|
@@ -7,11 +7,14 @@
|
|
|
package routes
|
|
|
|
|
|
import (
|
|
|
+ "github.com/iris-contrib/middleware/csrf"
|
|
|
+ "github.com/kataras/iris/v12"
|
|
|
"github.com/kataras/iris/v12/mvc"
|
|
|
"go.mod/bootstrap"
|
|
|
"go.mod/services"
|
|
|
"go.mod/web/api"
|
|
|
"go.mod/web/backstage"
|
|
|
+ "go.mod/web/external"
|
|
|
"go.mod/web/middleware"
|
|
|
)
|
|
|
|
|
@@ -41,6 +44,10 @@ func Configure(b *bootstrap.Bootstrapper) {
|
|
|
//CSRF相关
|
|
|
b.Use(middleware.SetCsrf)
|
|
|
|
|
|
+ protect := csrf.Protect([]byte("9AB0F421E53A477C084477AEA06096F5"), csrf.FieldName("csrf"), csrf.Secure(false), csrf.Path("/"), csrf.ErrorHandler(func(ctx iris.Context) {
|
|
|
+ ctx.JSON(iris.Map{"code": -1, "msg": "CSRF token invalid"})
|
|
|
+ }))
|
|
|
+
|
|
|
//b.Party("/", protect)
|
|
|
//protect := NewCsrf()
|
|
|
|
|
@@ -96,35 +103,35 @@ func Configure(b *bootstrap.Bootstrapper) {
|
|
|
// apiTree.Router.Use(middleware.JwtAuth().Serve)
|
|
|
// 接口相关
|
|
|
// 登陆接口
|
|
|
- apiLogin := mvc.New(b.Party("/api/login"))
|
|
|
+ apiLogin := mvc.New(b.Party("/api/login", protect))
|
|
|
apiLogin.Register(ProjectAccountService)
|
|
|
apiLogin.Register(LoginService)
|
|
|
apiLogin.Register(ProjectService)
|
|
|
apiLogin.Handle(new(api.LoginApi))
|
|
|
|
|
|
// 项目相关接口
|
|
|
- apiProject := mvc.New(b.Party("/api/project"))
|
|
|
+ apiProject := mvc.New(b.Party("/api/project", protect))
|
|
|
apiProject.Register(ProjectService)
|
|
|
apiProject.Router.Use(middleware.SessionsAuth)
|
|
|
apiProject.Router.Use(middleware.AccessAuth)
|
|
|
apiProject.Handle(new(api.ProjectApi))
|
|
|
|
|
|
// 项目账号相关接口
|
|
|
- apiProjectAccount := mvc.New(b.Party("/api/projectAccount"))
|
|
|
+ apiProjectAccount := mvc.New(b.Party("/api/projectAccount", protect))
|
|
|
apiProjectAccount.Register(ProjectAccountService)
|
|
|
apiProjectAccount.Router.Use(middleware.SessionsAuth)
|
|
|
apiProjectAccount.Router.Use(middleware.AccessAuth)
|
|
|
apiProjectAccount.Handle(new(api.ProjectAccountApi))
|
|
|
|
|
|
// 标段相关接口
|
|
|
- apiBidsection := mvc.New(b.Party("/api/bidsection"))
|
|
|
+ apiBidsection := mvc.New(b.Party("/api/bidsection", protect))
|
|
|
apiBidsection.Register(BidsectionService)
|
|
|
apiBidsection.Router.Use(middleware.SessionsAuth)
|
|
|
apiBidsection.Router.Use(middleware.AccessAuth)
|
|
|
apiBidsection.Handle(new(api.BidsectionApi))
|
|
|
|
|
|
// 项目设置接口
|
|
|
- apiSetting := mvc.New(b.Party("/api/projectSetting"))
|
|
|
+ apiSetting := mvc.New(b.Party("/api/projectSetting", protect))
|
|
|
apiSetting.Register(ProjectAccountService)
|
|
|
apiSetting.Register(ProjectService)
|
|
|
apiSetting.Register(BidAccountService)
|
|
@@ -133,14 +140,14 @@ func Configure(b *bootstrap.Bootstrapper) {
|
|
|
apiSetting.Handle(new(api.ProjectSettingApi))
|
|
|
|
|
|
// TreeNode相关接口
|
|
|
