小程序更新为token请求

go/gopath/src/fohow.com/apps/controllers/permit_controller/permit_controller.go

@@ -4,8 +4,8 @@ import (
 	"crypto/md5"
 	"encoding/hex"
 	"fmt"
-	"fohow.com/libs/lib_redis"
-	"strconv"
+	"fohow.com/apps/models/token_model"
+	"fohow.com/libs/tool"
 
 	// "math/rand"
 	// "crypto/md5"
@@ -32,8 +32,6 @@ import (
 	"fohow.com/cache"
 	// "fohow.com/libs/tool"
 	"fohow.com/libs/wx_mp"
-	// "fohow.com/libs/wx_open"
-	"fohow.com/libs/tool"
 )
 
 var (
@@ -55,11 +53,7 @@ func (self *PermitController) Init(ctx *context.Context, controllerName, actionN
 //小程序授权
 func (self *PermitController) XcxAuthorize() {
 	params := self.GetString("userinfo")
-
-	channel, _ := self.GetInt64("channel", 0)
-	//beego.BeeLogger.Warn("XcxAuthorize userinfo: %s", params)
-	inviteId, _ := self.GetInt64("invite_id", 0)
-	first := false
+	cache, _ := self.GetBool("cache", false)
 	//beego.BeeLogger.Warn("XcxAuthorize inviteId: %d", inviteId)
 	type UserInfo struct {
 		NickName  string `json:"nickName"`  // 用户的昵称
@@ -87,58 +81,70 @@ func (self *PermitController) XcxAuthorize() {
 		beego.BeeLogger.Error("XcxAuthorize err: %s, info:%s", err, info)
 		self.ReturnError(403, apps.ParamsError, "", nil)
 	}
-	//beego.BeeLogger.Warn("XcxAuthorize code: %s", info.Wxlogincode)
-
-	sessionKey, _ := self.GetSession(apps.XcxSessionKey).(string)
-	//beego.BeeLogger.Warn("sessionKey:%s", sessionKey)
-	type EncryptedData struct {
-		UnionId  string `json:"unionId"`
-		OpenId   string `json:"openId"`
-		NickName string `json:"nickName"`
-	}
-
-	if sessionKey == "" {
-		self.ReturnError(403, apps.UserNeedLogin, "", nil)
-	}
-	encryptedData := &EncryptedData{}
-	encryptedData.OpenId, encryptedData.UnionId = GetXcxLoginInfo(info.Wxlogincode)
-	/*
-		pc := helpers.WxBizDataCrypt{AppID: beego.AppConfig.String("WxFohowXcxAppId"), SessionKey: sessionKey}
-		beego.BeeLogger.Warn("EncryptedData:%s", info.EncryptedData)
-		beego.BeeLogger.Warn("Iv:%s", info.Iv)
-		result, err := pc.Decrypt(info.EncryptedData, info.Iv, true) //第三个参数解释： 需要返回 JSON 数据类型时 使用 true, 需要返回 map 数据类型时 使用 false
-		if err != nil {
-			beego.BeeLogger.Error("xcx XcxAuthorize descrypt failed, err:%s", err)
-			self.ReturnError(403, apps.XcxAuthorizeError, "", nil)
-		}
-		beego.BeeLogger.Warn("result:%v", result)
-		encryptedData := &EncryptedData{}
+	wxUser := self.GetCurrentWxUser(cache)
+	user := self.GetCurrentUser(cache)
+	if wxUser == nil {
+		self.ReturnError(401, apps.WxUserNotExist, "", nil)
+	}
+	//更新用户信息
+	wxUser.Nickname = info.UserInfo.NickName
+	wxUser.Sex = info.UserInfo.Gender
+	wxUser.City = info.UserInfo.City
+	wxUser.Province = info.UserInfo.Province
+	wxUser.Country = info.UserInfo.Country
+	wxUser.Save()
+	user.Nickname = wxUser.Nickname
+	user.Country = wxUser.Country
+	user.Province = wxUser.Province
+	user.City = wxUser.City
+	user.Sex = wxUser.Sex
+	user.Save()
 
