diff --git a/enforcer.go b/enforcer.go index c485571..f1e75c6 100644 --- a/enforcer.go +++ b/enforcer.go @@ -26,14 +26,6 @@ type Enforcer struct { authManager interface{} } -func (e *Enforcer) GetWatcher() persist.Watcher { - return e.watcher -} - -func (e *Enforcer) GetLogger() log.Logger { - return e.logger -} - func NewDefaultAdapter() persist.Adapter { return persist.NewDefaultAdapter() } @@ -134,10 +126,18 @@ func (e *Enforcer) SetAdapter(adapter persist.Adapter) { e.adapter = adapter } +func (e *Enforcer) GetWatcher() persist.Watcher { + return e.watcher +} + func (e *Enforcer) SetWatcher(watcher persist.Watcher) { e.watcher = watcher } +func (e *Enforcer) GetLogger() log.Logger { + return e.logger +} + func (e *Enforcer) SetLogger(logger log.Logger) { e.logger = logger } @@ -198,7 +198,7 @@ func (e *Enforcer) LoginByModel(id string, loginModel *model.Login, ctx ctx.Cont } // response token - err = e.ResponseToken(tokenValue, loginModel, ctx) + err = e.responseToken(tokenValue, loginModel, ctx) if err != nil { return "", err } @@ -244,7 +244,7 @@ func (e *Enforcer) LoginByModel(id string, loginModel *model.Login, ctx ctx.Cont // check TokenSignList length, if length == 0, delete this session if session != nil && session.TokenSignSize() == 0 { - err = e.deleteSession(id) + err = e.DeleteSession(id) if err != nil { return "", err } @@ -327,6 +327,45 @@ func (e *Enforcer) LogoutById(id string) error { return nil } +// LogoutByToken clear token info +func (e *Enforcer) LogoutByToken(token string) error { + var err error + // delete token-id + id := e.GetIdByToken(token) + if id == "" { + return errors.New("not logged in") + } + // delete token-id + err = e.adapter.Delete(e.spliceTokenKey(token)) + if err != nil { + return err + } + session := e.GetSession(id) + if session != nil { + // delete tokenSign + session.RemoveTokenSign(token) + err = e.UpdateSession(id, session) + if err != nil { + return err + } + } + // check TokenSignList length, if length == 0, delete this session + if session != nil && session.TokenSignSize() == 0 { + err = e.DeleteSession(id) + if err != nil { + return err + } + } + + e.logger.Logout(e.loginType, id, token) + + if e.watcher != nil { + e.watcher.Logout(e.loginType, id, token) + } + + return nil +} + // IsLoginById check if user logged in by loginId. // check all tokenValue and if one is validated return true func (e *Enforcer) IsLoginById(id string) (bool, error) { @@ -508,7 +547,7 @@ func (e *Enforcer) Kickout(id string, device string) error { } // check TokenSignList length, if length == 0, delete this session if session != nil && session.TokenSignSize() == 0 { - err := e.deleteSession(id) + err := e.DeleteSession(id) if err != nil { return err } @@ -606,7 +645,7 @@ func (e *Enforcer) SetSession(id string, session *model.Session, timeout int64) return nil } -func (e *Enforcer) deleteSession(id string) error { +func (e *Enforcer) DeleteSession(id string) error { err := e.adapter.Delete(e.spliceSessionKey(id)) if err != nil { return err diff --git a/enforcer_interface.go b/enforcer_interface.go index 554db79..a3b6aad 100644 --- a/enforcer_interface.go +++ b/enforcer_interface.go @@ -11,39 +11,7 @@ import ( var _ IEnforcer = &Enforcer{} type IEnforcer interface { - // Login login api - Login(id string, ctx ctx.Context) (string, error) - LoginById(id string) (string, error) - LoginByModel(id string, loginModel *model.Login, ctx ctx.Context) (string, error) - Logout(ctx ctx.Context) error - LogoutById(id string) error - LogoutByToken(token string) error - IsLogin(ctx ctx.Context) (bool, error) - IsLoginByToken(token string) (bool, error) - IsLoginById(id string) (bool, error) - GetLoginId(ctx ctx.Context) (string, error) - GetIdByToken(token string) string - GetLoginCount(id string) int - - Replaced(id string, device string) error - // Banned banned api - Banned(id string, service string, level int, time int64) error - UnBanned(id string, services ...string) error - IsBanned(id string, service string) bool - GetBannedLevel(id string, service