1、response修改 2、负数扣款
This commit is contained in:
@@ -2,11 +2,9 @@ package middleware
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/zeromicro/go-zero/core/logx"
|
||||
"github.com/zeromicro/go-zero/core/stores/redis"
|
||||
xhttp "github.com/zeromicro/x/http"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
@@ -16,6 +14,8 @@ import (
|
||||
"tianyuan-api/apps/sentinel/sentinel"
|
||||
"tianyuan-api/apps/user/user"
|
||||
"tianyuan-api/pkg/crypto"
|
||||
"tianyuan-api/pkg/errs"
|
||||
"tianyuan-api/pkg/response"
|
||||
)
|
||||
|
||||
type ApiAuthInterceptorMiddleware struct {
|
||||
@@ -60,14 +60,14 @@ func (m *ApiAuthInterceptorMiddleware) Handle(next http.HandlerFunc) http.Handle
|
||||
// 此处不调用 next(w, r),而是继续后续鉴权逻辑
|
||||
// 后续鉴权逻辑将继续执行
|
||||
} else {
|
||||
isAllowedResp, err := m.WhitelistRpc.MatchWhitelistByIp(r.Context(), &whitelist.MatchWhitelistByIpRequest{Ip: clientIP})
|
||||
if err != nil {
|
||||
xhttp.JsonBaseResponseCtx(r.Context(), w, errors.New("系统错误,请联系管理员"))
|
||||
isAllowedResp, matchWhitelistByIpErr := m.WhitelistRpc.MatchWhitelistByIp(r.Context(), &whitelist.MatchWhitelistByIpRequest{Ip: clientIP})
|
||||
if matchWhitelistByIpErr != nil {
|
||||
response.Fail(r.Context(), w, errs.ErrSystem, nil)
|
||||
return
|
||||
}
|
||||
if !isAllowedResp.Match {
|
||||
logx.Debugf("未经授权的IP%s", clientIP)
|
||||
xhttp.JsonBaseResponseCtx(r.Context(), w, errors.New("未经授权的IP"))
|
||||
response.Fail(r.Context(), w, errs.ErrUnauthorizedIP, nil)
|
||||
return
|
||||
}
|
||||
}
|
||||
@@ -75,16 +75,16 @@ func (m *ApiAuthInterceptorMiddleware) Handle(next http.HandlerFunc) http.Handle
|
||||
// 2、查找相关accessId
|
||||
accessId := r.Header.Get("Access-Id")
|
||||
if accessId == "" {
|
||||
xhttp.JsonBaseResponseCtx(r.Context(), w, errors.New("缺少Access-Id"))
|
||||
response.Fail(r.Context(), w, errs.ErrMissingAccessID, nil)
|
||||
return
|
||||
}
|
||||
secrets, err := m.SecretRpc.GetSecretBySecretId(r.Context(), &secret.GetSecretBySecretIdRequest{SecretId: accessId})
|
||||
if err != nil {
|
||||
xhttp.JsonBaseResponseCtx(r.Context(), w, errors.New("系统错误"))
|
||||
response.Fail(r.Context(), w, errs.ErrSystem, nil)
|
||||
return
|
||||
}
|
||||
if secrets.Id == 0 {
|
||||
xhttp.JsonBaseResponseCtx(r.Context(), w, errors.New("未经授权的AccessId"))
|
||||
response.Fail(r.Context(), w, errs.ErrUnauthorizedAccessID, nil)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -93,12 +93,12 @@ func (m *ApiAuthInterceptorMiddleware) Handle(next http.HandlerFunc) http.Handle
|
||||
// 3、额度是否冻结
|
||||
info, err := m.UserRpc.GetUserInfo(r.Context(), &user.UserInfoReq{UserId: userId})
|
||||
if err != nil {
|
||||
xhttp.JsonBaseResponseCtx(r.Context(), w, errors.New("系统错误,请联系管理员"))
|
||||
response.Fail(r.Context(), w, errs.ErrSystem, nil)
|
||||
return
|
||||
}
|
||||
|
||||
if info.QuotaExceeded == 1 {
|
||||
xhttp.JsonBaseResponseCtx(r.Context(), w, errors.New("账户余额不足,无法请求"))
|
||||
response.Fail(r.Context(), w, errs.ErrInsufficientBalance, nil)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -113,11 +113,11 @@ func (m *ApiAuthInterceptorMiddleware) Handle(next http.HandlerFunc) http.Handle
|
||||
} else {
|
||||
isUserProductAllowedResp, err := m.UserProductRpc.MatchingUserIdProductCode(r.Context(), &userproduct.MatchingUserIdProductCodeRequest{Id: userId, ProductCode: productCode})
|
||||
if err != nil {
|
||||
xhttp.JsonBaseResponseCtx(r.Context(), w, errors.New("系统错误,请联系管理员"))
|
||||
response.Fail(r.Context(), w, errs.ErrSystem, nil)
|
||||
return
|
||||
}
|
||||
if !isUserProductAllowedResp.Match {
|
||||
xhttp.JsonBaseResponseCtx(r.Context(), w, errors.New("未开通此产品"))
|
||||
response.Fail(r.Context(), w, errs.ErrProductNotAvailable, nil)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user