-		json.Unmarshal([]byte(result.(string)), encryptedData)*/
+	beego.BeeLogger.Warn("XcxAuthorize wxUser after save() Nickname:%s, Sex:%s, City:%s, Province:%s, Country:%s ", wxUser.Nickname, wxUser.Sex, wxUser.City, wxUser.Province, wxUser.Country)
 
-	if encryptedData.UnionId == "" || encryptedData.OpenId == "" {
-		beego.BeeLogger.Error("encryptedData:%v", encryptedData)
-		self.ReturnError(403, apps.UserAuthorizeFailed, "", nil)
-	}
-	wxUser := user_model.GetWxUserByUnionid(encryptedData.UnionId, false)
-	ip := self.Ctx.Input.IP()
-	var user *user_model.User
-	if wxUser != nil && wxUser.UserId > 0 {
-		//查找已注册会员
-		user = user_model.GetUserById(wxUser.UserId, false)
-	} else {
-		//注册会员
-		user = user_model.Create("", ip)
+	// 如果微信用户已绑定手机，则找出userId，并且赋值给session[userId]
+	if wxUser != nil {
+		wxUser.UploadHead(info.UserInfo.AvatarUrl)
+		user.CopyWxUserHead(wxUser.Head)
 	}
-	if user == nil {
-		self.ReturnError(403, apps.RegisterUserError, "", nil)
+	type Ret struct {
+		Result bool               `json:"result"`
+		WxUser *user_model.WxUser `json:"wx_user"`
 	}
+	self.Data["json"] = &Ret{WxUser: wxUser, Result: true}
+	self.ServeJSON()
+}
 
