diff --git a/src/api/oauth/oauth.lua b/src/api/oauth/oauth.lua index 15b78bd..e61ee90 100644 --- a/src/api/oauth/oauth.lua +++ b/src/api/oauth/oauth.lua @@ -13,12 +13,6 @@ local routes = { -------------------------------------------- ------------ OAuth2.0认证相关路由配置 --------- -------------------------------------------- - --回收token - { - paths = { "/yum/v1/oauth/v2/login" }, - methods = { "GET" }, - handler = oauthService.login, - }, --获取授权码 { paths = { "/yum/v1/oauth/v2/authorize" }, diff --git a/src/service/oauth/oauth.lua b/src/service/oauth/oauth.lua index d090c49..9b821dc 100644 --- a/src/service/oauth/oauth.lua +++ b/src/service/oauth/oauth.lua @@ -17,8 +17,8 @@ local red = require("share.redis") local _M = {} ---获取授权码 -function _M:authorize() +--获取uri中所携带的参数信息 +local function getUriArgs() local args = ngx.req.get_uri_args() if ngx.req.get_method() == "POST" then -- 读取请求体的数据 @@ -30,12 +30,21 @@ function _M:authorize() if not ok then return ngx.exit(ngx.HTTP_BAD_REQUEST) end - -- 校验客户端请求参数 - ok = validator.validateAuthorize(data) - --验证失败则返回 - if not ok then - return ngx.exit(ngx.HTTP_BAD_REQUEST) - end + args = data + elseif ngx.req.get_method() == "GET" then + args = ngx.req.get_uri_args() + end + return args +end + +--获取授权码 +function _M:authorize() + local args = getUriArgs() + -- 校验客户端请求参数 + local ok = validator.validateAuthorize(args) + --验证失败则返回 + if not ok then + return ngx.exit(ngx.HTTP_BAD_REQUEST) end -- 校验 response_type 必须为 "code"(授权码模式) if args.response_type ~= "code" then @@ -63,8 +72,7 @@ function _M:authorize() local login_url = "/login?redirect=" .. ngx.escape_uri(ngx.var.request_uri) --print("authorize login_url:", login_url) --ngx.redirect(login_url) - local result = resp:json(ngx.HTTP_MOVED_TEMPORARILY, login_url) - resp:send(result) + resp:response(ngx.HTTP_MOVED_TEMPORARILY, login_url) return end -- 4. 生成授权码(随机字符串,确保唯一性)(用户ID、客户端ID、scope、生成时间) @@ -80,24 +88,21 @@ function _M:authorize() rest.redirect_uri = redirect_uri rest.code = auth_code rest.state = args.state - local result = resp:json(ngx.HTTP_OK, rest) - resp:send(result) + resp:response(ngx.HTTP_OK, rest) end -- 通过用户名认证用户和应用是否存在状态 local function authorizatePassword(args) -- 1.校验必填参数验证数据是否符合json - local ok = validator.validateLogin(args) + local ok = validator.validateUserPasswd(args) if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end -- 2.验证用户名和密码,应用程序id和应用程序密钥 local code, res = oauthDao.authenticateUserPasswd(args.username, args.password) if code ~= 0 or res == nil then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end print("验证用户名和密码: ", args.username) @@ -107,8 +112,7 @@ local function authorizatePassword(args) local client_secret = args.client_secret code, res = oauthDao.getApplicationByUserid(userid, client_id, client_secret) if code ~= 0 or res == nil then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end local redirect_uri = res[1].redirect_uris @@ -124,8 +128,7 @@ local function authorizatePassword(args) local rest = {} rest.redirect_uri = redirect_uri rest.code = auth_code - local result = resp:json(ngx.HTTP_OK, rest) - resp:send(result) + resp:response(ngx.HTTP_OK, rest) end -- 通过code形式进行认证 @@ -133,8 +136,7 @@ local function authorizateCode(args) -- 1.校验必填参数验证数据是否符合json local ok = validator.validateToken(args) if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end -- 2.校验 code 有效性 @@ -149,16 +151,14 @@ local function authorizateCode(args) if request_uri ~= args.redirect_uri then print("token redirect_url:", request_uri, args.redirect_uri) local login_url = "/login?redirect=" .. ngx.escape_uri(request_uri) - local result = resp:json(ngx.HTTP_MOVED_TEMPORARILY, login_url) - resp:send(result) + resp:response(ngx.HTTP_MOVED_TEMPORARILY, login_url) return end -- 4.生成密钥对 --local pub_key, priv_key, err = rsa.generate_rsa_keys(2048) --if err then -- print("密钥生成失败: ", err) - -- local result = resp:json(0x00001) - -- resp:send(result) + -- resp:response(0x00001) -- return --end --print("token pubkey:", pub_key) @@ -185,13 +185,11 @@ local function authorizateCode(args) -- 6.