212 lines
5.3 KiB
Go
212 lines
5.3 KiB
Go
package admin
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
c "ciyon/zciyon"
|
|
)
|
|
|
|
var Gtokenfield string //header api field
|
|
var Gtokensalt string //登录盐值
|
|
var Gdefpass string //默认密码
|
|
func init() {
|
|
Gtokenfield = "ciyadm"
|
|
Gtokensalt = "bka02$59gG"
|
|
Gdefpass = "1q2w"
|
|
}
|
|
func Verifyfast(db *c.CiyMysql, post *c.CiyPost) (map[string]any, int) {
|
|
rsuser, err := Verifyuser(c.CiyDB, post)
|
|
if err != nil {
|
|
c.ErrJSON(post.W, "请重新登录", 2)
|
|
return nil, 0
|
|
}
|
|
return rsuser, c.Toint(rsuser["id"])
|
|
}
|
|
|
|
func Verifyuser(db *c.CiyMysql, post *c.CiyPost) (map[string]any, error) {
|
|
ciyauth := post.R.Header.Get(Gtokenfield)
|
|
if ciyauth == "" {
|
|
ciyauth = c.GetQuery("_"+Gtokenfield, post.R)
|
|
}
|
|
if ciyauth == "" {
|
|
return nil, fmt.Errorf("verify nofind %v in header or query", Gtokenfield)
|
|
}
|
|
auth := c.Str_JSON(c.Encrypt(ciyauth, "D", Gtokensalt))
|
|
if auth == nil {
|
|
return nil, fmt.Errorf("verify ciyauth error")
|
|
}
|
|
csql := c.NewCiySQL("zc_online")
|
|
csql.Where("id", auth["_o"])
|
|
onlinerow, err := db.Getone(csql)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("verify read online err:%v", err)
|
|
}
|
|
if c.Toint(onlinerow["user"]) != c.Toint(auth["id"]) {
|
|
return nil, fmt.Errorf("verify userid not match oid=%v", onlinerow["id"])
|
|
}
|
|
if c.Tostr(onlinerow["sid"]) != c.Tostr(auth["_s"]) {
|
|
return nil, fmt.Errorf("verify sid not match oid=%v", onlinerow["id"])
|
|
}
|
|
if c.Toint(onlinerow["usrchg"]) == 9 {
|
|
csql := c.NewCiySQL("zc_admin")
|
|
csql.Where("id", auth["_o"])
|
|
userrow, _ := db.Getone(csql)
|
|
if userrow == nil {
|
|
return nil, fmt.Errorf("verify user nofind")
|
|
}
|
|
if c.Toint(userrow["stpstatus"]) != 10 {
|
|
return nil, fmt.Errorf("verify user disabled")
|
|
}
|
|
}
|
|
if c.Toint(onlinerow["usrchg"]) == 2 {
|
|
post.W.Header().Set(Gtokenfield+"re", "true")
|
|
}
|
|
if c.Toint(onlinerow["exptimes"]) > c.Tostamp() {
|
|
return auth, nil
|
|
}
|
|
exptimes := c.Tostamp() + 86400
|
|
sid := c.Randstr(10)
|
|
auth["_s"] = sid
|
|
authstr := c.JSON_Str(auth)
|
|
newauth := c.Encrypt(authstr, "E", Gtokensalt)
|
|
post.W.Header().Set(Gtokenfield, newauth)
|
|
userid := c.Toint(auth["id"])
|
|
db.UserID = userid
|
|
updata := map[string]any{}
|
|
updata["exptimes"] = exptimes
|
|
updata["sid"] = sid
|
|
updata["ip"] = post.GetIP()
|
|
csql = c.NewCiySQL("zc_online")
|
|
csql.Where("id", auth["_o"])
|
|
_, err = db.Update(csql, updata)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("verify sid online update err:%v", err)
|
|
}
|
|
return auth, nil
|
|
}
|
|
|
|
func Nopower(db *c.CiyMysql, userid int, chkpower string) bool {
|
|
csql := c.NewCiySQL("zc_admin")
|
|
csql.Where("id", userid)
|
|
csql.Column("power")
|
|
mepower := c.Tostr(c.CiyDB.Get1(csql))
|
|
if mepower == "" {
|
|
return true
|
|
}
|
|
if len(chkpower) < 3 {
|
|
return true
|
|
}
|
|
if userid == 10 { //超级管理员
|
|
return false
|
|
}
|
|
pows := strings.Split(mepower, ".")
