API, Tag

app/controllers/api/init.go

@@ -0,0 +1,144 @@
+package api
+
+import (
+	"github.com/leanote/leanote/app/info"
+	"github.com/leanote/leanote/app/service"
+//		. "github.com/leanote/leanote/app/lea"
+	"github.com/revel/revel"
+	"strings"
+)
+
+var userService *service.UserService
+var noteService *service.NoteService
+var trashService *service.TrashService
+var notebookService *service.NotebookService
+var noteContentHistoryService *service.NoteContentHistoryService
+var authService *service.AuthService
+var shareService *service.ShareService
+var blogService *service.BlogService
+var tagService *service.TagService
+var pwdService *service.PwdService
+var tokenService *service.TokenService
+var suggestionService *service.SuggestionService
+var albumService *service.AlbumService
+var noteImageService *service.NoteImageService
+var fileService *service.FileService
+var attachService *service.AttachService
+var configService *service.ConfigService
+var emailService *service.EmailService
+var sessionService *service.SessionService
+
+var pageSize = 1000
+var defaultSortField = "UpdatedTime"
+var leanoteUserId = "admin" // 不能更改
+
+// 状态
+const (
+	S_DEFAULT                 = iota // 0
+	S_NOT_LOGIN                      // 1
+	S_WRONG_USERNAME_PASSWORD        // 2
+	S_WRONG_CAPTCHA                  // 3
+	S_NEED_CAPTCHA                   // 4
+	S_NOT_OPEN_REGISTER              // 4
+)
+
+// 拦截器
+// 不需要拦截的url
+var commonUrl = map[string]map[string]bool{"ApiAuth": map[string]bool{"Login": true,
+	"Register": true,
+	},
+	// 文件的操作也不用登录, userId会从session中获取
+	"ApiFile": map[string]bool{"GetImage": true,
+		"GetAttach": true,
+		"GetAllAttachs": true,
+	},
+}
+
+func needValidate(controller, method string) bool {
+	// 在里面
+	if v, ok := commonUrl[controller]; ok {
+		// 在commonUrl里
+		if _, ok2 := v[method]; ok2 {
+			return false
+		}
+		return true
+	} else {
+		// controller不在这里的, 肯定要验证
+		return true
+	}
+}
+
+// 这里得到token, 若不是login, logout等公用操作, 必须验证是否已登录
+func AuthInterceptor(c *revel.Controller) revel.Result {
+	// 得到token /api/user/info?userId=xxx&token=xxxxx
+	token := c.Params.Values.Get("token")
+	noToken := false
+	if token == "" {
+		// 若无, 则取sessionId
+		token = c.Session.Id()
+		noToken = true
+	}
+	c.Session["_token"] = token
+
+	// 全部变成首字大写
+	var controller = strings.Title(c.Name)
+	var method = strings.Title(c.MethodName)
+
+	// 验证是否已登录
+	// 通过sessionService判断该token下是否有userId, 并返回userId
+	userId := sessionService.GetUserId(token)
+	if noToken && userId == "" {
+		// 从session中获取, api/file/getImage, api/file/getAttach, api/file/getAllAttach
+		// 客户端
+		userId, _ = c.Session["UserId"];
+	}
+	c.Session["_userId"] = userId
+	
+	// 是否需要验证?
+	if !needValidate(controller, method) {
+		return nil
+	}
+	
+	if userId != "" {
+		return nil // 已登录
+	}
+
+	// 没有登录, 返回错误的信息, 需要登录
+	re := info.NewApiRe()
+	re.Msg = "NOTLOGIN"
+	return c.RenderJson(re)
+}
+
+func init() {
+	// interceptors
+	revel.InterceptFunc(AuthInterceptor, revel.BEFORE, &ApiAuth{})
+	revel.InterceptFunc(AuthInterceptor, revel.BEFORE, &ApiUser{})
+	revel.InterceptFunc(AuthInterceptor, revel.BEFORE, &ApiFile{})
+	revel.InterceptFunc(AuthInterceptor, revel.BEFORE, &ApiNote{})
+	revel.InterceptFunc(AuthInterceptor, revel.BEFORE, &ApiTag{})
+	revel.InterceptFunc(AuthInterceptor, revel.BEFORE, &ApiNotebook{})
+}
+
+// 最外层init.go调用
+// 获取service, 单例
+func InitService() {
+	notebookService = service.NotebookS
+	noteService = service.NoteS
+	noteContentHistoryService = service.NoteContentHistoryS
+	trashService = service.TrashS
+	shareService = service.ShareS
+	userService = service.UserS
+	tagService = service.TagS
+	blogService = service.BlogS
+	tokenService = service.TokenS
+	noteImageService = service.NoteImageS
+	fileService = service.FileS
+	albumService = service.AlbumS
+	attachService = service.AttachS
+	pwdService = service.PwdS
+	suggestionService = service.SuggestionS
+	authService = service.AuthS
+	configService = service.ConfigS
+	emailService = service.EmailS
+	sessionService = service.SessionS
+}