2023-01-29 15:26:58 +08:00
|
|
|
import { Config, Provide } from '@midwayjs/decorator';
|
2023-05-25 13:43:32 +08:00
|
|
|
import { IWebMiddleware, IMidwayKoaContext, NextFunction } from '@midwayjs/koa';
|
2023-01-29 15:26:58 +08:00
|
|
|
import * as _ from 'lodash';
|
|
|
|
|
import * as jwt from 'jsonwebtoken';
|
|
|
|
|
import { Constants } from '../basic/constants';
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 权限校验
|
|
|
|
|
*/
|
|
|
|
|
@Provide()
|
|
|
|
|
export class AuthorityMiddleware implements IWebMiddleware {
|
|
|
|
|
@Config('biz.jwt.secret')
|
|
|
|
|
private secret: string;
|
|
|
|
|
@Config('biz.auth.ignoreUrls')
|
|
|
|
|
private ignoreUrls: string[];
|
|
|
|
|
|
|
|
|
|
resolve() {
|
|
|
|
|
return async (ctx: IMidwayKoaContext, next: NextFunction) => {
|
|
|
|
|
const { url } = ctx;
|
2023-05-25 13:43:32 +08:00
|
|
|
let token = ctx.get('Authorization') || '';
|
|
|
|
|
token = token.replace('Bearer ', '').trim();
|
2023-01-29 15:26:58 +08:00
|
|
|
// 路由地址为 admin前缀的 需要权限校验
|
|
|
|
|
// console.log('ctx', ctx);
|
|
|
|
|
const queryIndex = url.indexOf('?');
|
|
|
|
|
let uri = url;
|
|
|
|
|
if (queryIndex >= 0) {
|
|
|
|
|
uri = url.substring(0, queryIndex);
|
|
|
|
|
}
|
|
|
|
|
const yes = this.ignoreUrls.includes(uri);
|
|
|
|
|
if (yes) {
|
|
|
|
|
await next();
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
ctx.user = jwt.verify(token, this.secret);
|
|
|
|
|
} catch (err) {
|
|
|
|
|
ctx.status = 401;
|
|
|
|
|
ctx.body = Constants.res.auth;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
await next();
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
}
|
