header)
--查找令牌中的Bearer前缀字符并进行截取
local token = string.sub(auth_header,8)
--校验令牌
local jwt_obj = jwt:verify(SYSTEM_CONFIG.secret_key, token)
local jwt_obj = jwt:verify(conf.secret_key, token)
--如果校验结果中的verified==false则表示令牌无效
if jwt_obj.verified == false then
response["code"] = 401

29
src/util/uuid.lua Normal file
View File

@ -0,0 +1,29 @@
---
--- Generated by EmmyLua(https://github.com/EmmyLua)
--- Created by frankly.
--- DateTime: 2025/11/10 15:25
---
local jitUuid = require("resty.jit-uuid")
--uuid.seed()
--local val = uuid()
--local uuid1 = string.gsub(val,"-", "")
--local uid = uuid.generate_v4() ---> v4 UUID
--local uuid2 = string.gsub(uid, "-", "")
--local uid1 = uuid.generate_v3() ---> v3 UUID (name-based with MD5) --nil
--local uid2 = uuid.generate_v5() ---> v5 UUID (name-based with SHA-1) --nil
----uuid.is_valid() ---> true/false (automatic JIT PCRE or Lua patterns)
--ngx.say("val:"..uuid1.." uid:"..uuid2)--.." uid1:"..uid1--.." uid2:"..uid2)
local _M = {}
--使用库生存uuid
function _M.generateUuid()
jitUuid.seed()
local Guid = jitUuid.generate_v4() ---> v4 UUID
local uuid = string.gsub(Guid, "-", "")
return uuid
end
return _M

113
src/validator/oauth/oauth.lua Normal file
View File

@ -0,0 +1,113 @@
---
--- Generated by EmmyLua(https://github.com/EmmyLua)
--- Created by admin.
--- DateTime: 2025/10/30 08:09
---业务逻辑 对账户登录的参数进行数据的验证
local jsonschema = require("jsonschema")
local _M = {}
-- 定义一个JSON Schema
local schemaAuth = {
{type = "object", properties = {
{name = "username", type = "string"},
{name = "password", type = "string"},
{name = "captcha", type = "string"},
{name = "checkKey", type = "string"},
}, required = {"username", "password"}}
}
--获取授权码
function _M:validatorAuthorize(jsonData)
-- 验证数据是否符合schema
local validator = jsonschema.generate_validator(schemaAuth)
local result = validator(jsonData)
return result
end
local schemaToken = {
{type = "object", properties = {
{name = "username", type = "string"},
{name = "password", type = "string"},
{name = "captcha", type = "string"},
{name = "checkKey", type = "string"},
}, required = {"username", "password"}}
}
--根据授权码获取Access-Token
function _M:validatorToken(jsonData)
-- 验证数据是否符合schema
local validator = jsonschema.generate_validator(schemaToken)
local result = validator(jsonData)
return result
end
local schemaUserInfo = {
{type = "object", properties = {
{name = "username", type = "string"},
{name = "password", type = "string"},
{name = "captcha", type = "string"},
{name = "checkKey", type = "string"},
}, required = {"username", "password"}}
}
--根据Access-Token获取相应用户的账户信息
function _M:validatorUserinfo(jsonData)
-- 验证数据是否符合schema
local validator = jsonschema.generate_validator(schemaUserInfo)
local result = validator(jsonData)
return result
end
local schemaLogout = {
{type = "object", properties = {
{name = "username", type = "string"},
{name = "password", type = "string"},
{name = "captcha", type = "string"},
{name = "checkKey", type = "string"},
}, required = {"username", "password"}}
}
--回收Access-Token
function _M:validatorLogout(jsonData)
-- 验证数据是否符合schema
local validator = jsonschema.generate_validator(schemaLogout)
local result = validator(jsonData)
return result
end
local schemaRefresh = {
{type = "object", properties = {
{name = "username", type = "string"},
{name = "password", type = "string"},
{name = "captcha", type = "string"},
{name = "checkKey", type = "string"},
}, required = {"username", "password"}}
}
--根据Refresh-Token刷新Access-Token
function _M:validatorRefresh(jsonData)
-- 验证数据是否符合schema
local validator = jsonschema.generate_validator(schemaRefresh)
local result = validator(jsonData)
return result
end
local schemaChecklogin = {
{type = "object", properties = {
{name = "username", type = "string"},
{name = "password", type = "string"},
{name = "captcha", type = "string"},
{name = "checkKey", type = "string"},
}, required = {"username", "password"}}
}
--验证token是否有效
function _M:validatorChecklogin(jsonData)
-- 验证数据是否符合schema
local validator = jsonschema.generate_validator(schemaChecklogin)
local result = validator(jsonData)
return result
end
return _M

0
src/validator/auth/auth.lua → src/validator/system/login.lua
View File