+//小程序登录
+func (self *PermitController) XcxLogin() {
+	code := self.GetString("code")
+	inviteId, _ := self.GetInt64("invite_id", 0)
+	//beego.BeeLogger.Warn("XcxLogin code=%s", code)
+	if code == "" {
+		self.ReturnError(403, apps.ParamsRequired, "", nil)
+	}
+	appId := beego.AppConfig.String("WxFohowXcxAppId")
+	appSecret := beego.AppConfig.String("WxFohowXcxAppSecret")
+	key := wx_mp.GetXcxSessionKey(appId, appSecret, code)
+	if key == nil {
+		self.ReturnError(403, apps.XcxGetSessionKeyError, "", nil)
+	}
+	//beego.BeeLogger.Warn("XcxLogin key=%s", key)
+	wxUser := user_model.GetWxUserByUnionid(key.Unionid, false)
 	if wxUser != nil {
-		wxUser.Openid = encryptedData.OpenId
+		if len(wxUser.Head) > 0 {
+			wxUser.FullHead = self.GetFullImgUrl(wxUser.Head)
+		}
+		self.SetSession(apps.SessionWxUserKey, wxUser.Id)
+		self.SetSession(apps.SessionUserKey, wxUser.UserId)
 	} else {
-		//首次授权
-		first = true
+		//注册会员
+		ip := self.Ctx.Input.IP()
+		var user *user_model.User
+		//注册会员
+		user = user_model.Create("", ip)
+
+		//注册微信会员
 		introUserId := int64(1)
 		depart := int64(0)
 		if inviteId == int64(0) {
@@ -155,47 +161,32 @@ func (self *PermitController) XcxAuthorize() {
 			}
 			depart = inviter.Depart
 		}
-		wxUser = new(user_model.WxUser).QuickCreate(encryptedData.OpenId, encryptedData.UnionId, ip, channel, time.Now().Unix(), user.Id, inviteId, introUserId, depart)
-	}
-	user.Nickname = wxUser.Nickname
-	user.Country = wxUser.Country
-	user.Province = wxUser.Province
-	user.City = wxUser.City
-	user.Sex = wxUser.Sex
-	//参数第一，cookie第二
-	cId, _ := strconv.ParseInt(self.Ctx.GetCookie("sign_up_channel"), 10, 64)
-	user.SignupChannelId = cId
-	user.Save()
-	if user != nil {
-		self.SetSession(apps.SessionUserKey, user.Id)
-	}
-	//wxUser.UserId = user.Id
-	wxUser.Nickname = info.UserInfo.NickName
-	wxUser.Sex = info.UserInfo.Gender
-	wxUser.City = info.UserInfo.City
-	wxUser.Province = info.UserInfo.Province
-	wxUser.Country = info.UserInfo.Country
-	// beego.BeeLogger.Warn("XcxAuthorize wxUser before save() Nickname:%s, Sex:%s, City:%s, Province:%s, Country:%s ", wxUser.Nickname, wxUser.Sex, wxUser.City, wxUser.Province, wxUser.Country)
-	wxUser.Save()
-	beego.BeeLogger.Warn("XcxAuthorize wxUser after save() Nickname:%s, Sex:%s, City:%s, Province:%s, Country:%s ", wxUser.Nickname, wxUser.Sex, wxUser.City, wxUser.Province, wxUser.Country)
-
-	if wxUser != nil {
+		wxUser = new(user_model.WxUser).QuickCreate(key.Openid, key.Unionid, ip, user.Id, inviteId, introUserId, depart)
 		self.SetSession(apps.SessionWxUserKey, wxUser.Id)
-	}
-	//赠送积分
-	if first {
-		//go wxUser.UploadHead(info.UserInfo.AvatarUrl)
-		wxUser.UploadHead(info.UserInfo.AvatarUrl)
-		go user.XcxPermitUploadHead(info.UserInfo.AvatarUrl)
+		self.SetSession(apps.SessionUserKey, wxUser.UserId)
+		//赠送积分
 		go helpers.SendCent(wxUser.Id, inviteId)
 	}
-	// 如果微信用户已绑定手机，则找出userId，并且赋值给session[userId]
-	if wxUser != nil && wxUser.UserId > 0 {
-		user := user_model.GetUserById(wxUser.UserId, false)
-		user.CopyWxUserHead(wxUser.Head)
-		self.SetSession(apps.SessionUserKey, wxUser.UserId)
+	self.SetSession(apps.XcxSessionKey, key.SessionKey)
+	//beego.BeeLogger.Warn("XcxLogin SessionKey=%s", key.SessionKey)
+	if self.CruSession == nil {
+		self.ReturnError(401, apps.NoExist, "", nil)
+	}
+	//更新会员token
+	var jwtUser token_model.JwtUser
+	jwtUser.Id = wxUser.Id
+	token, err := token_model.GenerateToken(&jwtUser, 0)
+	if err != nil {
+		self.ReturnError(401, apps.TokenError, "", nil)
+	}
+
+	sId := self.CruSession.SessionID()
+	type Ret struct {
+		TokenKey   string             `json:"token"`
+		SessionKey string             `json:"session_key"`
+		WxUser     *user_model.WxUser `json:"wx_user"`
 	}
-	self.Data["json"] = encryptedData
+	self.Data["json"] = &Ret{SessionKey: sId, WxUser: wxUser, TokenKey: token}
 	self.ServeJSON()
 }
 
@@ -241,106 +232,6 @@ func (self *PermitController) SaveWxuserInfo() {
 	self.ServeJSON()
 }
 
