diff --git a/music-room-test.conf b/music-room-test.conf index ca9ef67..13da12b 100644 --- a/music-room-test.conf +++ b/music-room-test.conf @@ -49,6 +49,7 @@ server { # ➤ sudo chown (whoami) /usr/local/file_upload set $tmp_file_dir "/usr/local/file_upload"; # 文件存储路径 set $task_server "http://127.0.0.1:8080"; # task server host + set $hty_uc_host "http://127.0.0.1:8088"; #htyuc host #set $resty_loc "/usr/local/openresty"; diff --git a/upload.lua b/upload.lua index f9f734b..a80fa8b 100644 --- a/upload.lua +++ b/upload.lua @@ -2,6 +2,7 @@ local upload = require "resty.upload" local uuid = require "resty.jit-uuid" local cjson = require "cjson" local jwt = require "resty.jwt" +local redis = require "resty.redis" local chunk_size = 4096 local form = upload:new(chunk_size) @@ -13,11 +14,27 @@ TaskTypes = { } local task_server = ngx.var.task_server +local hty_uc_host = ngx.var.hty_uc_host local file_dir = ngx.var.tmp_file_dir local file local file_name local files = {} +local http = require "resty.http" +local httpc = http.new() + +---- Redis init +------ Connect to redis +-- local redis_task_database = redis:new() + +-- redis_task_database:set_timeouts(1000, 1000, 1000) + +-- local ok, error = redis_task_database:connect("127.0.0.1", 6379) +-- if not ok then +-- ngx.log(ngx.ERR, "Fail to connect redis: ", error) +-- ngx.exit(500) +-- end + function LuaReomve(str,remove) local lcSubStrTab = {} while true do @@ -43,7 +60,45 @@ function LuaReomve(str,remove) return lcMergeStr end + +function VerifyJwtToken(encrypted_token) + + local http = require "resty.http" + local httpc = http.new() + local remote_url = string.format( "%s/api/v1/uc/verify_jwt_token", hty_uc_host) + + ngx.log(ngx.INFO, 'htyuc remote_url -> ', remote_url) + -- ngx.log(ngx.INFO, 'Authorization -> ', encrypted_token) + + local res, err = httpc:request_uri( + remote_url, + { + method = "POST", + headers = { + ["Host"] = "test.localhost", + ["Authorization"] = encrypted_token, + }, + } + ) + + if not res then + ngx.status = ngx.HTTP_UNAUTHORIZED + ngx.header.content_type = "application/json; charset=utf-8" + ngx.log(ngx.ERR, "Jwt token verify request error ! ") + ngx.exit(ngx.HTTP_UNAUTHORIZED) + else + if 200 ~= res.status then + ngx.log(ngx.ERR, "Jwt token verify error ! ", err) + ngx.exit(res.status) + end + end + + ngx.log(ngx.INFO, "Jwt token verify ok .") + +end + function DecoderJwtToken(encrypted_token) + local jwt_key = "0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE" local jwt_obj = jwt:verify(jwt_key, encrypted_token) if jwt_obj.verified == false then @@ -78,17 +133,20 @@ while true do local authorization = ngx.req.get_headers().Authorization if authorization then ngx.log(ngx.INFO, 'Check request authorization Authorization -> ', authorization) - DecoderJwtToken(authorization) + -- local htytoken = DecoderJwtToken(authorization) + VerifyJwtToken(authorization) else ngx.log(ngx.ERR, 'Request header no authorization ! ') ngx.status = 500 ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) end - local authorization = ngx.req.get_headers()["HtySudoerToken"] + local authorization = ngx.req.get_headers().HtySudoerToken if authorization then ngx.log(ngx.INFO, 'Check request authorization HtySudoerToken -> ', authorization) - DecoderJwtToken(authorization) + -- local htytoken = DecoderJwtToken(authorization) + VerifyJwtToken(authorization) + else ngx.log(ngx.ERR, 'Request header no hty sudoer token ! ') ngx.status = 500 @@ -130,8 +188,7 @@ while true do file_name = nil file = nil elseif typ == "eof" then - local http = require "resty.http" - local httpc = http.new() + local remote_url = string.format("%s/api/v1/ts/create_task", task_server) ngx.log(ngx.INFO, 'remote_url -> ', remote_url)