string) (int64, error) - GetBannedTime(id string, service string) int64 - - Kickout(id string, device string) error - - GetRequestToken(ctx ctx.Context) string - AddTokenGenerateFun(tokenStyle string, f model.GenerateFunc) error - - CheckLogin(ctx ctx.Context) error - - SetAuth(manager interface{}) - CheckRole(ctx ctx.Context, role string) error - CheckPermission(ctx ctx.Context, permission string) error - + // Enforcer field api SetType(t string) GetType() string GetAdapter() persist.Adapter @@ -54,8 +22,47 @@ type IEnforcer interface { GetLogger() log.Logger EnableLog() IsLogEnable() bool + GetTokenConfig() config.TokenConfig + + // Login login api + Login(id string, ctx ctx.Context) (string, error) + LoginById(id string) (string, error) + LoginByModel(id string, loginModel *model.Login, ctx ctx.Context) (string, error) + + Logout(ctx ctx.Context) error + LogoutById(id string) error + LogoutByToken(token string) error + + IsLogin(ctx ctx.Context) (bool, error) + IsLoginByToken(token string) (bool, error) + IsLoginById(id string) (bool, error) + CheckLogin(ctx ctx.Context) error + + GetLoginId(ctx ctx.Context) (string, error) + GetIdByToken(token string) string + GetLoginCount(id string) int + + Kickout(id string, device string) error + Replaced(id string, device string) error + + // Banned banned api + Banned(id string, service string, level int, time int64) error + UnBanned(id string, services ...string) error + IsBanned(id string, service string) bool + GetBannedLevel(id string, service string) (int64, error) + GetBannedTime(id string, service string) int64 + + GetRequestToken(ctx ctx.Context) string + AddTokenGenerateFun(tokenStyle string, f model.GenerateFunc) error + + // Access control api + SetAuth(manager interface{}) + CheckRole(ctx ctx.Context, role string) error + CheckPermission(ctx ctx.Context, permission string) error + + // Session api GetSession(id string) *model.Session + DeleteSession(id string) error UpdateSession(id string, session *model.Session) error SetSession(id string, session *model.Session, timeout int64) error - GetTokenConfig() config.TokenConfig } diff --git a/enforcer_internal_api.go b/enforcer_internal_api.go index 2274c9b..9ee6509 100644 --- a/enforcer_internal_api.go +++ b/enforcer_internal_api.go @@ -49,7 +49,7 @@ func (e *Enforcer) createLoginToken(id string, loginModel *model.Login) (string, } // ResponseToken set token to cookie or header -func (e *Enforcer) ResponseToken(tokenValue string, loginModel *model.Login, ctx ctx.Context) error { +func (e *Enforcer) responseToken(tokenValue string, loginModel *model.Login, ctx ctx.Context) error { if ctx == nil { return nil } @@ -88,45 +88,6 @@ func (e *Enforcer) ResponseToken(tokenValue string, loginModel *model.Login, ctx return nil } -// LogoutByToken clear token info -func (e *Enforcer) LogoutByToken(token string) error { - var err error - // delete token-id - id := e.GetIdByToken(token) - if id == "" { - return errors.New("not logged in") - } - // delete token-id - err = e.adapter.Delete(e.spliceTokenKey(token)) - if err != nil { - return err - } - session := e.GetSession(id) - if session != nil { - // delete tokenSign - session.RemoveTokenSign(token) - err = e.UpdateSession(id, session) - if err != nil { - return err - } - } - // check TokenSignList length, if length == 0, delete this session - if session != nil && session.TokenSignSize() == 0 { - err = e.deleteSession(id) - if err != nil { - return err - } - } - - e.logger.Logout(e.loginType, id, token) - - if e.watcher != nil { - e.watcher.Logout(e.loginType, id, token) - } - - return nil -} - // validateValue validate if value is proper func (e *Enforcer) validateValue(str string) (bool, error) { i, err := strconv.Atoi(str) diff --git a/model/login.go b/model/login.go index 431ad0d..2f579d9 100644 --- a/model/login.go +++ b/model/login.go @@ -11,7 +11,7 @@ type Login struct { func DefaultLoginModel() *Login { return &Login{ - Device: "default", + Device: "default-device", IsLastingCookie: true, Timeout: 60 * 60 * 24 * 30, JwtData: nil,