- apiTree := mvc.New(b.Party("/api/tree"))
|
|
|
+ apiTree := mvc.New(b.Party("/api/tree", protect))
|
|
|
apiTree.Register(TreeService)
|
|
|
apiTree.Router.Use(middleware.SessionsAuth)
|
|
|
apiTree.Router.Use(middleware.AccessAuth)
|
|
|
apiTree.Handle(new(api.TreeApi))
|
|
|
|
|
|
// 合同管理
|
|
|
- apiContract := mvc.New(b.Party("/api/contract"))
|
|
|
+ apiContract := mvc.New(b.Party("/api/contract", protect))
|
|
|
apiContract.Register(TreeService)
|
|
|
apiContract.Register(ContractService)
|
|
|
// 中间件
|
|
@@ -149,7 +156,7 @@ func Configure(b *bootstrap.Bootstrapper) {
|
|
|
apiContract.Handle(new(api.ContractApi))
|
|
|
|
|
|
// oss相关
|
|
|
- apiOss := mvc.New(b.Party("/api/oss"))
|
|
|
+ apiOss := mvc.New(b.Party("/api/oss", protect))
|
|
|
apiOss.Router.Use(middleware.SessionsAuth)
|
|
|
apiOss.Router.Use(middleware.AccessAuth)
|
|
|
apiOss.Handle(new(api.OssApi))
|
|
@@ -162,45 +169,45 @@ func Configure(b *bootstrap.Bootstrapper) {
|
|
|
// rpc.Handle(new(api.RpcApi))
|
|
|
|
|
|
// safe
|
|
|
- apiSafe := mvc.New(b.Party("/api/safe"))
|
|
|
+ apiSafe := mvc.New(b.Party("/api/safe", protect))
|
|
|
apiSafe.Register(SafeService)
|
|
|
apiSafe.Router.Use(middleware.SessionsAuth)
|
|
|
apiSafe.Router.Use(middleware.AccessAuth)
|
|
|
apiSafe.Handle(new(api.SafeApi))
|
|
|
|
|
|
- apiSafeAudit := mvc.New(b.Party("/api/safe_audit"))
|
|
|
+ apiSafeAudit := mvc.New(b.Party("/api/safe_audit", protect))
|
|
|
apiSafeAudit.Register(SafeAuditService)
|
|
|
apiSafeAudit.Router.Use(middleware.SessionsAuth)
|
|
|
apiSafeAudit.Router.Use(middleware.AccessAuth)
|
|
|
apiSafeAudit.Handle(new(api.SafeAuditApi))
|
|
|
|
|
|
// quality
|
|
|
- apiQuality := mvc.New(b.Party("/api/quality"))
|
|
|
+ apiQuality := mvc.New(b.Party("/api/quality", protect))
|
|
|
apiQuality.Register(QualityService)
|
|
|
apiQuality.Router.Use(middleware.SessionsAuth)
|
|
|
apiQuality.Router.Use(middleware.AccessAuth)
|
|
|
apiQuality.Handle(new(api.QualityApi))
|
|
|
|
|
|
- apiQualityAudit := mvc.New(b.Party("/api/quality_audit"))
|
|
|
+ apiQualityAudit := mvc.New(b.Party("/api/quality_audit", protect))
|
|
|
apiQualityAudit.Register(QualityAuditService)
|
|
|
apiQualityAudit.Router.Use(middleware.SessionsAuth)
|
|
|
apiQualityAudit.Router.Use(middleware.AccessAuth)
|
|
|
apiQualityAudit.Handle(new(api.QualityAuditApi))
|
|
|
// rule
|
|
|
- apiRule := mvc.New(b.Party("/api/rule"))
|
|
|
+ apiRule := mvc.New(b.Party("/api/rule", protect))
|
|
|
apiRule.Register(RuleService)
|
|
|
apiRule.Router.Use(middleware.SessionsAuth)
|
|
|
apiRule.Router.Use(middleware.AccessAuth)
|
|
|
apiRule.Handle(new(api.RuleApi))
|
|
|
|
|
|
// file
|
|
|
- apiAnnex := mvc.New(b.Party("/api/file"))
|
|
|
+ apiAnnex := mvc.New(b.Party("/api/file", protect))
|
|
|
apiAnnex.Register(AnnexService)
|
|
|
