chore: remove leftover grpc auth client (will be re-integrated as Kratos middleware)
This commit is contained in:
向宁
parent
4b35503b4f
commit
95f76bbc70
@ -1,101 +0,0 @@
|
||||
package grpc
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"rag/file-system/api/proto"
|
||||
"rag/file-system/internal/common"
|
||||
"time"
|
||||
|
||||
"github.com/patrickmn/go-cache"
|
||||
"google.golang.org/grpc"
|
||||
"google.golang.org/grpc/credentials/insecure"
|
||||
)
|
||||
|
||||
type TokenInfo struct {
|
||||
Valid bool
|
||||
UserId string
|
||||
Username string
|
||||
Email string
|
||||
Roles []string
|
||||
Permissions []string
|
||||
ExpiresAt int64
|
||||
}
|
||||
|
||||
type AuthClient struct {
|
||||
conn *grpc.ClientConn
|
||||
client proto.AuthServiceClient
|
||||
cache *cache.Cache
|
||||
}
|
||||
|
||||
func NewAuthClient(addr string) (*AuthClient, error) {
|
||||
conn, err := grpc.NewClient(addr,
|
||||
grpc.WithTransportCredentials(insecure.NewCredentials()),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("gRPC connect failed: %w", err)
|
||||
}
|
||||
|
||||
common.Logger.Info("gRPC auth client connected", "addr", addr)
|
||||
|
||||
return &AuthClient{
|
||||
conn: conn,
|
||||
client: proto.NewAuthServiceClient(conn),
|
||||
cache: cache.New(2*time.Minute, 5*time.Minute),
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (a *AuthClient) ValidateToken(ctx context.Context, token string) (*TokenInfo, error) {
|
||||
if cached, ok := a.cache.Get(token); ok {
|
||||
return cached.(*TokenInfo), nil
|
||||
}
|
||||
|
||||
resp, err := a.client.ValidateToken(ctx, &proto.ValidateTokenRequest{Token: token})
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("gRPC ValidateToken failed: %w", err)
|
||||
}
|
||||
|
||||
info := &TokenInfo{
|
||||
Valid: resp.Valid,
|
||||
UserId: resp.UserId,
|
||||
Username: resp.Username,
|
||||
Email: resp.Email,
|
||||
Roles: resp.Roles,
|
||||
Permissions: resp.Permissions,
|
||||
ExpiresAt: resp.ExpiresAt,
|
||||
}
|
||||
|
||||
if info.Valid {
|
||||
ttl := a.cacheTTL(resp.ExpiresAt)
|
||||
a.cache.Set(token, info, ttl)
|
||||
}
|
||||
|
||||
return info, nil
|
||||
}
|
||||
|
||||
func (a *AuthClient) HasPermission(token, permission string) (bool, error) {
|
||||
resp, err := a.client.CheckPermission(context.Background(), &proto.CheckPermissionRequest{
|
||||
Token: token,
|
||||
Permission: permission,
|
||||
})
|
||||
if err != nil {
|
||||
return false, fmt.Errorf("gRPC CheckPermission failed: %w", err)
|
||||
}
|
||||
return resp.Allowed, nil
|
||||
}
|
||||
|
||||
func (a *AuthClient) Close() error {
|
||||
return a.conn.Close()
|
||||
}
|
||||
|
||||
func (a *AuthClient) cacheTTL(expiresAt int64) time.Duration {
|
||||
expires := time.Unix(expiresAt, 0)
|
||||
ttl := time.Until(expires) - 30*time.Second
|
||||
if ttl < time.Minute {
|
||||
ttl = time.Minute
|
||||
}
|
||||
if ttl > 2*time.Minute {
|
||||
ttl = 2 * time.Minute
|
||||
}
|
||||
return ttl
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user