feat: add checkId getId api and SecondAuth api

constant/constant.go

@@ -24,3 +24,5 @@ const (
 	BeKicked   int = -5
 	BeBanned   int = -6
 )
+
+const DefaultSecondAuthValue = "DefaultSecondAuthValue"

enforcer.go

@@ -422,9 +422,21 @@ func (e *Enforcer) CheckLogin(ctx ctx.Context) error {
 	return nil
 }
 
+func (e *Enforcer) CheckLoginByToken(token string) error {
+	_, err := e.GetLoginIdByToken(token)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
 func (e *Enforcer) GetLoginId(ctx ctx.Context) (string, error) {
 	tokenValue := e.GetRequestToken(ctx)
-	str := e.GetIdByToken(tokenValue)
+	return e.GetLoginIdByToken(tokenValue)
+}
+
+func (e *Enforcer) GetLoginIdByToken(token string) (string, error) {
+	str := e.GetIdByToken(token)
 	if str == "" {
 		return "", errors.New("GetLoginId() failed: not logged in")
 	}
@@ -620,3 +632,51 @@ func (e *Enforcer) UpdateSession(id string, session *model.Session) error {
 func (e *Enforcer) GetTokenConfig() config.TokenConfig {
 	return e.config
 }
+
+func (e *Enforcer) OpenSafe(token string, service string, time int64) error {
+	if time == 0 {
+		return nil
+	}
+	err := e.CheckLoginByToken(token)
+	if err != nil {
+		return err
+	}
+	err = e.adapter.SetStr(e.spliceSecSafeKey(token, service), constant.DefaultSecondAuthValue, time)
+	if err != nil {
+		return err
+	}
+	if e.watcher != nil {
+		e.watcher.OpenSafe(e.loginType, token, service, time)
+	}
+	return nil
+}
+
+func (e *Enforcer) IsSafe(token string, service string) bool {
+	if token == "" {
+		return false
+	}
+	str := e.adapter.GetStr(e.spliceSecSafeKey(token, service))
+	return str != ""
+}
+
+func (e *Enforcer) GetSafeTime(token string, service string) int64 {
+	if token == "" {
+		return 0
+	}
+	timeout := e.adapter.GetTimeout(e.spliceSecSafeKey(token, service))
+	return timeout
+}
+
+func (e *Enforcer) CloseSafe(token string, service string) error {
+	if token == "" {
+		return nil
+	}
+	err := e.adapter.DeleteStr(e.spliceSecSafeKey(token, service))
+	if err != nil {
+		return err
+	}
+	if e.watcher != nil {
+		e.watcher.CloseSafe(e.loginType, token, service)
+	}
+	return nil
+}

enforcer_interface.go

@@ -37,8 +37,10 @@ type IEnforcer interface {
 	IsLoginByToken(token string) (bool, error)
 	IsLoginById(id string) (bool, error)
 	CheckLogin(ctx ctx.Context) error
+	CheckLoginByToken(token string) error
 
 	GetLoginId(ctx ctx.Context) (string, error)
+	GetLoginIdByToken(token string) (string, error)
 	GetIdByToken(token string) string
 	GetLoginCount(id string) int
 
@@ -52,6 +54,12 @@ type IEnforcer interface {
 	GetBannedLevel(id string, service string) (int64, error)
 	GetBannedTime(id string, service string) int64
 
+	// Second auth api
+	OpenSafe(token string, service string, time int64) error
+	IsSafe(token string, service string) bool
+	GetSafeTime(token string, service string) int64
+	CloseSafe(token string, service string) error
+
 	GetRequestToken(ctx ctx.Context) string
 	AddTokenGenerateFun(tokenStyle string, f model.GenerateFunc) error
 

enforcer_internal_api.go

@@ -125,6 +125,10 @@ func (e *Enforcer) spliceBannedKey(id string, service string) string {
 	return e.config.TokenName + ":" + e.loginType + ":ban:" + service + ":" + id
 }
 
+func (e *Enforcer) spliceSecSafeKey(token string, service string) string {
+	return e.config.TokenName + ":" + e.loginType + ":safe:" + service + ":" + token
+}
+
 func (e *Enforcer) SetJwtSecretKey(key string) {
 	e.config.JwtSecretKey = key
 }

enforcer_test.go

@@ -471,3 +471,31 @@ func TestEnforcer_GetBannedTime(t *testing.T) {
 	t.Logf("banned time = %v", enforcer.GetBannedTime("1", "comment"))
 
 }
+
+func TestEnforcer_SecSafe(t *testing.T) {
+	err, enforcer, _ := NewTestEnforcer(t)
+	if err != nil {
+		t.Fatalf("NewTestEnforcer() failed: %v", err)
+	}
+	tokenValue, err := enforcer.LoginById("1")
+	if err != nil {
+		t.Fatalf("LoginById() failed: %v", err)
+	}
+	service := "default_service"
+	err = enforcer.OpenSafe(tokenValue, service, 600000)
+	if err != nil {
+		t.Fatalf("OpenSafe() failed: %v", err)
+	}
+	isSafe := enforcer.IsSafe(tokenValue, service)
+	if !isSafe {
+		t.Fatalf("IsSafe() failed, unexpected return value: %v", isSafe)
+	}
+	err = enforcer.CloseSafe(tokenValue, service)
+	if err != nil {
+		t.Fatalf("CloseSafe() failed: %v", err)
+	}
+	isSafe = enforcer.IsSafe(tokenValue, service)
+	if isSafe {
+		t.Fatalf("IsSafe() failed, unexpected return value: %v", isSafe)
+	}
+}

log/default_logger.go

@@ -73,3 +73,17 @@ func (d *DefaultLogger) RefreshToken(tokenValue string, id interface{}, timeout
 	}
 	log.Printf("RefreshToken: loginId = %v, tokenValue = %v, timeout = %v", id, tokenValue, timeout)
 }
+
+func (d *DefaultLogger) OpenSafe(loginType string, token string, service string, time int64) {
+	if !d.enable {
+		return
+	}
+	log.Printf("OpenSafe: loginType = %v, tokenValue = %v, service = %v, timeout = %v ", loginType, token, service, time)
+}
+
+func (d *DefaultLogger) CloseSafe(loginType string, token string, service string) {
+	if !d.enable {
+		return
+	}
+	log.Printf("CloseSafe: loginType = %v, tokenValue = %v, service = %v ", loginType, token, service)
+}

persist/watcher.go

@@ -18,4 +18,8 @@ type Watcher interface {
 	UnBan(loginType string, id interface{}, service string)
 	// RefreshToken called when renew token timeout
 	RefreshToken(tokenValue string, id interface{}, timeout int64)
+	// OpenSafe called when open second auth
+	OpenSafe(loginType string, token string, service string, time int64)
+	// CloseSafe called when close second auth
+	CloseSafe(loginType string, token string, service string)
 }