apiAnnex.Router.Use(middleware.SessionsAuth)
|
|
|
apiAnnex.Router.Use(middleware.AccessAuth)
|
|
|
apiAnnex.Handle(new(api.AnnexApi))
|
|
|
|
|
|
- apiDashboard := mvc.New(b.Party("/api/dashboard"))
|
|
|
+ apiDashboard := mvc.New(b.Party("/api/dashboard", protect))
|
|
|
apiDashboard.Register(SafeService)
|
|
|
apiDashboard.Register(QualityService)
|
|
|
apiDashboard.Register(ProjectMessageService)
|
|
@@ -209,19 +216,23 @@ func Configure(b *bootstrap.Bootstrapper) {
|
|
|
apiDashboard.Router.Use(middleware.AccessAuth)
|
|
|
apiDashboard.Handle(new(api.DashboardApi))
|
|
|
|
|
|
+ // 对计量接口
|
|
|
+ jlEx := mvc.New(b.Party("/api/external/jl"))
|
|
|
+ jlEx.Handle(new(external.JlEx))
|
|
|
+
|
|
|
// 后台相关
|
|
|
- backstageCM := mvc.New(b.Party("/api/backstage/login"))
|
|
|
+ backstageCM := mvc.New(b.Party("/api/backstage/login", protect))
|
|
|
backstageCM.Register(backstageService)
|
|
|
backstageCM.Handle(new(backstage.LoginBs))
|
|
|
|
|
|
- backstageProjectCM := mvc.New(b.Party("/api/backstage/project"))
|
|
|
+ backstageProjectCM := mvc.New(b.Party("/api/backstage/project", protect))
|
|
|
backstageProjectCM.Register(ProjectService)
|
|
|
backstageProjectCM.Register(backstageService)
|
|
|
backstageProjectCM.Router.Use(middleware.SessionsBackstageAuth)
|
|
|
backstageProjectCM.Router.Use(middleware.AccessBackstageAuth)
|
|
|
backstageProjectCM.Handle(new(backstage.ProjectBs))
|
|
|
|
|
|
- backstageAccountCM := mvc.New(b.Party("/api/backstage/account"))
|
|
|
+ backstageAccountCM := mvc.New(b.Party("/api/backstage/account", protect))
|
|
|
backstageAccountCM.Register(ProjectAccountService)
|
|
|
backstageAccountCM.Register(ProjectService)
|
|
|
backstageAccountCM.Register(BidAccountService)
|
|
@@ -230,18 +241,19 @@ func Configure(b *bootstrap.Bootstrapper) {
|
|
|
backstageAccountCM.Router.Use(middleware.AccessBackstageAuth)
|
|
|
backstageAccountCM.Handle(new(backstage.ProjectAccountBs))
|
|
|
|
|
|
- managerCM := mvc.New(b.Party("/api/backstage/manager"))
|
|
|
+ managerCM := mvc.New(b.Party("/api/backstage/manager", protect))
|
|
|
managerCM.Register(managerService)
|
|
|
managerCM.Router.Use(middleware.SessionsBackstageAuth)
|
|
|
managerCM.Handle(new(backstage.ManagerBs))
|
|
|
|
|
|
- groupCM := mvc.New(b.Party("/api/backstage/group"))
|
|
|
+ groupCM := mvc.New(b.Party("/api/backstage/group", protect))
|
|
|
groupCM.Register(groupService)
|
|
|
groupCM.Router.Use(middleware.SessionsBackstageAuth)
|
|
|
groupCM.Handle(new(backstage.GroupBs))
|
|
|
|
|
|
- versionCM := mvc.New(b.Party("/api/backstage/version"))
|
|
|
+ versionCM := mvc.New(b.Party("/api/backstage/version", protect))
|
|
|
versionCM.Register(versionService)
|
|
|
versionCM.Router.Use(middleware.SessionsBackstageAuth)
|
|
|
versionCM.Handle(new(backstage.VersionBs))
|
|
|
+
|
|
|
}
|