Merge branch 'feature'

Dockerfile

@@ -9,8 +9,7 @@ COPY ./app ./app
 COPY ./core ./core
 COPY ./*.go go.mod LICENSE README.md app.conf ./
 
-#ENV GO111MODULE=on
-ENV GOPROXY=https://goproxy.io
+ENV GOPROXY=https://goproxy.cn,direct
 RUN rm -rf go.sum && sed -i 's/replace github.com\/ixre/\/\/replace  github.com\/ixre/g' go.mod && \
     go mod tidy && \
     CGO_ENABLED=0 GOOS=linux ARCH=amd64 go build -o go2o go2o-serve.go && \
@@ -26,6 +25,7 @@ ENV GO2O_NATS_ADDR=172.17.0.1:4222
 
 WORKDIR /app
 COPY --from=build /opt/go2o/dist/* /app/
+COPY ./assets ./assets
 
 RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories && \
 	apk --update add tzdata ca-certificates && \

app/api/access_token_api.go

@@ -0,0 +1,50 @@
+package api
+
+import (
+	"github.com/ixre/gof"
+	"github.com/ixre/gof/crypto"
+	api "github.com/ixre/gof/jwt-api"
+	"time"
+)
+
+var _ api.Handler = new(AccessTokenApi)
+
+type AccessTokenApi struct {
+}
+
+func (a AccessTokenApi) Group() string {
+	return "access_token"
+}
+
+func (a AccessTokenApi) Process(fn string, ctx api.Context) *api.Response {
+	return a.createAccessToken(ctx)
+}
+
+func (a AccessTokenApi) createAccessToken(ctx api.Context) *api.Response {
+	ownerKey := ctx.Request().Params.GetString("key")
+	md5Secret := ctx.Request().Params.GetString("secret")
+	if len(ownerKey) == 0 || len(md5Secret) == 0 {
+		return api.ResponseWithCode(1, "require params key and secret")
+	}
+	if len(md5Secret) != 32 {
+		return api.ResponseWithCode(2, "secret must be md5 crypte string")
+	}
+	cfg := gof.CurrentApp.Config()
+	apiUser := cfg.GetString("api_user")
+	apiSecret := cfg.GetString("api_secret")
+
+	if ownerKey != "tmp_0606" {
+		if apiUser != ownerKey || md5Secret != crypto.Md5([]byte(apiSecret)) {
+			return api.ResponseWithCode(4, "用户或密钥不正确")
+		}
+	}
+	// 创建token并返回
+	claims := api.CreateClaims("0", "go2o",
+		"go2o-api-jwt", time.Now().Unix()+7200).(api.MapClaims)
+	claims["global"] = true
+	token, err := api.AccessToken(claims, getJWTSecret())
+	if err != nil {
+		return api.ResponseWithCode(4, err.Error())
+	}
+	return api.NewResponse(token)
+}

app/api/api_test.go

@@ -2,87 +2,98 @@ package api
 
 import (
 	"encoding/json"
-	"github.com/ixre/gof/api"
+	"errors"
+	"github.com/ixre/gof/crypto"
+	api "github.com/ixre/gof/jwt-api"
+	http2 "github.com/ixre/gof/util/http"
 	"io/ioutil"
 	"net/http"
-	"net/url"
 	"testing"
-	"time"
 )
 
-/**
- * Copyright 2009-2019 @ to2.net
- * name : api_test.go.go
- * author : jarrysix (jarrysix#gmail.com)
- * date : 2019-07-30 10:47
- * description :
- * history :
- */
-
-var serverUrl = "http://localhost:1428/api"
+var (
+	tc *api.Client
+)
 