|
|
for _, p := range pows {
|
|
if p == "" {
|
|
continue
|
|
}
|
|
if !strings.HasPrefix(chkpower, p) {
|
|
continue
|
|
}
|
|
return false
|
|
}
|
|
return true
|
|
}
|
|
func SaveLog(db *c.CiyMysql, types, msg string) {
|
|
updata := map[string]any{}
|
|
updata["types"] = types
|
|
updata["loguser"] = db.UserID
|
|
updata["logs"] = msg
|
|
updata["readuser"] = 0
|
|
updata["addtimes"] = c.Tostamp()
|
|
csql := c.NewCiySQL("zc_log")
|
|
_, err := db.Insert(csql, updata)
|
|
if err != nil {
|
|
c.Log.Warn("LOG", fmt.Sprintf("SaveLog Error:%v[%v]", err, types+":"+msg))
|
|
return
|
|
}
|
|
}
|
|
func SaveLogDB(db *c.CiyMysql, types string, oldrow map[string]any, newrow map[string]any) {
|
|
SaveLog(db, types, c.LogDBStr(oldrow, newrow))
|
|
}
|
|
|
|
func Getconfig(db *c.CiyMysql, types, defvalue any) any {
|
|
csql := c.NewCiySQL("zc_config")
|
|
csql.Where("types", types)
|
|
row, _ := db.Getone(csql)
|
|
if row != nil {
|
|
return row["params"]
|
|
}
|
|
return defvalue
|
|
}
|
|
func Setconfig(db *c.CiyMysql, types, value any) bool {
|
|
updata := map[string]any{}
|
|
updata["types"] = types
|
|
updata["params"] = value
|
|
csql := c.NewCiySQL("zc_config")
|
|
csql.Where("types", types)
|
|
_, err := db.Update(csql, updata)
|
|
return err == nil
|
|
}
|
|
|
|
func Getcatas(db *c.CiyMysql, cbstr any) []map[string]any {
|
|
cbid := 0
|
|
if c.Is_int(cbstr) {
|
|
cbid = c.Toint(cbstr)
|
|
} else {
|
|
csql := c.NewCiySQL("zc_cata")
|
|
csql.Where("codeid", cbstr)
|
|
csql.Where("cbid=0")
|
|
csql.Column("id")
|
|
cbid = c.Toint(db.Get1(csql))
|
|
}
|
|
if cbid == 0 {
|
|
return []map[string]any{}
|
|
}
|
|
csql := c.NewCiySQL("zc_cata")
|
|
csql.Where("cbid", cbid)
|
|
csql.Order("csort,id")
|
|
csql.Column("codeid as id,name,upid,name,extdata")
|
|
catarows, _, err := db.Get(csql)
|
|
if err != nil {
|
|
return []map[string]any{}
|
|
}
|
|
return catarows
|
|
}
|
|
|
|
// func Getsaascatas(db *c.CiyMysql, cbstr any, saasid int) []map[string]any {
|
|
// cbid := 0
|
|
// if c.Is_int(cbstr) {
|
|
// cbid = c.Toint(cbstr)
|
|
// } else {
|
|
// csql := c.NewCiySQL("zc_catsaas")
|
|
// csql.Where("codeid", cbstr)
|
|
// csql.Where("cbid=0")
|
|
// csql.Column("id")
|
|
// cbid = c.Toint(db.Get1(csql))
|
|
// }
|
|
// if cbid == 0 {
|
|
// return []map[string]any{}
|
|
// }
|
|
// csql := c.NewCiySQL("zc_catsaas")
|
|
// csql.Where("saasid", saasid)
|
|
// csql.Where("cbid", cbid)
|
|
// csql.Order("csort,id")
|
|
// csql.Column("codeid as id,name,upid,name,extdata")
|
|
// catarows, _, err := db.Get(csql)
|
|
// if err != nil {
|
|
// return []map[string]any{}
|
|
// }
|
|
// if len(catarows) == 0 {
|
|
// csql = c.NewCiySQL("zc_cata")
|
|
// csql.Where("cbid", cbid)
|
|
// csql.Order("csort,id")
|
|
// csql.Column("codeid as id,name,upid,name,extdata")
|
|
// catarows, _, err = db.Get(csql)
|
|
// if err != nil {
|
|
// return []map[string]any{}
|
|
// }
|
|
// }
|
|
// return catarows
|
|
// }
|