token验证修改

server/config/config.go

@@ -2,7 +2,8 @@ package config
 
 import (
 	"fmt"
-	"gadmin/internal/admin/library/feishu"
+	"github.com/spf13/cast"
+	"os"
 	"sync"
 	"time"
 
@@ -11,6 +12,7 @@ import (
 )
 
 var initOnce sync.Once
+var SystemId int64
 
 func Init(cfgfile string) {
 	initOnce.Do(func() {
@@ -48,6 +50,7 @@ func Init(cfgfile string) {
 		InitCOSClient()
 		InitEntranceIamClient()
 
-		feishu.InitFeiShuClient()
+		// 初始化系统id
+		SystemId = cast.ToInt64(os.Getenv("SYSTEM_ID"))
 	})
 }

server/config/permissions.go

@@ -160,7 +160,7 @@ func IsSuperRole(roleId int64) bool {
 }
 
 // ValidityAuth 验证权限
-func ValidityAuth(roleId int64, method, path string, systemId int32) (err error) {
+func ValidityAuth(roleId int64, method, path string) (err error) {
 	// 超管无需验证
 	if IsSuperRole(roleId) {
 		return nil
@@ -202,7 +202,7 @@ func ValidityAuth(roleId int64, method, path string, systemId int32) (err error)
 	//if err != nil {
 	//	return fmt.Errorf("权限解析时发生错误:%v，请联系管理员", err.Error())
 	//}
-	permissionList, err := GetRoleSystemPermissions(roleId, int64(systemId))
+	permissionList, err := GetRoleSystemPermissions(roleId)
 	if err != nil {
 		return fmt.Errorf("获取角色权限错误:%v，请联系管理员", err.Error())
 	}
@@ -269,11 +269,11 @@ type Permission struct {
 //}
 
 // GetRoleSystemPermissions 获取角色下的权限
-func GetRoleSystemPermissions(roleId, systemId int64) ([]*model.AdminOperation, error) {
+func GetRoleSystemPermissions(roleId int64) ([]*model.AdminOperation, error) {
 	rpq := query.Use(DB).AdminRolePermission
 	oq := query.Use(DB).AdminOperation
 	pIds := make([]int32, 0)
-	err := rpq.Where(rpq.RoleID.Eq(int32(roleId)), rpq.SystemID.Eq(int32(systemId))).Pluck(rpq.PermissionID, &pIds)
+	err := rpq.Where(rpq.RoleID.Eq(int32(roleId))).Pluck(rpq.PermissionID, &pIds)
 	if err != nil {
 		return nil, err
 	}

server/config/redis.go

@@ -2,28 +2,20 @@ package config
 
 import (
 	"fmt"
-	"os"
-	"strconv"
-	"time"
-
 	"github.com/go-redis/redis"
 	"github.com/sirupsen/logrus"
-)
-
-const (
-	TokenExpireTime = 3 * time.Hour
+	"os"
+	"strconv"
 )
 
 var (
 	LogRedis   *redis.Client
-	TokenRedis *redis.Client
 	GameRedis  *redis.Client
 	RedisGroup map[int]*redis.Client
 )
 
 func InitRedis() {
 	LogRedis = newRedis(os.Getenv("LOG_REDIS_ADDR"), os.Getenv("LOG_REDIS_PW"), os.Getenv("LOG_REDIS_DB"))
-	TokenRedis = newRedis(os.Getenv("TOKEN_REDIS_ADDR"), os.Getenv("TOKEN_REDIS_PW"), os.Getenv("TOKEN_REDIS_DB"))
 
 	RedisGroup = make(map[int]*redis.Client)
 	GameRedis = newRedis(os.Getenv("REDIS_ADDR"), os.Getenv("REDIS_PW"), os.Getenv("REDIS_DB"))
@@ -83,11 +75,3 @@ func SubMessage(channel string, call func(msg *redis.Message)) {
 		call(msg)
 	}
 }
-
-func GetUserTokenKey(uid int64) string {
-	return fmt.Sprintf("token:%v", uid)
-}
-
-func GetTokenKey(t string) string {
-	return fmt.Sprintf("token:%v", t)
-}

server/internal/admin/api/admin_user.go

@@ -1,6 +1,8 @@
 package api
 
 import (
+	"encoding/base64"
+	"entrance-grpc/iam"
 	"gadmin/config"
 	"gadmin/internal/admin/forms"
 	"gadmin/internal/admin/service"
@@ -8,6 +10,7 @@ import (
 	"gadmin/utility/serializer"
 	"gadmin/utility/token"
 	"github.com/gin-gonic/gin"
+	"github.com/sirupsen/logrus"
 )
 