-//小程序登录
-func (self *PermitController) XcxLogin() {
-	code := self.GetString("code")
-
-	//beego.BeeLogger.Warn("XcxLogin code=%s", code)
-
-	if code == "" {
-		self.ReturnError(403, apps.ParamsRequired, "", nil)
-	}
-	appId := beego.AppConfig.String("WxFohowXcxAppId")
-	appSecret := beego.AppConfig.String("WxFohowXcxAppSecret")
-	key := wx_mp.GetXcxSessionKey(appId, appSecret, code)
-	if key == nil {
-		self.ReturnError(403, apps.XcxGetSessionKeyError, "", nil)
-	}
-	//beego.BeeLogger.Warn("XcxLogin key=%s", key)
-	//beego.BeeLogger.Warn("XcxLogin key=%s, key.Openid=%s", key, key.Openid)
-	//beego.BeeLogger.Warn("XcxLogin key=%s, key.Unionid=%s", key, key.Unionid)
-
-	wxUser := user_model.GetByOpenid(key.Openid, false)
-	//beego.BeeLogger.Warn("XcxLogin key=[%s], key.Openid=[%s], wxUser= [%s]", key, key.Openid, wxUser)
-
-	if wxUser != nil {
-		wxUser.FullHead = self.GetFullImgUrl(wxUser.Head)
-		self.SetSession(apps.SessionWxUserKey, wxUser.Id)
-	}
-
-	// 如果微信用户已绑定手机，则找出userId，并且赋值给session[userId]
-	if wxUser != nil && wxUser.UserId > 0 {
-		self.SetSession(apps.SessionUserKey, wxUser.UserId)
-	}
-
-	self.SetSession(apps.XcxSessionKey, key.SessionKey)
-	//beego.BeeLogger.Warn("XcxLogin SessionKey=%s", key.SessionKey)
-	if self.CruSession == nil {
-		self.ReturnError(200, apps.NoExist, "", nil)
-	}
-	//设置code对应的 redis openId unionId 值
-	openid_key := lib_redis.GetOpenIdRedisKey(code)
-	unionid_key := lib_redis.GetUnionIdRedisKey(code)
-	lib_redis.SetRedisValue(openid_key, key.Openid, time.Duration(30*60)*time.Second)
-	lib_redis.SetRedisValue(unionid_key, key.Unionid, time.Duration(30*60)*time.Second)
-
-	sId := self.CruSession.SessionID()
-	// beego.BeeLogger.Warn("XcxLogin sId=%s", sId)
-	type Ret struct {
-		SessionKey string             `json:"session_key"`
-		WxUser     *user_model.WxUser `json:"wx_user"`
-	}
-	self.Data["json"] = &Ret{SessionKey: sId, WxUser: wxUser}
-
-	self.ServeJSON()
-}
-
-//小程序登录
-func GetXcxLoginInfo(code string) (openId, unionId string) {
-	openid_key := lib_redis.GetOpenIdRedisKey(code)
-	unionid_key := lib_redis.GetUnionIdRedisKey(code)
-
-	_, openid := lib_redis.GetSimpleValue(openid_key)
-	_, unionid := lib_redis.GetSimpleValue(unionid_key)
-
-	return openid, unionid
-}
-
-//生成订单ID
-func createUnionId(prefix string) string {
-	n := time.Now().Format("20060102150405")
-	u := uuid.NewV4().String()
-	c := strings.Split(u, "-")
-	oId := strings.ToUpper(fmt.Sprintf("%s%s%s", prefix, n, c[0]))
-	beego.BeeLogger.Info("createUnionId=%s", oId)
-	return oId
-}
-
-func (self *PermitController) XcxTest() {
-	wxUser := self.GetCurrentWxUser(true)
-	self.Data["json"] = wxUser
-	self.ServeJSON()
-}
-
-// // 统一登录路径
-// // 该接口尽量不被前端调用，供服务器开发者使用
-// func (self *PermitController) Login() {
-// 	cb := self.GetString("cb")
-// 	url := ""
-// 	if self.IsWxClient() {
-// 		url = fmt.Sprintf("%s/login/mp?cb=%s", beego.AppConfig.String("ApiHost"), cb)
-// 	}
-// 	self.Redirect(url, 302)
-// 	return
-// }
-
-// // 退出登录
-// func (self *PermitController) Logout() {
-// 	self.DelSession(apps.SessionUserKey)
-// 	self.DelSession(apps.SessionWxUserKey)
-// 	self.ReturnError(200, apps.HasLogout, "", nil)
-// }
-
 //公众号静默授权回调
 func (self *PermitController) AfterWxMpAuth() {
 	// beego.BeeLogger.Warn("AfterWxMpAuth........")
@@ -388,52 +279,6 @@ func (self *PermitController) AfterWxMpAuth() {
 	self.ServeJSON()
 }
 
