3 săptămâni în urmă · 2906933b6d
--- a/controllers/base_auth.go
+++ b/controllers/base_auth.go
@@ -101,6 +101,12 @@ func (c *BaseAuthController) Prepare() {
 
				 				c.StopRun()
			
 
				 				return
			
 
				 			}
			
 
				+
			
 
				+			// 有操作则延续token
			
 
				+			utils.Rc.Put(loginKey, "1", utils.LoginCacheTime*time.Minute)
			
 
				+			noTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN_NO_TRUST, sysUser.SysUserId)
			
 
				+			utils.Rc.Put(noTrustLoginKey, session.SysSessionId, utils.LoginCacheTime*time.Minute)
			
 
				+
			
 
				 			c.SysUser = sysUser
			
 
				 			c.Session = session
			
 
				 
			
@@ -126,11 +132,11 @@ func (c *BaseAuthController) Prepare() {
 
				 			for _, s := range apis {
			
 
				 				apiMap[s] = true
			
 
				 			}
			
 
				-			//if !apiMap[uri] && !utils.NoAuthApiMap[uri] {
			
 
				-			//	c.JSON(models.BaseResponse{Ret: 403, Msg: "无权访问！", ErrMsg: "无权访问！"}, false, false)
			
 
				-			//	c.StopRun()
			
 
				-			//	return
			
 
				-			//}
			
 
				+			if !apiMap[uri] && !utils.NoAuthApiMap[uri] {
			
 
				+				c.JSON(models.BaseResponse{Ret: 403, Msg: "无权访问！", ErrMsg: "无权访问！"}, false, false)
			
 
				+				c.StopRun()
			
 
				+				return
			
 
				+			}
			
 
				 		}
			
 
				 	}
			
 
				 }
			
--- a/controllers/user_login.go
+++ b/controllers/user_login.go
@@ -93,12 +93,12 @@ func (this *UserLoginController) Login() {
 
				 	fmt.Println("noTrustLoginId:", noTrustLoginId)
			
 
				 	if noTrustLoginId != `` { // 如果存在不可信设备，那么将其下架
			
 
				 		oldNoTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, noTrustLoginId)
			
 
				-		utils.Rc.Put(oldNoTrustLoginKey, "0", time.Hour*24)
			
 
				+		utils.Rc.Put(oldNoTrustLoginKey, "0", utils.LoginCacheTime*time.Minute)
			
 
				 	}
			
 
				 	// 设置redis缓存，记录用户登录态
			
 
				 	loginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, sysSession.SysSessionId)
			
 
				-	utils.Rc.Put(loginKey, "1", time.Hour*24)
			
 
				-	utils.Rc.Put(noTrustLoginKey, sysSession.SysSessionId, time.Hour*24*60)
			
 
				+	utils.Rc.Put(loginKey, "1", utils.LoginCacheTime*time.Minute)
			
 
				+	utils.Rc.Put(noTrustLoginKey, sysSession.SysSessionId, utils.LoginCacheTime*time.Minute)
			
 
				 
			
 
				 	br.Data = resp
			
 
				 	br.Ret = 200
			
--- a/utils/constants.go
+++ b/utils/constants.go
@@ -8,8 +8,8 @@ const (
 
				 )
			
 
				 
			
 
				 const (
			
 
				-	CACHE_ACCESS_TOKEN_LOGIN          = "pc_eta_min_crm:login:"          //管理后台登录
			
 
				-	CACHE_ACCESS_TOKEN_LOGIN_NO_TRUST = "pc_eta_min_crm:login:no_trust:" //管理后台登录（不可信登录态）
			
 
				+	CACHE_ACCESS_TOKEN_LOGIN          = "pc_eta_min_crm_jr:login:"          //管理后台登录
			
 
				+	CACHE_ACCESS_TOKEN_LOGIN_NO_TRUST = "pc_eta_min_crm_jr:login:no_trust:" //管理后台登录（不可信登录态）
			
 
				 )
			
 
				 
			
 
				 // 手机号，电子邮箱正则
			
@@ -52,15 +52,12 @@ const (
 
				 	STORAGESOURCE_MINIO_NAME = "minio"
			
 
				 )
			
 
				 
			
 
				-// 免验证接口
			
 
				+// NoAuthApiMap 免验证接口
			
 
				 var NoAuthApiMap = map[string]bool{
			
 
				 	"/role/menu/buttons":      true,
			
 
				 	"/role/menu/list":         true,
			
 
				 	"/department/list":        true,
			
 
				 	"/sys_user/reset_my_pass": true,
			
 
				-	//"/chart_permission/list":  true,
			
 
				-	//"/user/change_list":       true,
			
 
				-	//"/classify/list":          true,
			
 
				 	"/seller/list":            true,
			
 
				 	"/seller/department/list": true,
			
 
				 }
			
@@ -70,3 +67,5 @@ var APPNAME string = "金瑞CRM"
 
				 var AreaCodeMainland = "86" // 大陆区号
			
 
				 
			
 
				 var AdminRoleId = 1 // 超管角色ID
			
 
				+
			
 
				+const LoginCacheTime = 60 // 登录缓存时长, 分钟