merge

2025-10-26 05:02:11 +08:00 · 2024-05-23 10:21:17 +08:00 · 2024-05-23 10:21:17 +08:00 · b2d9b19528
commit b2d9b19528
parent 73a2a0fe58 285523751d
5 changed files with 48 additions and 92 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -1,59 +0,0 @@
-# Copyright © 2023 OpenIM. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# To get started with Dependabot version updates, you'll need to specify which
-# package ecosystems to update and where the package manifests are located.
-# Please see the documentation for all configuration options:
-# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
-
-version: 2
-updates:
-  - package-ecosystem: "gomod"
-    directory: "/"
-    schedule:
-      interval: "daily"
-      time: "08:00"
-    labels:
-      - "dependencies"
-    commit-message:
-      prefix: "feat"
-      include: "scope"
-    groups:
-      gomod-deps:
-        patterns:
-          - "*"
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "daily"
-      time: "08:00"
-    labels:
-      - "dependencies"
-    commit-message:
-      prefix: "chore"
-      include: "scope"
-    groups:
-      github-actions:
-        patterns:
-          - "*"
-  - package-ecosystem: "docker"
-    directory: "/"
-    schedule:
-      interval: "daily"
-      time: "08:00"
-    labels:
-      - "dependencies"
-    commit-message:
-      prefix: "feat"
-      include: "scope"
--- a/CONTRIBUTING-zh_CN.md
+++ b/CONTRIBUTING-zh_CN.md
@ -93,4 +93,4 @@ I have read the CLA Document and I hereby sign the CLA
 ### 异常及错误处理
 - **禁止使用 `panic`**：程序中不应使用 `panic`，以避免在遇到不可恢复的错误时突然终止。
 - **错误包裹**：使用 `"github.com/openimsdk/tools/errs"` 来包裹错误，保持错误信息的完整性并增加调试便利。
- **错误传递**：如果函数本身不能处理错误，应将错误返回给调用者，而不是隐藏或忽略这些错误。
+- **错误传递**：如果函数本身不能处理错误，应将错误返回给调用者，而不是隐藏或忽略这些错误。
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -91,4 +91,4 @@ Please refer to the following documents for detailed information on Go language
 ### Exception and Error Handling
 - **Prohibit the use of `panic`**: The code should not use `panic` to avoid abrupt termination when encountering unrecoverable errors.
 - **Error Wrapping**: Use `"github.com/openimsdk/tools/errs"` to wrap errors, maintaining the integrity of error information and facilitating debugging.
- **Error Propagation**: If a function cannot handle an error itself, it should return the error to the caller, rather than hiding or ignoring it.
+- **Error Propagation**: If a function cannot handle an error itself, it should return the error to the caller, rather than hiding or ignoring it.
--- a/internal/api/router.go
+++ b/internal/api/router.go
@ -15,6 +15,7 @@ import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials/insecure"
 	"net/http"
+	"strings"
 )

 func newGinRouter(disCov discovery.SvcDiscoveryRegistry, config *Config) *gin.Engine {
@ -25,7 +26,6 @@ func newGinRouter(disCov discovery.SvcDiscoveryRegistry, config *Config) *gin.En
 	if v, ok := binding.Validator.Engine().(*validator.Validate); ok {
 		_ = v.RegisterValidation("required_if", RequiredIf)
 	}
-	r.Use(gin.Recovery(), mw.CorsHandler(), mw.GinParseOperationID())
 	// init rpc client here
 	userRpc := rpcclient.NewUser(disCov, config.Share.RpcRegisterName.User, config.Share.RpcRegisterName.MessageGateway,
 		config.Share.IMAdminUserID)
@ -36,37 +36,37 @@ func newGinRouter(disCov discovery.SvcDiscoveryRegistry, config *Config) *gin.En
 	authRpc := rpcclient.NewAuth(disCov, config.Share.RpcRegisterName.Auth)
 	thirdRpc := rpcclient.NewThird(disCov, config.Share.RpcRegisterName.Third, config.API.Prometheus.GrafanaURL)