 func UserRegister(c *gin.Context) {
@@ -46,7 +49,7 @@ func UserMe(c *gin.Context) {
 	//	c.JSON(200, ErrorResponse(err))
 	//	return
 	//}
-	if user.RoleId == 1 {
+	if user.RoleID == 1 {
 		for k, _ := range config.AuthMenuMap {
 			permissions = append(permissions, forms.UserLoginPermissions{
 				Label: config.AuthNameMap[k],
@@ -56,7 +59,7 @@ func UserMe(c *gin.Context) {
 	} else {
 		rpdb := query.Use(config.DB).AdminRolePermission
 		rolePermission := make([]int, 0)
-		err := rpdb.Where(rpdb.SystemID.Eq(user.SystemId)).Pluck(rpdb.PermissionID, &rolePermission)
+		err := rpdb.Pluck(rpdb.PermissionID, &rolePermission)
 		//err = json.Unmarshal([]byte(roleInfo.Permissions), &rolePermission)
 		if err != nil {
 			c.JSON(200, ErrorResponse(err))
@@ -77,20 +80,40 @@ func UserMe(c *gin.Context) {
 	info := forms.UserMeReq{
 		ID:          user.ID,
 		UserName:    user.UserName,
-		RoleId:      user.RoleId,
+		RoleId:      user.RoleID,
 		Avatar:      user.Avatar,
-		Nickname:    user.Nickname,
+		Nickname:    user.NickName,
 		Permissions: permissions,
-		IsSuper:     user.UserName == "admin",
+		IsSuper:     config.IsSuperRole(user.RoleID),
 	}
 
 	c.JSON(200, serializer.Suc(info, "获取成功"))
 }
 
 func UserLogout(c *gin.Context) {
-
-	if err := token.Layout(c.GetHeader("authorization")); err != nil {
-		c.JSON(200, ErrorResponse(err))
+	encodeToken := token.GetAuthorization(c)
+	if encodeToken == "" {
+		c.JSON(200, serializer.CheckLogin())
+		return
+	}
+	bytesT, err := base64.URLEncoding.DecodeString(encodeToken)
+	if err != nil {
+		logrus.Warningf("middleware base64.URLEncoding.DecodeString:%+v", err.Error())
+		c.JSON(200, serializer.CheckLogin())
+		return
+	}
+	t := string(bytesT)
+	resp, err := config.GetIamClient().DeleteToken(c, &iam.DeleteTokenReq{
+		Token: t,
+	})
+	if err != nil {
+		logrus.Warningf("middleware config.GetIamClient().DeleteToken:%+v", err.Error())
+		c.JSON(200, serializer.CheckLogin())
+		return
+	}
+	if resp.Code != 0 {
+		logrus.Warningf("middleware config.GetIamClient().DeleteToken code:%+v,msg:%+v", resp.Code, resp.Msg)
+		c.JSON(200, serializer.CheckLogin())
 		return
 	}
 

server/internal/admin/api/menu.go

@@ -3,7 +3,6 @@ package api
 import (
 	"gadmin/internal/admin/service"
 	"gadmin/utility/serializer"
-	"gadmin/utility/token"
 	"github.com/gin-gonic/gin"
 )
 
@@ -12,10 +11,10 @@ type (
 )
 
 func MenuDynamic(c *gin.Context) {
-	systemId := token.GetSystemId(c)
+	//systemId := token.GetSystemId(c)
 	t := c.GetHeader("authorization")
 	roleId, _ := c.Get("admin_role_id")
-	list, err := service.Menu.GetRoleMenuList(systemId, roleId.(int64), t)
+	list, err := service.Menu.GetRoleMenuList(roleId.(int64), t)
 	if err != nil {
 		c.JSON(200, ErrorResponse(err))
 		return

server/internal/admin/api/service.go

@@ -1,16 +1,9 @@
 package api
 
 import (
-	"encoding/base64"
-	"fmt"
-	"gadmin/config"
-	"gadmin/internal/admin/forms"
 	"gadmin/internal/admin/service"
 	"gadmin/utility/serializer"
-	"gadmin/utility/token"
 	"github.com/gin-gonic/gin"
-	jsoniter "github.com/json-iterator/go"
-	"time"
 )
 