-// //公众号静默授权
-// func (self *PermitController) WxMpAuth() {
-// 	// beego.BeeLogger.Warn("WxMpAuth.......")
-// 	if !self.IsWxClient() {
-// 		self.ReturnError(403, apps.NotWeixinClient, "", nil)
-// 	}
-// 	_id := self.Ctx.Input.Param(":id")
-// 	cb := self.GetString("cb")
-// 	id, _ := strconv.ParseInt(_id, 10, 64)
-// 	gzh := wx_gongzhonghao_model.GetGZHById(id, true)
-// 	if gzh == nil {
-// 		self.ReturnError(403, apps.GongZhongHaoNoExist, "", nil)
-// 	}
-// 	appId := gzh.AppId
-// 	u := strings.Split(uuid.NewV4().String(), "-")[0]
-// 	state := fmt.Sprintf("AuthCb[%s]", u)
-// 	cache.Cache.Put(state, cb, 60*time.Second)
-// 	redirectURI := fmt.Sprintf("%s/auth/mp/%d/after",
-// 		beego.AppConfig.String("ApiHost"), gzh.Id)
-// 	scope := "snsapi_base"
-// 	url := wx_mp.AuthCodeURL(appId, redirectURI, scope, state)
-// 	// beego.BeeLogger.Warn("wx mp auth, redirect url: %s", url)
-// 	self.Redirect(url, 302)
-// }
-
-// //check是否授权过某个公众号
-// func (self *PermitController) CheckWxAuth() {
-// 	_gId := self.Ctx.Input.Param(":id")
-// 	gId, _ := strconv.ParseInt(_gId, 10, 64)
-// 	gzh := wx_gongzhonghao_model.GetGZHById(gId, true)
-// 	type Ret struct {
-// 		IsAuth int64 `json:"is_auth"`
-// 	}
-// 	var auth int64 = 0
-// 	wxUser := self.GetCurrentWxUser(true)
-// 	if gzh != nil {
-// 		authWxUser := user_model.GetAuthWxUserByMpIdAndUnionId(gzh.WxHao, wxUser.Unionid, false)
-// 		if authWxUser != nil {
-// 			auth = 1
-// 		}
-// 	}
-// 	// beego.BeeLogger.Warn("check auth: %v", auth)
-// 	self.Data["json"] = &Ret{IsAuth: auth}
-// 	self.ServeJSON()
-// }
-
 // 微信公众号平台登录
 func (self *PermitController) WxMpLogin() {
 	cb := self.GetString("cb")

go/gopath/src/fohow.com/apps/init.go

@@ -42,6 +42,7 @@ var (
 	ShopNoRepit           = []string{"shopNoRepit", "请勿重复申请"}
 	NoCart                = []string{"noCart", "请选择您需要结算的产品"}
 	NoExist               = []string{"noExist", "该记录不存在"}
+	TokenError            = []string{"tokenError", "生成令牌出错"}
 	HasOver               = []string{"hasOver", "已结束"}
 	NoShopSale            = []string{"noShopSale", "该商品非专区商品"}
 	HasPaied              = []string{"hasPaied", "已支付"}
@@ -267,70 +268,7 @@ func (self *BaseController) GetCurrentWxUser(useCache bool) *user_model.WxUser {
 	return u
 }
 