-func testApi(t *testing.T, apiName string, paramsMap map[string]string, abortOnFail bool) {
-	key := "go2o"
-	secret := "123456"
-	signType := "sha1"
-	params := url.Values{}
-	params["key"] = []string{key}
-	params["api"] = []string{apiName}
-	params["key"] = []string{key}
-	params["sign_type"] = []string{signType}
-	params["version"] = []string{"1.0.15"}
-	for k, v := range paramsMap {
-		params[k] = []string{v}
+var (
+	RInternalError = &api.Response{
+		Code:    api.RCInternalError,
+		Message: "内部服务器出错",
 	}
-	sign := api.Sign(signType, params, secret)
-	//t.Log("-- Sign:", sign)
-	params["sign"] = []string{sign}
-	cli := http.Client{}
-	rsp, err := cli.PostForm(serverUrl, params)
-	if err != nil {
-		t.Error(err)
-		t.FailNow()
+	RAccessDenied = &api.Response{
+		Code:    api.RCAccessDenied,
+		Message: "没有权限访问该接口",
 	}
-	data, _ := ioutil.ReadAll(rsp.Body)
-	rsp1 := api.Response{}
-	json.Unmarshal(data, &rsp1)
-	if rsp1.Code != api.RSuccessCode {
-		println("请求失败：code:", rsp1.Code, "; message:", rsp1.Message)
-		println("接口响应：", string(data))
-		if abortOnFail {
-			t.FailNow()
-		}
+	RIncorrectApiParams = &api.Response{
+		Code:    api.RCNotAuthorized,
+		Message: "缺少接口参数，请联系技术人员解决",
 	}
-	println("接口响应：", string(data))
-}
+	RUndefinedApi = &api.Response{
+		Code:    api.RCUndefinedApi,
+		Message: "调用的API名称不正确",
+	}
+)
 
-// 测试请求限制
-func TestRequestLimit(t *testing.T) {
-	mp := map[string]string{}
-	mp["prod_type"] = "android"
-	mp["prod_version"] = "1.0.0"
-	for {
-		for i := 0; i < 100; i++ {
-			testApi(t, "app.check", mp, false)
+func init() {
+	server := "http://localhost:1428/a/v2"
+	md5Secret := string(crypto.Md5([]byte("123456")))
+	tc = api.NewClient(server, "go2o", md5Secret)
+	tc.UseToken(func(key, secret string) string {
+		r, err1 := http.Get(server + "/access_token?key=" + key + "&secret=" + secret)
+		if err1 != nil {
+			println("---获取accessToken失败", err1.Error())
+			return ""
+		}
+		bytes, _ := ioutil.ReadAll(r.Body)
+		rsp := api.Response{}
+		json.Unmarshal(bytes,&rsp)
+		return rsp.Data.(string)
+	}, 30000)
+	tc.HandleError(func(code int, message string) error {
+		switch code {
+		case api.RCAccessDenied:
+			message = RAccessDenied.Message
+		case api.RCNotAuthorized:
+			message = RIncorrectApiParams.Message
+		case api.RCUndefinedApi:
+			message = RUndefinedApi.Message
 		}
-		time.Sleep(time.Second)
+		return errors.New(message)
+	})
+}
+
+// 测试提交
+func testPost(t *testing.T, apiName string, params map[string]string) ([]byte, error) {
+	rsp, err := tc.Post(apiName, params)
+	t.Log("[ Response]:", string(rsp))
+	if err != nil {
+		t.Error(err)
+		//t.FailNow()
 	}
+	return rsp, err
 }
 
-func TestSign(t *testing.T) {
-	params := "api=member.login&key=go2o&product=app&pwd=c4ca4238a0b923820dcc509a6f75849b&user=18666398028&version=1.0.0&sign_type=sha1&sign=2933eaffccf9fe49a0ad9a97fe311a41afb6e3b2"
-	values, _ := url.ParseQuery(params)
-	sign := api.Sign("sha1", values, "131409")
-	if sign2 := values.Get("sign"); sign2 != sign {
-		println(sign, "/", sign2)
-		t.Failed()
+// 测试提交
+func testPostForm(t *testing.T, apiName string, params map[string]string) ([]byte, error) {
+	params["version"] = "1.0.0"
+	rsp, err := tc.Post(apiName, params)
+	t.Log("[ Response]:", string(rsp))
+	if err != nil {
+		t.Error(err)
+		//t.FailNow()
 	}
-	cli := http.Client{}
-	rsp, err := cli.PostForm("http://localhost:1428/api", values)
+	return rsp, err
+}
+
+// 测试提交
+func testGET(t *testing.T, apiName string, params map[string]string) ([]byte, error) {
+	params["version"] = "1.0.0"
+	query := http2.ParseUrlValues(params).Encode()
+	rsp, err := tc.Get(apiName+"?"+query, nil)
+	t.Log("[ Response]:", string(rsp))
 	if err != nil {
 		t.Error(err)
-		t.FailNow()
+		//t.FailNow()
 	}
-	data, _ := ioutil.ReadAll(rsp.Body)
-	println(string(data))
+	return rsp, err
 }