将生成的数据存储到数据库中 local code, res = oauthDao.updateApplicationToken(client_id, ret) if code ~= 0 then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end -- 7.返回结果 - local result = resp:json(ngx.HTTP_OK, ret) - resp:send(result) + resp:response(ngx.HTTP_OK, ret) end -- 刷新令牌 @@ -199,8 +197,7 @@ local function authorizateRefresh(args) -- 1.校验必填参数验证数据是否符合json local res = validator.validateRefresh(args) if not res then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end -- 2.验证并消费 refresh_token(滚动刷新:生成新的 rt) @@ -227,39 +224,13 @@ local function authorizateRefresh(args) ret.expires_in = conf.access_token_ttl ret.id_token = new_id_token -- 4.返回结果 - local result = resp:json(ngx.HTTP_OK, ret) - resp:send(result) + resp:response(ngx.HTTP_OK, ret) end -- 根据授权码获取Access-Token function _M:token() -- 1. 解析请求参数(支持 form-data 和 json) - local content_type = ngx.req.get_headers()["Content-Type"] or "" - local args = {} - --print("token content_type:", content_type) - if string.find(content_type, "application/json") then - -- 读取请求体的数据 - ngx.req.read_body() - -- 获取请求数据 - local body_data = ngx.req.get_body_data() - if not body_data then - return ngx.exit(ngx.HTTP_BAD_REQUEST) - end - -- 验证json数据是否正确 - local ok, data = pcall(cjson.decode, body_data) - if not ok then - return ngx.exit(ngx.HTTP_BAD_REQUEST) - end - args = data - else - if ngx.req.get_method() == "POST" then - -- 默认解析 form-urlencoded - args = ngx.req.get_post_args() - elseif ngx.req.get_method() == "GET" then - args = ngx.req.get_uri_args() - end - end - + local args = getUriArgs() local grant_type = args.grant_type --print("grant_type类型: ", grant_type) if grant_type == "password" then @@ -299,8 +270,7 @@ function _M:userinfo() --local pub_key, priv_key, err = rsa.generate_rsa_keys(2048) --if err then -- --print("密钥生成失败: ", err) - -- local result = resp:json(0x00001) - -- resp:send(result) + -- resp:response(0x00001) -- return --end -- 4.对token进行验证 @@ -329,8 +299,7 @@ function _M:userinfo() local code, rest = oauthDao.getUser(user_id) --读取数据错误 if code ~= 0 or rest == nil then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end -- 5.获取token中的信息进行所需用户的信息返回 @@ -341,44 +310,18 @@ function _M:userinfo() ret.real_name = rest[1].realname ret.office_phone = rest[1].office_phone ret.email = rest[1].email - local result = resp:json(ngx.HTTP_OK, ret) - resp:send(result) + resp:response(ngx.HTTP_OK, ret) end --回收token function _M:logout() -- 1. 解析请求参数(支持 form-data 和 json) - local content_type = ngx.req.get_headers()["Content-Type"] or "" - local args = {} - print("logout token content_type:", content_type) - if string.find(content_type, "application/json") then - -- 读取请求体的数据 - ngx.req.read_body() - -- 获取请求数据 - local body_data = ngx.req.get_body_data() - if not body_data then - return ngx.exit(ngx.HTTP_BAD_REQUEST) - end - -- 验证json数据是否正确 - local ok, data = pcall(cjson.decode, body_data) - if not ok then - return ngx.exit(ngx.HTTP_BAD_REQUEST) - end - args = data - else - if ngx.req.get_method() == "POST" then - -- 默认解析 form-urlencoded - args = ngx.req.get_post_args() - elseif ngx.req.get_method() == "GET" then - args = ngx.req.get_uri_args() - end - end + local args = getUriArgs() -- 1、校验客户端id和redirect_uri是否存在数据库 local ok = validator.validateLogout(args) if not ok then print("validateLogout:", args) - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end local token = args.access_token @@ -433,9 +376,7 @@ function _M:logout() end end -- 5.