Finish HytSudoerToken login check

upload.lua

@@ -3,8 +3,6 @@ local uuid      = require "resty.jit-uuid"
 local cjson     = require "cjson"
 local jwt       = require "resty.jwt"
 
-
-
 local chunk_size = 4096
 local form = upload:new(chunk_size)
 uuid.seed()
@@ -20,8 +18,6 @@ local file
 local file_name
 local files = {}
 
-local jwt_key = "0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE"
-
 function LuaReomve(str,remove)
     local lcSubStrTab = {}
     while true do
@@ -47,6 +43,29 @@ function LuaReomve(str,remove)
     return lcMergeStr
 end
 
+function DecoderJwtToken(encrypted_token)
+    local jwt_key = "0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE0xCAFEBABE"
+    local jwt_obj = jwt:verify(jwt_key, encrypted_token)
+    if jwt_obj.verified == false then
+        ngx.log(ngx.WARN, "Invalid token: ".. jwt_obj.reason)
+        ngx.status = ngx.HTTP_UNAUTHORIZED
+        ngx.header.content_type = "application/json; charset=utf-8"
+        ngx.say(cjson.encode(jwt_obj))
+        ngx.exit(ngx.HTTP_UNAUTHORIZED)
+    end
+
+    ngx.log(ngx.INFO, "JWT: " .. cjson.encode(jwt_obj))
+    ngx.log(ngx.INFO, "jwt object : payload : sub " .. jwt_obj.payload.sub)
+
+    local htytoken = cjson.decode(jwt_obj.payload.sub)
+    ngx.log(ngx.INFO, "htytoken : token_id " .. htytoken.token_id)
+    ngx.log(ngx.INFO, "htytoken : hty_id " .. htytoken.hty_id)
+    --ngx.log(ngx.INFO, "htytoken : app_id " .. htytoken.app_id)
+    ngx.log(ngx.INFO, "htytoken : ts " .. htytoken.ts)
+    --ngx.log(ngx.INFO, "htytoken : roles " .. htytoken.roles)
+
+    return htytoken
+end
 
 while true do
     local typ, res, err = form:read()
@@ -56,38 +75,10 @@ while true do
         return
     end
 
-    local authorization = ngx.req.get_headers()["Authorization"]
+    local authorization = ngx.req.get_headers().Authorization
     if authorization then
-        ngx.log(ngx.INFO, 'Check request authorization Authorization -> ', ngx.req.get_headers().Authorization)
+        ngx.log(ngx.INFO, 'Check request authorization Authorization -> ', authorization)
-
+        DecoderJwtToken(authorization)
-        local jwt_obj = jwt:verify(jwt_key, authorization)
-        if jwt_obj.verified == false then
-            ngx.log(ngx.WARN, "Invalid token: ".. jwt_obj.reason)
-
-            ngx.status = ngx.HTTP_UNAUTHORIZED
-            ngx.header.content_type = "application/json; charset=utf-8"
-            ngx.say(cjson.encode(jwt_obj))
-            ngx.exit(ngx.HTTP_UNAUTHORIZED)
-        end
-
-        ngx.log(ngx.INFO, "JWT: " .. cjson.encode(jwt_obj))
-
-        local jwt_payload_sub = jwt_obj.payload.sub
-
-        ngx.log(ngx.INFO, "jwt object : payload : sub " .. jwt_payload_sub)
-
-        local temp_string = LuaReomve(jwt_payload_sub,"\\")
-
-        ngx.log(ngx.INFO, "temp_string is " .. temp_string)
-
-        local htytoken = cjson.decode(temp_string)
-
-        ngx.log(ngx.INFO, "htytoken : token_id " .. htytoken.token_id)
-        ngx.log(ngx.INFO, "htytoken : hty_id " .. htytoken.hty_id)
-        --ngx.log(ngx.INFO, "htytoken : app_id " .. htytoken.app_id)
-        ngx.log(ngx.INFO, "htytoken : ts " .. htytoken.ts)
-        --ngx.log(ngx.INFO, "htytoken : roles " .. htytoken.roles)
-
     else
         ngx.log(ngx.ERR, 'Request header no authorization ! ')
         ngx.status = 500
@@ -96,7 +87,8 @@ while true do
 
     local authorization = ngx.req.get_headers()["HtySudoerToken"]
     if authorization then
-        ngx.log(ngx.INFO, 'Check request authorization HtySudoerToken -> ', ngx.req.get_headers().HtySudoerToken)
+        ngx.log(ngx.INFO, 'Check request authorization HtySudoerToken -> ', authorization)
+        DecoderJwtToken(authorization)
     else
         ngx.log(ngx.ERR, 'Request header no hty sudoer token ! ')
         ngx.status = 500