 // ServiceList 获取系统列表
@@ -24,51 +17,51 @@ func ServiceList(c *gin.Context) {
 }
 
 // ServiceSelect 选择系统
-func ServiceSelect(c *gin.Context) {
-	req := new(forms.ServiceSelectReq)
-	if err := c.ShouldBind(req); err != nil {
-		c.JSON(200, ErrorResponse(err))
-		return
-	}
-
-	res, ok := c.Get("user")
-	if !ok {
-		c.JSON(200, ErrorResponse(fmt.Errorf("获取用户信息失败")))
-		return
-	}
-	user := res.(*token.UserClaims)
-
-	//user.SystemId = req.SystemId
-	//userStr, err := jsoniter.MarshalToString(user)
-	//if err != nil {
-	//	c.JSON(200, ErrorResponse(err))
-	//	return
-	//}
-	//
-	//config.TokenRedis.Set(config.GetTokenKey(user.AccessToken), userStr, config.TokenExpireTime)
-	//c.JSON(200, serializer.Suc("ok"))
-
-	// 重新生成新的token，解决浏览器回退问题
-	t := token.GenerateTokenUsingUUID()
-	// 记录登录token
-	key := config.GetUserTokenKey(user.ID)
-	config.TokenRedis.HSet(key, t, time.Now().Unix())
-	config.TokenRedis.Expire(key, time.Hour*12)
-
-	tokenKey := config.GetTokenKey(t)
-	u := &token.UserClaims{
-		ID:          user.ID,
-		UserName:    user.UserName,
-		RoleId:      user.RoleId,
-		Avatar:      user.Avatar,
-		Nickname:    user.Nickname,
-		AccessToken: t,
-		SystemId:    req.SystemId,
-	}
-	userStr, err := jsoniter.MarshalToString(u)
-	if err != nil {
-		c.JSON(200, ErrorResponse(err))
-	}
-	config.TokenRedis.Set(tokenKey, userStr, time.Hour*12)
-	c.JSON(200, serializer.Suc(map[string]string{"token": base64.URLEncoding.EncodeToString([]byte(t))}))
-}
+//func ServiceSelect(c *gin.Context) {
+//	req := new(forms.ServiceSelectReq)
+//	if err := c.ShouldBind(req); err != nil {
+//		c.JSON(200, ErrorResponse(err))
+//		return
+//	}
+//
+//	res, ok := c.Get("user")
+//	if !ok {
+//		c.JSON(200, ErrorResponse(fmt.Errorf("获取用户信息失败")))
+//		return
+//	}
+//	user := res.(*iam.AdminUserInfo)
+//
+//	//user.SystemId = req.SystemId
+//	//userStr, err := jsoniter.MarshalToString(user)
+//	//if err != nil {
+//	//	c.JSON(200, ErrorResponse(err))
+//	//	return
+//	//}
+//	//
+//	//config.TokenRedis.Set(config.GetTokenKey(user.AccessToken), userStr, config.TokenExpireTime)
+//	//c.JSON(200, serializer.Suc("ok"))
+//
+//	// 重新生成新的token，解决浏览器回退问题
+//	t := token.GenerateTokenUsingUUID()
+//	// 记录登录token
+//	key := config.GetUserTokenKey(user.ID)
+//	config.TokenRedis.HSet(key, t, time.Now().Unix())
+//	config.TokenRedis.Expire(key, time.Hour*12)
+//
+//	tokenKey := config.GetTokenKey(t)
+//	u := &iam.AdminUserInfo{
+//		//ID:          user.ID,
+//		//UserName:    user.UserName,
+//		//RoleId:      user.RoleID,
+//		//Avatar:      user.Avatar,
+//		//Nickname:    user.NickName,
+//		//AccessToken: t,
+//		//SystemId:    req.SystemId,
+//	}
+//	userStr, err := jsoniter.MarshalToString(u)
+//	if err != nil {
+//		c.JSON(200, ErrorResponse(err))
+//	}
+//	config.TokenRedis.Set(tokenKey, userStr, time.Hour*12)
+//	c.JSON(200, serializer.Suc(map[string]string{"token": base64.URLEncoding.EncodeToString([]byte(t))}))
+//}

server/internal/admin/middleware/permission.go

@@ -1,10 +1,10 @@
 package middleware
 
 import (
+	"entrance-grpc/iam"
 	"gadmin/config"
 	"gadmin/internal/admin/consts"
 	"gadmin/utility/serializer"
-	"gadmin/utility/token"
 	"github.com/gin-gonic/gin"
 )
 