+	r.Use(gin.Recovery(), mw.CorsHandler(), mw.GinParseOperationID(), GinParseToken(authRpc))
 	u := NewUserApi(*userRpc)
 	m := NewMessageApi(messageRpc, userRpc, config.Share.IMAdminUserID)
-	ParseToken := GinParseToken(authRpc)
 	userRouterGroup := r.Group("/user")
 	{
 		userRouterGroup.POST("/user_register", u.UserRegister)
-		userRouterGroup.POST("/update_user_info", ParseToken, u.UpdateUserInfo)
-		userRouterGroup.POST("/update_user_info_ex", ParseToken, u.UpdateUserInfoEx)
-		userRouterGroup.POST("/set_global_msg_recv_opt", ParseToken, u.SetGlobalRecvMessageOpt)
-		userRouterGroup.POST("/get_users_info", ParseToken, u.GetUsersPublicInfo)
-		userRouterGroup.POST("/get_all_users_uid", ParseToken, u.GetAllUsersID)
-		userRouterGroup.POST("/account_check", ParseToken, u.AccountCheck)
-		userRouterGroup.POST("/get_users", ParseToken, u.GetUsers)
-		userRouterGroup.POST("/get_users_online_status", ParseToken, u.GetUsersOnlineStatus)
-		userRouterGroup.POST("/get_users_online_token_detail", ParseToken, u.GetUsersOnlineTokenDetail)
-		userRouterGroup.POST("/subscribe_users_status", ParseToken, u.SubscriberStatus)
-		userRouterGroup.POST("/get_users_status", ParseToken, u.GetUserStatus)
-		userRouterGroup.POST("/get_subscribe_users_status", ParseToken, u.GetSubscribeUsersStatus)
+		userRouterGroup.POST("/update_user_info", u.UpdateUserInfo)
+		userRouterGroup.POST("/update_user_info_ex", u.UpdateUserInfoEx)
+		userRouterGroup.POST("/set_global_msg_recv_opt", u.SetGlobalRecvMessageOpt)
+		userRouterGroup.POST("/get_users_info", u.GetUsersPublicInfo)
+		userRouterGroup.POST("/get_all_users_uid", u.GetAllUsersID)
+		userRouterGroup.POST("/account_check", u.AccountCheck)
+		userRouterGroup.POST("/get_users", u.GetUsers)
+		userRouterGroup.POST("/get_users_online_status", u.GetUsersOnlineStatus)
+		userRouterGroup.POST("/get_users_online_token_detail", u.GetUsersOnlineTokenDetail)
+		userRouterGroup.POST("/subscribe_users_status", u.SubscriberStatus)
+		userRouterGroup.POST("/get_users_status", u.GetUserStatus)
+		userRouterGroup.POST("/get_subscribe_users_status", u.GetSubscribeUsersStatus)

-		userRouterGroup.POST("/process_user_command_add", ParseToken, u.ProcessUserCommandAdd)
-		userRouterGroup.POST("/process_user_command_delete", ParseToken, u.ProcessUserCommandDelete)
-		userRouterGroup.POST("/process_user_command_update", ParseToken, u.ProcessUserCommandUpdate)
-		userRouterGroup.POST("/process_user_command_get", ParseToken, u.ProcessUserCommandGet)
-		userRouterGroup.POST("/process_user_command_get_all", ParseToken, u.ProcessUserCommandGetAll)
+		userRouterGroup.POST("/process_user_command_add", u.ProcessUserCommandAdd)
+		userRouterGroup.POST("/process_user_command_delete", u.ProcessUserCommandDelete)
+		userRouterGroup.POST("/process_user_command_update", u.ProcessUserCommandUpdate)
+		userRouterGroup.POST("/process_user_command_get", u.ProcessUserCommandGet)
+		userRouterGroup.POST("/process_user_command_get_all", u.ProcessUserCommandGetAll)