-// //检查是否是邀请注册，绑定上下级关系, 发送微信通知。使用范围：注册、绑定手机、拉新专题
-// func (self *BaseController) CheckInviteBinding(user *user_model.User) {
-// 	if user == nil {
-// 		return
-// 	}
-// 	//邀请注册，绑定关系
-// 	inviteKey := beego.AppConfig.String("InviteName")
-// 	inviterId := self.Ctx.GetCookie(inviteKey)
-// 	if inviterId != "" {
-// 		id, err := strconv.ParseInt(inviterId, 10, 64)
-// 		if err == nil {
-// 			inviter := user_model.GetUserById(id, true)
-// 			if inviter != nil && user.InviteId == 0 {
-// 				//绑定关系
-// 				user.InviteId = id
-// 				go user.Save()
-// 				//增加邀请收益统计记录, 记录注册用户的ip
-// 				ip := self.Ctx.Input.IP()
-// 				new(user_model.UserInviteBenefitStat).Create(user.Id, user.InviteId,
-// 					1, 0, time.Now(), ip)
-// 				//给邀请人发邀请成功的通知
-// 				WxInviter := user_model.GetWxUserByUserId(inviter.Id, true)
-// 				if WxInviter != nil {
-// 					//给邀请人发注册成功通知
-// 					openId := WxInviter.MpOpenid
-// 					url := fmt.Sprintf("%s/v1/cfc/36", beego.AppConfig.String("ApiHost"))
-// 					title := "有人通过您的邀请，并成功注册\n"
-// 					telwStar := tool.ReplaceTelMid4(inviter.Tel)
-// 					nickName, account := telwStar, telwStar
-// 					if user.Nickname != "" {
-// 						nickName = user.Nickname
-// 					}
-// 					cTime := inviter.CreatedAt.Format("2006-01-02 15:04:05")
-// 					remark := "\n点击详情，可以看一看TA"
-// 					wx_mp.TmplmsgInviteSignUp(openId, url, title, nickName, account, cTime, remark)
-// 				}
-// 				//给新人发红包，并发通知
-// 				c := int64(user_model.BenefitNewUser)
-// 				s := balance_model.BALANCE_SOURCE_SIGN_UP_ONLINE
-// 				remark := balance_model.BALANCE_SOURCE_SIGN_UP_ONLINE_NAME
-// 				rId := ""
-// 				balance := new(balance_model.Balance).Create(user.Id, c, s, rId, remark, 1)
-// 				if balance != nil {
-// 					wxUser := user_model.GetWxUserByUserId(user.Id, true)
-// 					//发送红包的通知
-// 					if wxUser != nil {
-// 						openId := wxUser.MpOpenid
-// 						url := fmt.Sprintf("%s/v1/cfc/37", beego.AppConfig.String("ApiHost"))
-// 						first := "注册成功，返现金额已到账\n"
-// 						count := fmt.Sprintf("%0.2f 元", float64(c)/100.0)
-// 						//新用户，余额是0
-// 						leftAmount := c //balance_model.GetUserTotalBalance(user.Id)
-// 						balance := fmt.Sprintf("%0.2f 元", float64(leftAmount)/100.0)
-// 						ctime := time.Now().Format("2006-01-02 15:04:05")
-// 						remark := "\n点击立即提现>"
-// 						wx_mp.TmplmsgBalanceChange(openId, url, first, ctime, count, balance, remark)
-// 					}
-// 				}
-// 			}
-// 		}
-// 	}
-// }
-
-//检验是否需要关注
+
 //sceneId, 关注场景id
 func (self *BaseController) CheckWxUserSubscribe(sceneId int64) {
 	beego.BeeLogger.Info("check wx_user subscribe")
@@ -368,100 +306,67 @@ func (self *BaseController) CheckWxUserSubscribe(sceneId int64) {
 }
 