获取token中的信息进行所需用户的信息返回 - local ret = {} - local result = resp:json(ngx.HTTP_OK, ret) - resp:send(result) + resp:response(ngx.HTTP_OK) end return _M \ No newline at end of file diff --git a/src/service/system/account.lua b/src/service/system/account.lua index 8f4a9bb..4f96add 100644 --- a/src/service/system/account.lua +++ b/src/service/system/account.lua @@ -22,9 +22,8 @@ function _M.getSystemAccounts() end local pageNum = ngx.var.pagenum or 1 local pageSize = ngx.var.pagesize or 10 - local code,ret = accountDao.getSystemAccounts(pageNum, pageSize) - local result = resp:json(code, ret) - resp:send(result) + local code, ret = accountDao.getSystemAccounts(pageNum, pageSize) + resp:response(code, ret) end --根据账户id获取账户信息 @@ -37,9 +36,8 @@ function _M.getSystemAccount(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local id = m.id - local code,ret = accountDao.getSystemAccount(id) - local result = resp:json(code, ret) - resp:send(result) + local code, ret = accountDao.getSystemAccount(id) + resp:response(code, ret) end --根据账户id获取账户信息 @@ -59,14 +57,12 @@ function _M.addSystemAccount() local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end - --ngx.say(body_data) + -- 添加系统账户 local code, ret = accountDao.addSystemAccount(cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据账户id删除账户信息 @@ -79,8 +75,7 @@ function _M.deleteSystemAccount(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code, ret = accountDao.deleteSystemAccount(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据账户id删除账户信息 @@ -100,13 +95,11 @@ function _M.updateSystemAccount(m) local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end local code, ret = accountDao.updateSystemAccount(m.id, cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end return _M diff --git a/src/service/system/application.lua b/src/service/system/application.lua index 7699998..5c8c100 100644 --- a/src/service/system/application.lua +++ b/src/service/system/application.lua @@ -23,9 +23,8 @@ function _M.getSystemApplications() --获取页码和请求的数据量 local pageNum = ngx.var.pagenum or 1 local pageSize = ngx.var.pagesize or 10 - local code,ret = applicationDao.getSystemApplications() - local result = resp:json(code, ret) - resp:send(result) + local code, ret = applicationDao.getSystemApplications() + resp:response(code, ret) end --根据应用id获取应用信息 @@ -38,8 +37,7 @@ function _M.getSystemApplication(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code,ret = applicationDao.getSystemApplication(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据组织id获取应用信息 @@ -51,9 +49,8 @@ function _M.getOrganizationApplication(m) if perm:hasPermission(role, perms) == false then ngx.exit(ngx.HTTP_FORBIDDEN) end - local code,ret = applicationDao.getOrganizationApplication(m.id) - local result = resp:json(code, ret) - resp:send(result) + local code, ret = applicationDao.getOrganizationApplication(m.id) + resp:response(code, ret) end --根据用户id获取应用的信息 @@ -65,9 +62,8 @@ function _M.getUserApplication(m) if perm:hasPermission(role, perms) == false then ngx.exit(ngx.HTTP_FORBIDDEN) end - local code,ret = applicationDao.getUserApplication(m.id) - local result = resp:json(code, ret) - resp:send(result) + local code, ret = applicationDao.getUserApplication(m.id) + resp:response(code, ret) end --根据应用id获取应用信息 @@ -87,14 +83,12 @@ function _M.addSystemApplication() local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end - --ngx.say(body_data) + -- 添加应用程序 local code, ret = applicationDao.addApplication(cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据应用id删除应用信息 @@ -107,8 +101,7 @@ function _M.deleteSystemApplication(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code, ret = applicationDao.deleteApplication(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据应用id删除应用信息 @@ -128,13 +121,11 @@ function _M.updateSystemApplication(m) local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end local code, ret = applicationDao.updateSystemApplication(m.id, cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end return _M diff --git a/src/service/system/department.lua b/src/service/system/department.lua index eaa05de..cdc7c91 100644 --- a/src/service/system/department.lua +++ b/src/service/system/department.lua @@ -20,9 +20,8 @@ function _M.getSystemDepartments() if perm:hasPermission(role, perms) == false then