-		userRouterGroup.POST("/add_notification_account", ParseToken, u.AddNotificationAccount)
-		userRouterGroup.POST("/update_notification_account", ParseToken, u.UpdateNotificationAccountInfo)
-		userRouterGroup.POST("/search_notification_account", ParseToken, u.SearchNotificationAccount)
+		userRouterGroup.POST("/add_notification_account", u.AddNotificationAccount)
+		userRouterGroup.POST("/update_notification_account", u.UpdateNotificationAccountInfo)
+		userRouterGroup.POST("/search_notification_account", u.SearchNotificationAccount)
 	}
 	// friend routing group
-	friendRouterGroup := r.Group("/friend", ParseToken)
+	friendRouterGroup := r.Group("/friend")
 	{
 		f := NewFriendApi(*friendRpc)
 		friendRouterGroup.POST("/delete_friend", f.DeleteFriend)
@ -88,7 +88,7 @@ func newGinRouter(disCov discovery.SvcDiscoveryRegistry, config *Config) *gin.En
 		friendRouterGroup.POST("/update_friends", f.UpdateFriends)
 	}
 	g := NewGroupApi(*groupRpc)
-	groupRouterGroup := r.Group("/group", ParseToken)
+	groupRouterGroup := r.Group("/group")
 	{
 		groupRouterGroup.POST("/create_group", g.CreateGroup)
 		groupRouterGroup.POST("/set_group_info", g.SetGroupInfo)
@ -120,12 +120,12 @@ func newGinRouter(disCov discovery.SvcDiscoveryRegistry, config *Config) *gin.En
 	{
 		a := NewAuthApi(*authRpc)
 		authRouterGroup.POST("/user_token", a.UserToken)
-		authRouterGroup.POST("/get_user_token", ParseToken, a.GetUserToken)
+		authRouterGroup.POST("/get_user_token", a.GetUserToken)
 		authRouterGroup.POST("/parse_token", a.ParseToken)
-		authRouterGroup.POST("/force_logout", ParseToken, a.ForceLogout)
+		authRouterGroup.POST("/force_logout", a.ForceLogout)
 	}
 	// Third service
-	thirdGroup := r.Group("/third", ParseToken)
+	thirdGroup := r.Group("/third")
 	{
 		t := NewThirdApi(*thirdRpc)
 		thirdGroup.GET("/prometheus", t.GetPrometheus)
@ -137,7 +137,7 @@ func newGinRouter(disCov discovery.SvcDiscoveryRegistry, config *Config) *gin.En
 		logs.POST("/delete", t.DeleteLogs)
 		logs.POST("/search", t.SearchLogs)

-		objectGroup := r.Group("/object", ParseToken)
+		objectGroup := r.Group("/object")

 		objectGroup.POST("/part_limit", t.PartLimit)
 		objectGroup.POST("/part_size", t.PartSize)
@ -150,7 +150,7 @@ func newGinRouter(disCov discovery.SvcDiscoveryRegistry, config *Config) *gin.En
 		objectGroup.GET("/*name", t.ObjectRedirect)
 	}
 	// Message
-	msgGroup := r.Group("/msg", ParseToken)
+	msgGroup := r.Group("/msg")
 	{
 		msgGroup.POST("/newest_seq", m.GetSeq)
 		msgGroup.POST("/search_msg", m.SearchMsg)
@ -174,7 +174,7 @@ func newGinRouter(disCov discovery.SvcDiscoveryRegistry, config *Config) *gin.En
 		msgGroup.POST("/get_server_time", m.GetServerTime)
 	}
 	// Conversation
-	conversationGroup := r.Group("/conversation", ParseToken)
+	conversationGroup := r.Group("/conversation")
 	{
 		c := NewConversationApi(*conversationRpc)
 		conversationGroup.POST("/get_sorted_conversation_list", c.GetSortedConversationList)
@ -185,7 +185,7 @@ func newGinRouter(disCov discovery.SvcDiscoveryRegistry, config *Config) *gin.En
 		conversationGroup.POST("/get_conversation_offline_push_user_ids", c.GetConversationOfflinePushUserIDs)
 	}

-	statisticsGroup := r.Group("/statistics", ParseToken)
+	statisticsGroup := r.Group("/statistics")
 	{
 		statisticsGroup.POST("/user/register", u.UserRegisterCount)
 		statisticsGroup.POST("/user/active", m.GetActiveUser)
@ -199,6 +199,13 @@ func GinParseToken(authRPC *rpcclient.Auth) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		switch c.Request.Method {
 		case http.MethodPost:
+			for _, wApi := range Whitelist {
+				if strings.HasPrefix(c.Request.URL.Path, wApi) {
+					c.Next()
+					return
+				}
+			}
+
 			token := c.Request.Header.Get(constant.Token)
 			if token == "" {
 				log.ZWarn(c, "header get token error", servererrs.ErrArgs.WrapMsg("header must have token"))
@ -218,3 +225,10 @@ func GinParseToken(authRPC *rpcclient.Auth) gin.HandlerFunc {
 		}
 	}
 }
+
+// Whitelist api not parse token
+var Whitelist = []string{
+	"/user/user_register",
+	"/auth/user_token",
+	"/auth/parse_token",
+}
--- a/pkg/common/config/config.go
+++ b/pkg/common/config/config.go
@ -348,6 +348,7 @@ type Share struct {
 	RpcRegisterName RpcRegisterName `mapstructure:"rpcRegisterName"`
 	IMAdminUserID   []string        `mapstructure:"imAdminUserID"`
 }
+
 type RpcRegisterName struct {
 	User           string `mapstructure:"user"`
 	Friend         string `mapstructure:"friend"`