forked from sa-tokens/sa-token-go
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.go
More file actions
133 lines (110 loc) · 3.73 KB
/
Copy pathmain.go
File metadata and controls
133 lines (110 loc) · 3.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
package main
import (
"log"
"github.com/kataras/iris/v12"
sairis "github.com/sa-tokens/sa-token-go/integrations/iris"
"github.com/sa-tokens/sa-token-go/storage/memory"
)
func main() {
// 初始化存储 | Initialize storage
storage := memory.NewStorage()
// 创建配置(只需要 sairis 包!) | Create config (only need sairis package!)
config := sairis.DefaultConfig()
config.TokenName = "token"
config.Timeout = 7200
config.IsPrintBanner = true
// 创建管理器 | Create manager
manager := sairis.NewManager(storage, config)
// 设置全局管理器 | Set global manager
sairis.SetManager(manager)
// 创建 Iris 插件 | Create Iris plugin
plugin := sairis.NewPlugin(manager)
// 创建应用 | Create app
app := iris.New()
// 登录接口 | Login endpoint
app.Post("/login", func(c iris.Context) {
// SECURITY NOTICE: this demo endpoint does NOT validate username/password.
// You MUST replace it with real authentication in production, otherwise it
// behaves as passwordless login.
// 安全提示:本示例为演示用途,未做用户名/密码校验。
// 生产环境必须替换为真实的用户身份验证逻辑,否则等同无密码登录。
userID := c.PostValue("user_id")
if userID == "" {
c.StatusCode(iris.StatusBadRequest)
_ = c.JSON(iris.Map{"error": "user_id is required"})
return
}
token, err := sairis.Login(userID)
if err != nil {
c.StatusCode(iris.StatusInternalServerError)
_ = c.JSON(iris.Map{"error": err.Error()})
return
}
_ = c.JSON(iris.Map{
"message": "登录成功",
"token": token,
})
})
// 登出接口 | Logout endpoint
app.Post("/logout", func(c iris.Context) {
token := c.GetHeader("token")
if token == "" {
c.StatusCode(iris.StatusBadRequest)
_ = c.JSON(iris.Map{"error": "token is required"})
return
}
if err := sairis.LogoutByToken(token); err != nil {
c.StatusCode(iris.StatusInternalServerError)
_ = c.JSON(iris.Map{"error": err.Error()})
return
}
_ = c.JSON(iris.Map{"message": "登出成功"})
})
// 检查登录状态 | Check login status
app.Get("/check", func(c iris.Context) {
token := c.GetHeader("token")
if token == "" {
c.StatusCode(iris.StatusBadRequest)
_ = c.JSON(iris.Map{"error": "token is required"})
return
}
if !sairis.IsLogin(token) {
c.StatusCode(iris.StatusUnauthorized)
_ = c.JSON(iris.Map{"error": "未登录"})
return
}
loginID, _ := sairis.GetLoginID(token)
_ = c.JSON(iris.Map{
"message": "已登录",
"login_id": loginID,
})
})
// 公共路由 | Public route - skip authentication
app.Get("/public", sairis.Ignore(), func(c iris.Context) {
_ = c.JSON(iris.Map{"message": "public data"})
})
// 需要登录 | Login required
app.Get("/user", sairis.CheckLogin(), func(c iris.Context) {
_ = c.JSON(iris.Map{"message": "user data"})
})
// 需要 admin 角色 | Admin role required
app.Get("/admin", sairis.CheckRole("admin"), func(c iris.Context) {
_ = c.JSON(iris.Map{"message": "admin area"})
})
// 需要 admin:* 权限 | Permission required
app.Get("/manage", sairis.CheckPermission("admin:*"), func(c iris.Context) {
_ = c.JSON(iris.Map{"message": "management area"})
})
// 受保护路由组:先 TokenInterceptor,再 AuthMiddleware
// Protected group: TokenInterceptor first, then AuthMiddleware
protected := app.Party("/api", plugin.TokenInterceptor(), plugin.AuthMiddleware())
protected.Get("/token", func(c iris.Context) {
token := sairis.GetTokenFromCtx(c)
_ = c.JSON(iris.Map{"token": token})
})
log.Println("服务器启动在端口: 8080")
log.Println("示例: curl -X POST http://localhost:8080/login -d 'user_id=1000'")
if err := app.Listen(":8080"); err != nil {
log.Fatal("服务器启动失败:", err)
}
}