@@ -17,7 +17,7 @@ func Permission() gin.HandlerFunc {
 			c.Abort()
 			return
 		}
-		user := cUser.(*token.UserClaims)
+		user := cUser.(*iam.AdminUserInfo)
 		//q := query.Use(config.DB).AdminUser
 
 		c.Set("admin_id", user.ID)
@@ -40,14 +40,14 @@ func Permission() gin.HandlerFunc {
 		//	c.Abort()
 		//	return
 		//}
-		systemId := user.SystemId
+		//systemId := user.SystemId
 		/*if systemId <= 0 {
 			c.JSON(200, serializer.Err(consts.CodeNoPermission, "登陆失效", nil))
 			c.Abort()
 		}*/
 
 		if user.UserName != "mojun" {
-			if err := config.ValidityAuth(user.RoleId, c.Request.Method, c.Request.URL.Path, systemId); err != nil {
+			if err := config.ValidityAuth(user.RoleID, c.Request.Method, c.Request.URL.Path); err != nil {
 				c.JSON(200, serializer.Err(consts.CodeNoPermission, err.Error(), err))
 				c.Abort()
 				return

server/internal/admin/middleware/token.go

@@ -2,15 +2,12 @@ package middleware
 
 import (
 	"encoding/base64"
+	"entrance-grpc/iam"
 	"gadmin/config"
 	"gadmin/utility/serializer"
 	"gadmin/utility/token"
 	"github.com/gin-gonic/gin"
-	jsoniter "github.com/json-iterator/go"
 	"github.com/sirupsen/logrus"
-	"os"
-	"strconv"
-	"time"
 )
 
 // 路由白名单
@@ -41,7 +38,23 @@ func Token() gin.HandlerFunc {
 		}
 		t := string(bytesT)
 
-		tokenKey := config.GetTokenKey(t)
+		resp, err := config.GetIamClient().CheckToken(c, &iam.CheckTokenReq{
+			Token: t,
+		})
+		if err != nil {
+			logrus.Warningf("middleware config.GetIamClient().CheckToken:%+v", err.Error())
+			c.JSON(200, serializer.CheckLogin())
+			c.Abort()
+			return
+		}
+		if resp.Code != 0 {
+			logrus.Warningf("middleware config.GetIamClient().CheckToken code:%+v,msg:%+v", resp.Code, resp.Msg)
+			c.JSON(200, serializer.CheckLogin())
+			c.Abort()
+			return
+		}
+		user := resp.Data
+		/*tokenKey := config.GetTokenKey(t)
 		if config.TokenRedis.Exists(tokenKey).Val() == 0 {
 			c.JSON(200, serializer.CheckLogin())
 			c.Abort()
@@ -91,7 +104,7 @@ func Token() gin.HandlerFunc {
 		config.TokenRedis.HSet(key, t, time.Now().Unix())
 		config.TokenRedis.Expire(key, time.Hour*12)
 
-		config.TokenRedis.Expire(tokenKey, time.Hour*12)
+		config.TokenRedis.Expire(tokenKey, time.Hour*12)*/
 
 		//if os.Getenv("GIN_MODE") == "release" && claims.UserName == "mojun" {
 		//	c.JSON(200, serializer.CheckLogin())
@@ -100,7 +113,7 @@ func Token() gin.HandlerFunc {
 		//}
 
 		c.Set("user", user)
-		c.Set("admin_role_id", user.RoleId)
+		c.Set("admin_role_id", user.RoleID)
 		c.Next()
 		return
 	}

server/internal/admin/server/router.go

@@ -77,17 +77,18 @@ func NewEngine() *gin.Engine {
 		checkToken := group.Group("")
 		checkToken.Use(middleware.Token())
 		{
-			checkToken.GET("service/list", api.ServiceList)      // 服务列表
-			checkToken.POST("service/select", api.ServiceSelect) // 选择系统
+			checkToken.GET("service/list", api.ServiceList) // 服务列表
+			//checkToken.POST("service/select", api.ServiceSelect) // 选择系统
 			//checkToken.GET("user/checkRolePermission", api.RolePermission) // 管理员用户是否拥有权限管理
+			checkToken.GET("user/logout", api.UserLogout) // 退出登录
 		}
 
