2025-05-08 13:18:54 +08:00
|
|
|
|
package auth
|
|
|
|
|
|
|
2025-05-12 10:07:12 +08:00
|
|
|
|
import (
|
|
|
|
|
|
client2 "platform/web/domains/client"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
2025-05-08 13:18:54 +08:00
|
|
|
|
// Context 定义认证信息
|
|
|
|
|
|
type Context struct {
|
|
|
|
|
|
Payload Payload `json:"payload"`
|
|
|
|
|
|
Permissions map[string]struct{} `json:"permissions,omitempty"`
|
|
|
|
|
|
Metadata map[string]interface{} `json:"metadata,omitempty"`
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-05-12 10:07:12 +08:00
|
|
|
|
func (a *Context) AnyType(types ...PayloadType) bool {
|
|
|
|
|
|
if a == nil {
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, t := range types {
|
|
|
|
|
|
if a.Payload.Type == t {
|
|
|
|
|
|
return true
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-05-08 13:18:54 +08:00
|
|
|
|
// AnyPermission 检查认证是否包含指定权限
|
|
|
|
|
|
func (a *Context) AnyPermission(requiredPermission ...string) bool {
|
|
|
|
|
|
if a == nil || a.Permissions == nil {
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, permission := range requiredPermission {
|
|
|
|
|
|
if _, ok := a.Permissions[permission]; ok {
|
|
|
|
|
|
return true
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Payload 定义负载信息
|
|
|
|
|
|
type Payload struct {
|
|
|
|
|
|
Id int32 `json:"id,omitempty"`
|
|
|
|
|
|
Type PayloadType `json:"type,omitempty"`
|
|
|
|
|
|
Name string `json:"name,omitempty"`
|
2025-05-26 10:57:39 +08:00
|
|
|
|
Avatar *string `json:"avatar,omitempty"`
|
2025-05-08 13:18:54 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
type PayloadType int
|
|
|
|
|
|
|
|
|
|
|
|
const (
|
2025-05-12 10:07:12 +08:00
|
|
|
|
PayloadNone PayloadType = iota // 游客
|
|
|
|
|
|
PayloadUser // 用户
|
|
|
|
|
|
PayloadAdmin // 管理员
|
|
|
|
|
|
PayloadPublicServer // 公共服务(public_client)
|
|
|
|
|
|
PayloadSecuredServer // 安全服务(credential_client)
|
|
|
|
|
|
PayloadInternalServer // 内部服务
|
2025-05-08 13:18:54 +08:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
func (t PayloadType) ToStr() string {
|
|
|
|
|
|
switch t {
|
|
|
|
|
|
case PayloadUser:
|
|
|
|
|
|
return "user"
|
|
|
|
|
|
case PayloadAdmin:
|
|
|
|
|
|
return "admn"
|
2025-05-09 18:56:17 +08:00
|
|
|
|
case PayloadPublicServer:
|
2025-05-08 13:18:54 +08:00
|
|
|
|
return "cpub"
|
2025-05-09 18:56:17 +08:00
|
|
|
|
case PayloadSecuredServer:
|
2025-05-08 13:18:54 +08:00
|
|
|
|
return "ccnf"
|
2025-05-13 15:26:40 +08:00
|
|
|
|
case PayloadInternalServer:
|
|
|
|
|
|
return "inte"
|
2025-05-09 15:06:22 +08:00
|
|
|
|
default:
|
|
|
|
|
|
return "none"
|
2025-05-08 13:18:54 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-05-09 15:06:22 +08:00
|
|
|
|
func PayloadTypeFromStr(name string) PayloadType {
|
2025-05-08 13:18:54 +08:00
|
|
|
|
switch name {
|
|
|
|
|
|
case "user":
|
2025-05-09 15:06:22 +08:00
|
|
|
|
return PayloadUser
|
2025-05-08 13:18:54 +08:00
|
|
|
|
case "admn":
|
2025-05-09 15:06:22 +08:00
|
|
|
|
return PayloadAdmin
|
2025-05-08 13:18:54 +08:00
|
|
|
|
case "cpub":
|
2025-05-09 18:56:17 +08:00
|
|
|
|
return PayloadPublicServer
|
2025-05-08 13:18:54 +08:00
|
|
|
|
case "ccnf":
|
2025-05-09 18:56:17 +08:00
|
|
|
|
return PayloadSecuredServer
|
2025-05-13 15:26:40 +08:00
|
|
|
|
case "inte":
|
|
|
|
|
|
return PayloadInternalServer
|
2025-05-09 15:06:22 +08:00
|
|
|
|
default:
|
|
|
|
|
|
return PayloadNone
|
2025-05-08 13:18:54 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2025-05-12 10:07:12 +08:00
|
|
|
|
|
|
|
|
|
|
func PayloadTypeFromClientSpec(spec client2.Spec) PayloadType {
|
|
|
|
|
|
var clientType PayloadType
|
|
|
|
|
|
switch spec {
|
|
|
|
|
|
case client2.SpecNative, client2.SpecBrowser:
|
|
|
|
|
|
clientType = PayloadPublicServer
|
|
|
|
|
|
case client2.SpecWeb:
|
|
|
|
|
|
clientType = PayloadSecuredServer
|
|
|
|
|
|
case client2.SpecTrusted:
|
|
|
|
|
|
clientType = PayloadInternalServer
|
|
|
|
|
|
}
|
|
|
|
|
|
return clientType
|
|
|
|
|
|
}
|