ngx.exit(ngx.HTTP_FORBIDDEN) end - local code,ret = departmentDao.getSystemDepartments() - local result = resp:json(code, ret) - resp:send(result) + local code, ret = departmentDao.getSystemDepartments() + resp:response(code, ret) end --根据组织id获取组织架构信息 @@ -34,9 +33,8 @@ function _M.getSystemDepartment(m) if perm:hasPermission(role, perms) == false then ngx.exit(ngx.HTTP_FORBIDDEN) end - local code,ret = departmentDao.getSystemDepartment(m.id) - local result = resp:json(code, ret) - resp:send(result) + local code, ret = departmentDao.getSystemDepartment(m.id) + resp:response(code, ret) end --根据组织id添加组织架构信息 @@ -56,14 +54,12 @@ function _M.addSystemDepartment() local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end --ngx.say(body_data) local code, ret = departmentDao.addSystemDepartment(cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据组织id删除组织架构信息 @@ -77,8 +73,7 @@ function _M.deleteSystemDepartment(m) end --删除部门数据 local code, ret = departmentDao.deleteSystemDepartment(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据组织id删除组织架构信息 @@ -98,13 +93,11 @@ function _M.updateSystemDepartment(m) local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end local code, ret = departmentDao.updateSystemDepartment(m.id, cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end return _M diff --git a/src/service/system/login.lua b/src/service/system/login.lua index 4f40500..a70b0f9 100644 --- a/src/service/system/login.lua +++ b/src/service/system/login.lua @@ -24,8 +24,7 @@ function _M.login() local ok, data = pcall(cjson.decode, body_data) if not ok then print("JSON解析失败:", data) - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end -- 验证数据是否符合json @@ -33,16 +32,14 @@ function _M.login() --验证失败则返回 if not valid then print("验证失败: ", errors) - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end --ngx.say(body_data) local code, ret = loginDao.login(data) --读取数据错误 if code ~= 0 or table.getn(ret) < 0 then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end local id = ret[1].id @@ -54,8 +51,7 @@ function _M.login() local data = {} data["token"] = jwt_token data["userInfo"] = ret - local result = resp:json(code, data) - resp:send(result) + resp:response(code, data) end --用户注册业务逻辑处理 @@ -68,29 +64,25 @@ function _M.signup() local ok, data = pcall(cjson.decode, body_data) if not ok then print("JSON解析失败:", data) - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end -- 验证数据是否符合json local retJson = validator.validateJson(data) --验证失败则返回 if not retJson then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end --ngx.say(body_data) local code, ret = loginDao.signup(data) --读取数据错误 if code ~= 0 or table.getn(ret) < 0 then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end --返回注册成功信息 - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --用户登出业务逻辑处理 @@ -102,8 +94,7 @@ function _M.logout() --验证失败则返回 local code = ret["code"] if code ~= 200 then - local result = resp:json(code, ret["message"]) - resp:send(result) + resp:response(code, ret["message"]) return end --验证成功记录登出的日志信息 @@ -112,8 +103,7 @@ function _M.logout() local role_id = ret["body"]["payload"]["role_id"] local role_name = ret["body"]["payload"]["role_name"] ngx.log(ngx.INFO, "userid:"..userid.." username:"..username.." role_id:"..role_id.." role_name:"..role_name.." logout system") - local result = resp:json(0, "用户退出系统成功") - resp:send(result) + resp:response(0, "用户退出系统成功") end --根据token获取用户信息 @@ -125,8 +115,7 @@ function _M.user() --验证失败则返回 local code = retToken["code"] if code ~= 200 then - local result = resp:json(code, retToken["message"]) - resp:send(result) + resp:response(code, retToken["message"]) return end --验证成功获取用户id信息 @@ -134,13 +123,11 @@ function _M.user() local code, ret = loginDao.getUser(userid) --读取数据错误 if code ~= 0 or table.getn(ret) < 0 then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end - --获取的登陆的用户信息 - local result = resp:json(code, ret) - resp:send(result) + --返回登陆的用户信息 + resp:response(code, ret) end --根据token获取用户登录权限 @@ -152,8 +139,7 @@ function _M.permission() --验证失败则返回 local code = retToken["code"] if code ~= 200 then - local result = resp:json(code, retToken["message"]) - resp:send(result) + resp:response(code, retToken["message"]) return end --验证成功获取用户id信息 @@ -165,13 +151,11 @@ function _M.permission() local code, ret = loginDao.getUser(userid) --读取数据错误 if code ~= 0 or table.getn(ret) < 0 then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end --返回用户权限信息 - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end return _M \ No newline at end of file diff --git a/src/service/system/permission.lua b/src/service/system/permission.lua index 648582a..88daf5f 100644 --- a/src/service/system/permission.lua +++ b/src/service/system/permission.lua @@ -24,8 +24,7 @@ function _M.getSystemPermissions() local pageNum = ngx.var.pagenum or 1 local pageSize = ngx.var.pagesize or 10 local code,ret = permissionDao.getSystemPermissions(pageNum, pageSize) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据权限id获取权限信息 @@ -38,8 +37,7 @@ function _M.get_permission(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code,ret = permissionDao.getPermission(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据角色id获取使用的权限 @@ -52,8 +50,7 @@ function _M.getSystemPermissionByRole(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code,ret = dao.getPermissionByRole(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据权限id获取账号信息 @@ -73,14 +70,12 @@ function _M.addSystemPermission() local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end --ngx.say(body_data) local code, ret = permissionDao.addPermission(cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据账号id删除账号信息 @@ -93,8 +88,7 @@ function _M.deleteSystemPermission(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code, ret = permissionDao.deleteSystemPermission(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据账号id删除账号信息 @@ -114,13 +108,11 @@ function _M.updateSystemPermission(m) local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end local code, ret = permissionDao.updatePermission(m.id, cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end return _M diff --git a/src/service/system/position.lua b/src/service/system/position.lua index 15984f3..9dac7b1 100644 --- a/src/service/system/position.lua +++ b/src/service/system/position.lua @@ -24,8 +24,7 @@ function _M.getSystemPositions() local pageNum = ngx.var.pagenum or 1 local pageSize = ngx.var.pagesize or 10 local code,ret = positionDao.getSystemPositions(pageNum, pageSize) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据岗位id获取岗位信息 @@ -38,8 +37,7 @@ function _M.getSystemPosition(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code,ret = positionDao.getSystemPosition(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据岗位id添加岗位信息 @@ -59,14 +57,12 @@ function _M.addSystemPosition() local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end --ngx.say(body_data) local code, ret = positionDao.addSystemPosition(cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据岗位id删除岗位信息 @@ -79,8 +75,7 @@ function _M.deleteSystemPosition(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code, ret = positionDao.deleteSystemPosition(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据岗位id删除岗位信息 @@ -100,13 +95,11 @@ function _M.updateSystemPosition(m) local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end local code, ret = positionDao.updateSystemPosition(m.id, cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end return _M diff --git a/src/service/system/role.lua b/src/service/system/role.lua index ee28575..4f94bf6 100644 --- a/src/service/system/role.lua +++ b/src/service/system/role.lua @@ -25,8 +25,7 @@ function _M.getSystemRoles() local pageNum = ngx.var.pagenum or 1 local pageSize = ngx.var.pagesize or 10 local code,ret = roleDao.getSystemRoles(pageNum, pageSize) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据角色id获取角色信息 @@ -39,8 +38,7 @@ function _M.getSystemRole(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code,ret = roleDao.getSystemRole(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据角色id获取角色信息 @@ -60,14 +58,12 @@ function _M.addSystemRole() local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end --ngx.say(body_data) local code, ret = roleDao.addSystemRole(cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据角色id删除角色信息 @@ -80,8 +76,7 @@ function _M.deleteSystemRole(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code, ret = roleDao.deleteSystemRole(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据角色id删除角色信息 @@ -101,13 +96,11 @@ function _M.updateSystemRole(m) local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end local code, ret = roleDao.updateSystemRole(m.id, cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end return _M diff --git a/src/service/system/user.lua b/src/service/system/user.lua index 40a8f97..24e0799 100644 --- a/src/service/system/user.lua +++ b/src/service/system/user.lua @@ -45,8 +45,7 @@ function _M.getSystemUsers(m) local pageNum = ngx.var.pagenum or 1 local pageSize = ngx.var.pagesize or 10 local code,ret = userDao.getSystemUsers(pageNum, pageSize) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据用户id获取用户信息 @@ -68,8 +67,7 @@ function _M.getSystemUser(m) ngx.exit(ngx.HTTP_NOT_ALLOWED) end local code,ret = userDao.getSystemUser(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据用户id获取用户信息 @@ -89,16 +87,14 @@ function _M.addSystemUser(m) local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end --ngx.say(body_data) local jsonData = cjson.decode(body_data) --ngx.say(jsonData) local code, ret = userDao.addSystemUser(jsonData) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据用户id删除用户信息 @@ -111,8 +107,7 @@ function _M.deleteSystemUser(m) ngx.exit(ngx.HTTP_FORBIDDEN) end local code, ret = userDao.deleteSystemUser(m.id) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end --根据用户id删除用户信息 @@ -138,14 +133,12 @@ function _M.updateSystemUser(m) local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then - local result = resp:json(0x000001) - resp:send(result) + resp:response(0x000001) return end --将数据更新到数据表中 local code, ret = userDao.updateSystemUser(m.id, cjson.decode(body_data)) - local result = resp:json(code, ret) - resp:send(result) + resp:response(code, ret) end return _M diff --git a/src/util/response.lua b/src/util/response.lua index 6a176bd..22eed49 100644 --- a/src/util/response.lua +++ b/src/util/response.lua @@ -77,4 +77,9 @@ function _M:send(response) end end +function _M:response(code, result) + local response = self:json(code, result) + self:send(response) +end + return _M diff --git a/src/validator/oauth/oauth.lua b/src/validator/oauth/oauth.lua index 4bc5b09..eb2f27c 100644 --- a/src/validator/oauth/oauth.lua +++ b/src/validator/oauth/oauth.lua @@ -7,6 +7,24 @@ local jsonschema = require("jsonschema") local _M = {} +-- 定义一个JSON Schema +local schemaLogin = { + type = "object", + properties = { + client_id = { type = "string" }, + client_secret = { type = "string" }, + }, + required = { "client_id", "client_secret" } +} + +--通过用户名和密码进行认证 +function _M.validateLogin(jsonData) + -- 验证数据是否符合schema + local validator = jsonschema.generate_validator(schemaLogin) + local result = validator(jsonData) + return result +end + -- 定义一个JSON Schema local schemaAuth = { type = "object", @@ -29,7 +47,7 @@ function _M.validateAuthorize(jsonData) end -- 定义一个JSON Schema -local schemaLogin = { +local schemaUserPasswd = { type = "object", properties = { grant_type = { type = "string" }, @@ -42,9 +60,9 @@ local schemaLogin = { } --通过用户名和密码进行认证 -function _M.validateLogin(jsonData) +function _M.validateUserPasswd(jsonData) -- 验证数据是否符合schema - local validator = jsonschema.generate_validator(schemaLogin) + local validator = jsonschema.generate_validator(schemaUserPasswd) local result = validator(jsonData) return result end