 		// 需要登录保护的
 		auth := group.Group("")
 		auth.Use(middleware.Token(), middleware.Permission()) // 顺序不能调整
 		{
-			auth.GET("user/me", api.UserMe)                     // 用户信息
-			auth.POST("user/logout", api.UserLogout)            // 退出登录
+			auth.GET("user/me", api.UserMe) // 用户信息
+			//auth.POST("user/logout", api.UserLogout)            // 退出登录
 			auth.GET("menu/dynamic", api.MenuDynamic)           // 动态菜单
 			auth.GET("email/list", api.AdminEmailList)          // 邮件列表
 			auth.POST("email/add", api.AdminEmailAdd)           // 邮件新增/编辑

server/internal/admin/service/admin_menu.go

@@ -21,7 +21,7 @@ func NewAMenu() *aMenu {
 	return &aMenu{}
 }
 
-func (s *aMenu) GetMenuList(systemId int32) ([]*forms.Menu, error) {
+func (s *aMenu) GetMenuList() ([]*forms.Menu, error) {
 	q := query.Use(config.DB).AdminMenu
 	m := q.WithContext(context.Background())
 	m = m.Where(q.Disable.Eq(0)).Order(q.Sort)
@@ -93,9 +93,9 @@ func handleMenus(menus []*model.AdminMenu) []*forms.Menu {
 	return retMenus
 }
 
-func (s *aMenu) GetRoleMenuList(systemId int32, roleId int64, token string) ([]*forms.Menu, error) {
+func (s *aMenu) GetRoleMenuList(roleId int64, token string) ([]*forms.Menu, error) {
 	//lists := GetMenuList(c)
-	lists, err := s.GetMenuList(systemId)
+	lists, err := s.GetMenuList()
 	if err != nil {
 		return nil, err
 	}

server/internal/admin/service/service.go

@@ -21,12 +21,11 @@ type sService struct {
 }
 
 func (s *sService) ServiceList(c *gin.Context) ([]*forms.Service, error) {
-	cUser, ok := c.Get("user")
-	if !ok {
+	claims := token.CurrentUser(c)
+	if claims == nil {
 		return nil, errors.New("获取用户信息失败")
 	}
-	claims := cUser.(*token.UserClaims)
-	roleId := claims.RoleId
+	roleId := claims.RoleID
 
 	res, err := config.GetIamClient().GetRoleSystems(c, &iam.GetRoleSystemsReq{
 		RoleID: roleId,
@@ -38,7 +37,7 @@ func (s *sService) ServiceList(c *gin.Context) ([]*forms.Service, error) {
 	var services []*forms.Service
 	for _, v := range res.Data {
 		isSelected := false
-		if v.ID == int64(claims.SystemId) {
+		if v.ID == config.SystemId {
 			isSelected = true
 		}
 		services = append(services, &forms.Service{

server/internal/admin/ws/ws.go

@@ -3,9 +3,9 @@ package ws
 import (
 	"encoding/base64"
 	"encoding/json"
+	"entrance-grpc/iam"
 	"gadmin/config"
 	"gadmin/utility/token"
-	jsoniter "github.com/json-iterator/go"
 	"net/http"
 	"sync"
 	"time"
@@ -42,8 +42,9 @@ type Client struct {
 	msgReq    chan ReqMsg
 	lastHeart int64
 	isBroken  bool
-	claims    *token.UserClaims
-	Lock      sync.Mutex
+	//claims    *token.UserClaims
+	claims *iam.AdminUserInfo
+	Lock   sync.Mutex
 }
 
 func NewClient(id int64, conn *websocket.Conn) *Client {
@@ -174,22 +175,32 @@ func Websocket(ctx *gin.Context) {
 	}
 	t := string(bytesT)
 
-	tokenKey := config.GetTokenKey(t)
-	if config.TokenRedis.Exists(tokenKey).Val() == 0 {
-		logrus.Error("没有登录")
-		//return
-	}
-	userStr := config.TokenRedis.Get(tokenKey).Val()
-
-	claims := new(token.UserClaims)
-	if err := jsoniter.UnmarshalFromString(userStr, claims); err != nil {
-		logrus.Error("jsoniter.UnmarshalFromString:", err.Error())
-		//return
+	resp, err := config.GetIamClient().CheckToken(ctx, &iam.CheckTokenReq{
+		Token: t,
+	})
+	if err != nil {
+		logrus.Error("config.GetIamClient().CheckToken:", err.Error())
 	}
-	if claims.ID == 0 {
-		logrus.Error("没有登录")
+	if resp.Code != 0 {
+		logrus.Error("config.GetIamClient().CheckToken code:", resp.Code, ",msg:", resp.Msg)
 	}
 