 func checkWxUserLogin(ctx *context.Context) {
-	// TODO : 整个项目也应该更加适合采用 token 机制
-	beego.BeeLogger.Info("check wx_user login")
-	if !isWxClient(ctx) {
-		//return
-	}
 	wxUserId, ok := ctx.Input.Session(SessionWxUserKey).(int64)
-
-	beego.BeeLogger.Warn("------wxUserId %d", wxUserId)
+	beego.BeeLogger.Warn("check wx_user wxUserId %d", wxUserId)
 	if ok {
 		_, ok := ctx.Input.Session(SessionUserKey).(int64)
 		if !ok {
 			// 如果微信用户登录了，且有绑定了user，则设置用户登录
 			wxUser := user_model.GetWxUserById(wxUserId, true)
-			beego.BeeLogger.Warn("wx_user has login, ", wxUser)
+			//beego.BeeLogger.Warn("wx_user has login, ", wxUser)
 			if wxUser != nil && int(wxUser.UserId) > 0 {
 				ctx.Output.Session(SessionUserKey, wxUser.UserId)
 			}
 		}
 	} else {
-		// beego.BeeLogger.Warn("---------------%v", ctx.Input.IsAjax())
-		// beego.BeeLogger.Warn("---------------%s", ctx.Input)
-		// if ctx.Input.IsAjax() {
-
-		beego.BeeLogger.Info("show the request : %s from UserAgent: %s", ctx.Input.URI(), ctx.Input.UserAgent())
-		uri := ctx.Input.URI()
-		//外链进来需要自动登录
-		if strings.Contains(uri, "/v1/cfc/") && isWxClient(ctx) {
-
-			// 微信用户自动登录
-			url := fmt.Sprintf("%s/login/mp?cb=%s%s",
-				beego.AppConfig.String("ApiHost"),
-				ctx.Input.Site(), ctx.Input.URI())
-			ctx.Redirect(302, url)
-			return
-
-		} else {
-			// app 带token登录，需检测 token 是否合法
-			var inputToken string
-			beego.BeeLogger.Warn("request authorizationData : %s", ctx.Request.Header.Get("Authorization"))
-
-			requestAuthordata := ctx.Request.Header.Get("Authorization")
-			if len(requestAuthordata) > 0 {
-				authorizationData := strings.SplitN(ctx.Request.Header.Get("Authorization"), " ", 2)
-				if len(authorizationData) != 2 {
-					errCode := &ErrCode{
-						Code:     UserNeedLogin[0],
-						Msg:      UserNeedLogin[1],
-						Redirect: "",
-						Data:     nil,
-					}
-					//换成userNeedLogin
-					ctx.Output.SetStatus(403)
-					ctx.Output.JSON(errCode, true, true)
-				}
-				inputToken = authorizationData[1]
-				var wxUser *user_model.WxUser
-				var user *user_model.User
-				user_token, err := token_model.ValidateToken(inputToken)
-				if err == nil {
-					user = user_model.GetByTel(user_token.Tel, true)
-				}
-
-				if err != nil || user == nil {
-					// 验证 Token 无效
-					errCode := &ErrCode{
-						Code:     UserNeedLogin[0],
-						Msg:      UserNeedLogin[1],
-						Redirect: "",
-						Data:     nil,
-					}
-					ctx.Output.SetStatus(403)
-					ctx.Output.JSON(errCode, true, true)
-
-				} else {
-					wxUser = user_model.GetWxUserByUserId(user.Id, true)
-
-					ctx.Output.Session(SessionUserKey, wxUser.UserId)
-					ctx.Output.Session(SessionWxUserKey, wxUser.Id)
+		//beego.BeeLogger.Info("show the request : %s from UserAgent: %s", ctx.Input.URI(), ctx.Input.UserAgent())
+		//检测 token 是否合法
+		var inputToken string
+		beego.BeeLogger.Warn("request authorizationData : %s", ctx.Request.Header.Get("Authorization"))
+		requestAuthordata := ctx.Request.Header.Get("Authorization")
+		if len(requestAuthordata) > 0 {
+			authorizationData := strings.SplitN(ctx.Request.Header.Get("Authorization"), " ", 2)
+			if len(authorizationData) != 2 {
+				errCode := &ErrCode{
+					Code:     UserNeedLogin[0],
+					Msg:      UserNeedLogin[1],
+					Redirect: "",
+					Data:     nil,
 				}
-
-			} else {
+				//换成userNeedLogin
+				ctx.Output.SetStatus(403)
+				ctx.Output.JSON(errCode, true, true)
+			}
+			inputToken = authorizationData[1]
+			var wxUser *user_model.WxUser
+			user_token, err := token_model.ValidateToken(inputToken)
+			if err != nil {
+				beego.BeeLogger.Warn("token error : %v", err)
+				// 验证 Token 无效
 				errCode := &ErrCode{
 					Code:     UserNeedLogin[0],
 					Msg:      UserNeedLogin[1],
 					Redirect: "",
 					Data:     nil,
 				}
-				ctx.Output.SetStatus(401)
+				ctx.Output.SetStatus(403)
 				ctx.Output.JSON(errCode, true, true)
-				return
+			}else{
+				wxUser = user_model.GetWxUserById(user_token.Id, true)
+				ctx.Output.Session(SessionUserKey, wxUser.UserId)
+				ctx.Output.Session(SessionWxUserKey, wxUser.Id)
 			}
-
+		} else {
+			errCode := &ErrCode{
+				Code:     UserNeedLogin[0],
+				Msg:      UserNeedLogin[1],
+				Redirect: "",
+				Data:     nil,
+			}
+			ctx.Output.SetStatus(401)
+			ctx.Output.JSON(errCode, true, true)
+			return
 		}
-
 	}
 }
 
@@ -523,7 +428,7 @@ func CheckIsInvokeFromRailsAdmin(ctx *context.Context) {
 }
 
 func (self *BaseController) Prepare() {
-	beego.BeeLogger.Info("invote controller Prepare func")
+	//beego.BeeLogger.Info("invote controller Prepare func")
 	needChkWxUserLogin := true
 	//needChkUserLogin := true
 	// needChkWxUserSubscribe := false

go/gopath/src/fohow.com/apps/models/token_model/token.go

@@ -7,17 +7,15 @@ import (
 	"time"
 )
 