+	//tokenKey := config.GetTokenKey(t)
+	//if config.TokenRedis.Exists(tokenKey).Val() == 0 {
+	//	logrus.Error("没有登录")
+	//	//return
+	//}
+	//userStr := config.TokenRedis.Get(tokenKey).Val()
+	//
+	//claims := new(token.UserClaims)
+	//if err := jsoniter.UnmarshalFromString(userStr, claims); err != nil {
+	//	logrus.Error("jsoniter.UnmarshalFromString:", err.Error())
+	//	//return
+	//}
+	//if claims.ID == 0 {
+	//	logrus.Error("没有登录")
+	//}
+
 	now := time.Now().UnixNano() / 10e3
 	client := &Client{
 		Id:        now,
@@ -197,7 +208,7 @@ func Websocket(ctx *gin.Context) {
 		msgChan:   make(chan Msg, 100),
 		msgReq:    make(chan ReqMsg, 100),
 		lastHeart: time.Now().Unix(),
-		claims:    claims,
+		claims:    resp.Data,
 	}
 	lock.Lock()
 	clients[now] = client

server/local.env

@@ -138,3 +138,5 @@ APP_SECRET="X9KAelslFuvUr7gxYMAckbEXBKdUturK" # 获取方式：开发者后台 -
 
 ADMIN_GRPC_SERVER="127.0.0.1:7006"
 
+SYSTEM_ID="1"
+

server/utility/token/token.go

@@ -1,9 +1,7 @@
 package token
 
 import (
-	"errors"
-	"gadmin/config"
-	"github.com/dgrijalva/jwt-go"
+	"entrance-grpc/iam"
 	"github.com/gin-gonic/gin"
 	"github.com/google/uuid"
 	"github.com/sirupsen/logrus"
@@ -11,76 +9,43 @@ import (
 	"time"
 )
 
-type UserClaims struct {
-	ID          int64  `json:"user_id"`
-	UserName    string `json:"user_name"`
-	RoleId      int64  `json:"role_id"`
-	Avatar      string `json:"avatar"`
-	Nickname    string `json:"nickname"`
-	SystemId    int32  `json:"system_id"`
-	AccessToken string `json:"access_token"`
-	jwt.StandardClaims
-}
+//type UserClaims struct {
+//	ID          int64  `json:"user_id"`
+//	UserName    string `json:"user_name"`
+//	RoleId      int64  `json:"role_id"`
+//	Avatar      string `json:"avatar"`
+//	Nickname    string `json:"nickname"`
+//	SystemId    int32  `json:"system_id"`
+//	AccessToken string `json:"access_token"`
+//	jwt.StandardClaims
+//}
 
 var (
 	secret     = []byte(os.Getenv("JWT_SECRET"))
 	effectTime = 30 * 24 * time.Hour // 30天有效期
 )
 
-func GenerateToken(claims *UserClaims) (token string, err error) {
-	claims.ExpiresAt = time.Now().Add(effectTime).Unix()
-	sign, err := jwt.NewWithClaims(jwt.SigningMethodHS256, claims).SignedString(secret)
-	if err != nil {
-		return "", err
-	}
-	return sign, nil
-}
-
-func ParseToken(tokenString string) (claims *UserClaims, err error) {
-	token, err := jwt.ParseWithClaims(tokenString, &UserClaims{}, func(token *jwt.Token) (interface{}, error) {
-		return secret, nil
-	})
-	if err != nil {
-		return nil, err
-	}
-	claims, ok := token.Claims.(*UserClaims)
-	if !ok {
-		return nil, errors.New("token is valid")
-	}
-	return claims, nil
-}
-
-func Refresh(tokenString string) (t string, err error) {
-	jwt.TimeFunc = func() time.Time {
-		return time.Unix(0, 0)
-	}
-	token, err := jwt.ParseWithClaims(tokenString, &UserClaims{}, func(token *jwt.Token) (interface{}, error) {
-		return secret, nil
-	})
-	if err != nil {
-		return "", err
-	}
-	claims, ok := token.Claims.(*UserClaims)
-	if !ok {
-		return "", errors.New("token is valid")
-	}
-	jwt.TimeFunc = time.Now
-	claims.StandardClaims.ExpiresAt = time.Now().Add(effectTime).Unix()
-	return GenerateToken(claims)
-}
-
-func Layout(tokenString string) (err error) {
-	jwt.TimeFunc = func() time.Time {
-		return time.Unix(0, 0)
-	}
-	_, err = jwt.ParseWithClaims(tokenString, &UserClaims{}, func(token *jwt.Token) (interface{}, error) {
-		return secret, nil
-	})
-	if err != nil {
-		return err
-	}
-	return
-}
+//func GenerateToken(claims *UserClaims) (token string, err error) {
+//	claims.ExpiresAt = time.Now().Add(effectTime).Unix()
+//	sign, err := jwt.NewWithClaims(jwt.SigningMethodHS256, claims).SignedString(secret)
+//	if err != nil {
+//		return "", err
+//	}
+//	return sign, nil
+//}
+
+//func Layout(tokenString string) (err error) {
+//	jwt.TimeFunc = func() time.Time {
+//		return time.Unix(0, 0)
+//	}
+//	_, err = jwt.ParseWithClaims(tokenString, &UserClaims{}, func(token *jwt.Token) (interface{}, error) {
+//		return secret, nil
+//	})
+//	if err != nil {
+//		return err
+//	}
+//	return
+//}
 
 func GetAuthorization(c *gin.Context) (t string) {
 	t = c.GetHeader("authorization")
@@ -91,9 +56,9 @@ func GetAuthorization(c *gin.Context) (t string) {
 	return t
 }
 
-func CurrentUser(c *gin.Context) *UserClaims {
+func CurrentUser(c *gin.Context) *iam.AdminUserInfo {
 	if user, _ := c.Get("user"); user != nil {
-		if u, ok := user.(*UserClaims); ok {
+		if u, ok := user.(*iam.AdminUserInfo); ok {
 			return u
 		}
 	}
@@ -117,39 +82,6 @@ func GetUserName(c *gin.Context) string {
 	return user.UserName
 }
 
-func GetSystemId(c *gin.Context) int32 {
-	user := CurrentUser(c)
-	if user == nil {
-		return 0
-	}
-	return user.SystemId
-}
-
-func SetSystemId(c *gin.Context, systemId int32) (string, error) {
-	t := GetAuthorization(c)
-	user, err := ParseToken(t)
-	if err != nil {
-		return "", err
-	}
-	err = Layout(t)
-	if err != nil {
-		return "", err
-	}
-	user.SystemId = systemId
-
-	jwt.TimeFunc = time.Now
-	user.StandardClaims.ExpiresAt = time.Now().Add(effectTime).Unix()
-	t, err = GenerateToken(user)
-	if err != nil {
-		return "", err
-	}
-	// 记录登录token
-	key := config.GetUserTokenKey(user.ID)
-	config.TokenRedis.HSet(key, t, time.Now().Unix())
-	config.TokenRedis.Expire(key, config.TokenExpireTime)
-	return t, nil
-}
-
 func GenerateTokenUsingUUID() string {
 	return uuid.New().String()
 }

web/src/api/system/user.ts

@@ -53,11 +53,10 @@ export function changePassword(params, uid) {
   );
 }
 
-export function logout(params) {
+export function logout() {
   return http.request({
-    url: '/login/logout',
-    method: 'POST',
-    params,
+    url: '/user/logout',
+    method: 'GET',
   });
 }
 

web/src/layout/components/Logo/index.vue

@@ -18,6 +18,8 @@
   import { ref, computed } from 'vue';
   import { GetServiceList, SelectSystem } from '@/api/service/service';
   import { SwapHorizontalOutline } from '@vicons/ionicons5';
+  import {storage} from "@/utils/Storage";
+  import {ACCESS_TOKEN} from "@/store/mutation-types";
 