-type User struct {
-	Id   int64  `json:"id"`
-	Tel  string `json:"tel"`
-	Name string `json:"json"`
+type JwtUser struct {
+	Id int64 `json:"id"`
 }
 
 // JWT -- json web token
 // HEADER PAYLOAD SIGNATURE
 // This struct is the PAYLOAD
 type MyCustomClaims struct {
-	User
+	JwtUser
 	jwt.StandardClaims
 }
 
@@ -37,10 +35,10 @@ func RefreshToken(tokenString string) (string, error) {
 	mySigningKey := []byte(KEY)
 	expireAt := time.Now().Add(time.Second * time.Duration(DEFAULT_EXPIRE_SECONDS)).Unix()
 	newClaims := MyCustomClaims{
-		claims.User,
+		claims.JwtUser,
 		jwt.StandardClaims{
 			ExpiresAt: expireAt,
-			Issuer:    claims.User.Name,
+			Issuer:    "",
 			IssuedAt:  time.Now().Unix(),
 		},
 	}
@@ -55,7 +53,7 @@ func RefreshToken(tokenString string) (string, error) {
 }
 
 //验证jtw token
-func ValidateToken(tokenString string) (info User, err error) {
+func ValidateToken(tokenString string) (info JwtUser, err error) {
 	token, err := jwt.ParseWithClaims(
 		tokenString,
 		&MyCustomClaims{},
@@ -65,7 +63,7 @@ func ValidateToken(tokenString string) (info User, err error) {
 	if claims, ok := token.Claims.(*MyCustomClaims); ok && token.Valid {
 		//fmt.Printf("%v %v", claims.User, claims.StandardClaims.ExpiresAt)
 		//fmt.Println("token will be expired at ", time.Unix(claims.StandardClaims.ExpiresAt, 0))
-		info = claims.User
+		info = claims.JwtUser
 	} else {
 		beego.BeeLogger.Error("validate tokenString failed !!!:%v", err)
 	}
@@ -73,7 +71,7 @@ func ValidateToken(tokenString string) (info User, err error) {
 }
 
 //获取jwt token
-func GenerateToken(info *User, expiredSeconds int) (tokenString string, err error) {
+func GenerateToken(info *JwtUser, expiredSeconds int) (tokenString string, err error) {
 	if expiredSeconds == 0 {
 		expiredSeconds = DEFAULT_EXPIRE_SECONDS
 	}
@@ -88,7 +86,7 @@ func GenerateToken(info *User, expiredSeconds int) (tokenString string, err erro
 		user,
 		jwt.StandardClaims{
 			ExpiresAt: expireAt,
-			Issuer:    user.Name,
+			Issuer:    "",
 			IssuedAt:  time.Now().Unix(),
 		},
 	}

go/gopath/src/fohow.com/apps/models/user_model/wx_user.go

@@ -75,17 +75,16 @@ func (self *WxUser) TableName() string {
 	return wx_users_tablename
 }
 
-func (self *WxUser) QuickCreate(openid, unionid, ip string, channel, lastConversationAt, userId, inviteId, introUserId, depart int64) *WxUser {
+func (self *WxUser) QuickCreate(openid, unionid, ip string, userId, inviteId, introUserId, depart int64) *WxUser {
 	item := &WxUser{
-		UserId:             userId,
-		Openid:             openid,
-		Unionid:            unionid,
-		SignupIp:           ip,
-		ChannelQrcodeId:    channel,
-		IntroUserId:        introUserId,
-		InviteId:           inviteId,
-		Depart:             depart,
-		LastConversationAt: lastConversationAt}
+		UserId:      userId,
+		Openid:      openid,
+		Unionid:     unionid,
+		SignupIp:    ip,
+		IntroUserId: introUserId,
+		InviteId:    inviteId,
+		Depart:      depart,
+	}
 	id, err := orm.NewOrm().Insert(item)
 	if err != nil {
 		beego.BeeLogger.Error("QuickCreate WxUser err=[%s]", err)