   interface server {
     id: number;
@@ -109,21 +111,21 @@
         }
       },
 
-      async handleUpdateValue(system_id: string, option: SelectOption) {
-        await SelectSystem({
-          ...{ system_id: option.id },
-        })
-          .then((res) => {
-            console.log('_res:' + JSON.stringify(res));
-            // const ex = 7 * 24 * 60 * 60 * 1000;
-            // storage.set(ACCESS_TOKEN, res.token, ex);
-            const url: string = option.path + '';
-            const path = url.replace('{access-token}', res.token);
-            window.open(path, '_self');
-          })
-          .catch((e: Error) => {
-            this.message.error(e.message ?? '操作失败');
-          });
+      handleUpdateValue(system_id: string, option: SelectOption) {
+        // await SelectSystem({
+        //   ...{ system_id: option.id },
+        // })
+        //   .then((res) => {
+        //     console.log('_res:' + JSON.stringify(res));
+        // const ex = 7 * 24 * 60 * 60 * 1000;
+        // storage.set(ACCESS_TOKEN, res.token, ex);
+        const url: string = option.path + '';
+        const path = url.replace('{access-token}', storage.get(ACCESS_TOKEN));
+        window.open(path, '_self');
+        // })
+        // .catch((e: Error) => {
+        //   this.message.error(e.message ?? '操作失败');
+        // });
       },
     },
   };

web/src/store/modules/user.ts

@@ -4,7 +4,7 @@ import { store } from '@/store';
 import { ACCESS_TOKEN, CURRENT_CONFIG, CURRENT_USER, IS_LOCKSCREEN } from '@/store/mutation-types';
 import { ResultEnum } from '@/enums/httpEnum';
 const Storage = createStorage({ storage: localStorage });
-import { feiShuUserLogin, getConfig, getUserInfo, login } from '@/api/system/user';
+import {feiShuUserLogin, getConfig, getUserInfo, login, logout} from '@/api/system/user';
 import { storage } from '@/utils/Storage';
 
 export interface IUserState {
@@ -150,6 +150,7 @@ export const useUserStore = defineStore({
 
     // 登出
     async logout() {
+      await logout();
       this.setPermissions([]);
       this.setUserInfo('');
       storage.remove(ACCESS_TOKEN);

web/src/views/entrance/index.vue

@@ -180,20 +180,20 @@
       async getSystemList() {
         this.servers = await GetServiceList();
       },
-      async openNewPage(url: string, system_id: number) {
-        await SelectSystem({
-          ...{ system_id: system_id },
-        })
-          .then((res) => {
-            console.log('_res:' + JSON.stringify(res));
-            // const ex = 7 * 24 * 60 * 60 * 1000;
-            // storage.set(ACCESS_TOKEN, res.token, ex);
-            const path = url.replace('{access-token}', res.token);
-            window.open(path, '_self');
-          })
-          .catch((e: Error) => {
-            this.message.error(e.message ?? '操作失败');
-          });
+      openNewPage(url: string) {
+        // await SelectSystem({
+        //   ...{ system_id: system_id },
+        // })
+        //   .then((res) => {
+        //     console.log('_res:' + JSON.stringify(res));
+        // const ex = 7 * 24 * 60 * 60 * 1000;
+        // storage.set(ACCESS_TOKEN, res.token, ex);
+        const path = url.replace('{access-token}', storage.get(ACCESS_TOKEN));
+        window.open(path, '_self');
+        // })
+        // .catch((e: Error) => {
+        //   this.message.error(e.message ?? '操作失败');
+        // });
       },
 
       // openSetting() {

web/src/views/serverSelect/select.vue

@@ -23,20 +23,20 @@
   const servers = ref([]);
   const message = useMessage();
 
-  const openNewPage = async (url: string, system_id: number) => {
-    await SelectSystem({
-      ...{ system_id: system_id },
-    })
-      .then((res) => {
-        console.log('_res:' + JSON.stringify(res));
-        // const ex = 7 * 24 * 60 * 60 * 1000;
-        // storage.set(ACCESS_TOKEN, res.token, ex);
-        const path = url.replace('{access-token}', res.token);
-        window.open(path, '_self');
-      })
-      .catch((e: Error) => {
-        message.error(e.message ?? '操作失败');
-      });
+  const openNewPage = (url: string) => {
+    // await SelectSystem({
+    //   ...{ system_id: system_id },
+    // })
+    //   .then((res) => {
+    //     console.log('_res:' + JSON.stringify(res));
+    // const ex = 7 * 24 * 60 * 60 * 1000;
+    // storage.set(ACCESS_TOKEN, res.token, ex);
+    const path = url.replace('{access-token}', storage.get(ACCESS_TOKEN));
+    window.open(path, '_self');
+    // })
+    // .catch((e: Error) => {
+    //   message.error(e.message ?? '操作失败');
+    // });
   };
 
   onMounted(async () => {