chore: stabilize lint and verify builds

2026-02-06 11:51:32 +08:00
parent edede17880
commit 1782f64417
114 changed files with 3032 additions and 1345 deletions
--- a/backend/providers/jwt/config.go
+++ b/backend/providers/jwt/config.go
@@ -3,7 +3,7 @@ package jwt
 import (
 	"time"

-	log "github.com/sirupsen/logrus"
+	logrus "github.com/sirupsen/logrus"

 	"go.ipao.vip/atom/container"
 	"go.ipao.vip/atom/opt"
@@ -29,7 +29,8 @@ type Config struct {
 func (c *Config) ExpiresTimeDuration() time.Duration {
 	d, err := time.ParseDuration(c.ExpiresTime)
 	if err != nil {
-		log.Fatal(err)
+		logrus.Fatal(err)
 	}
+
 	return d
 }
--- a/backend/providers/jwt/jwt.go
+++ b/backend/providers/jwt/jwt.go
@@ -2,6 +2,7 @@ package jwt

 import (
 	"errors"
+	"fmt"
 	"strings"
 	"time"

@@ -14,9 +15,11 @@ import (

 const (
 	CtxKey     = "claims"
-	HttpHeader = "Authorization"
+	HTTPHeader = "Authorization"
 )

+var ErrTokenInvalidType = errors.New("token cache returned non-string value")
+
 type BaseClaims struct {
 	OpenID   string `json:"open_id,omitempty"`
 	Tenant   string `json:"tenant,omitempty"`
@@ -39,80 +42,104 @@ type JWT struct {
 }

 var (
-	TokenExpired     = errors.New("Token is expired")
-	TokenNotValidYet = errors.New("Token not active yet")
-	TokenMalformed   = errors.New("That's not even a token")
-	TokenInvalid     = errors.New("Couldn't handle this token:")
+	ErrTokenExpired     = errors.New("Token is expired")
+	ErrTokenNotValidYet = errors.New("Token not active yet")
+	ErrTokenMalformed   = errors.New("That's not even a token")
+	ErrTokenInvalid     = errors.New("Couldn't handle this token")
 )

 func Provide(opts ...opt.Option) error {
-	o := opt.New(opts...)
+	options := opt.New(opts...)
 	var config Config
-	if err := o.UnmarshalConfig(&config); err != nil {
-		return err
+	if err := options.UnmarshalConfig(&config); err != nil {
+		return fmt.Errorf("unmarshal jwt config: %w", err)
 	}
-	return container.Container.Provide(func() (*JWT, error) {
+	if err := container.Container.Provide(func() (*JWT, error) {
 		return &JWT{
 			singleflight: &singleflight.Group{},
 			config:       &config,
 			SigningKey:   []byte(config.SigningKey),
 		}, nil
-	}, o.DiOptions()...)
+	}, options.DiOptions()...); err != nil {
+		return fmt.Errorf("provide jwt: %w", err)
+	}
+
+	return nil
 }

-func (j *JWT) CreateClaims(baseClaims BaseClaims) *Claims {
-	ep, _ := time.ParseDuration(j.config.ExpiresTime)
+func (jwtProvider *JWT) CreateClaims(baseClaims BaseClaims) *Claims {
+	expiresDuration, _ := time.ParseDuration(jwtProvider.config.ExpiresTime)
+
 	claims := Claims{
 		BaseClaims: baseClaims,
 		RegisteredClaims: jwt.RegisteredClaims{
 			NotBefore: jwt.NewNumericDate(time.Now().Add(-time.Second * 10)), // 签名生效时间
-			ExpiresAt: jwt.NewNumericDate(time.Now().Add(ep)),                // 过期时间 7天  配置文件
-			Issuer:    j.config.Issuer,                                       // 签名的发行者
+			ExpiresAt: jwt.NewNumericDate(time.Now().Add(expiresDuration)),   // 过期时间 7天  配置文件
+			Issuer:    jwtProvider.config.Issuer,                             // 签名的发行者
 		},
 	}
+
 	return &claims
 }

 // 创建一个token
-func (j *JWT) CreateToken(claims *Claims) (string, error) {
+func (jwtProvider *JWT) CreateToken(claims *Claims) (string, error) {
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-	return token.SignedString(j.SigningKey)
+
+	return token.SignedString(jwtProvider.SigningKey)
 }

 // CreateTokenByOldToken 旧token 换新token 使用归并回源避免并发问题
-func (j *JWT) CreateTokenByOldToken(oldToken string, claims *Claims) (string, error) {
-	v, err, _ := j.singleflight.Do("JWT:"+oldToken, func() (interface{}, error) {
-		return j.CreateToken(claims)
+func (jwtProvider *JWT) CreateTokenByOldToken(oldToken string, claims *Claims) (string, error) {
+	value, err, _ := jwtProvider.singleflight.Do("JWT:"+oldToken, func() (interface{}, error) {
+		return jwtProvider.CreateToken(claims)
 	})
-	return v.(string), err
+
+	tokenString, ok := value.(string)
+	if !ok {
+		return "", ErrTokenInvalidType
+	}
+
+	if err != nil {
+		return "", fmt.Errorf("create token by old token: %w", err)
+	}
+
+	return tokenString, nil
 }

 // 解析 token
-func (j *JWT) Parse(tokenString string) (*Claims, error) {
+func (jwtProvider *JWT) Parse(tokenString string) (*Claims, error) {
 	tokenString = strings.TrimPrefix(tokenString, TokenPrefix)
-	token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (i interface{}, e error) {
-		return j.SigningKey, nil
+	token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(_ *jwt.Token) (interface{}, error) {
+		return jwtProvider.SigningKey, nil
 	})
 	if err != nil {
-		if ve, ok := err.(*jwt.ValidationError); ok {
-			if ve.Errors&jwt.ValidationErrorMalformed != 0 {
-				return nil, TokenMalformed
-			} else if ve.Errors&jwt.ValidationErrorExpired != 0 {
-				// Token is expired
-				return nil, TokenExpired
-			} else if ve.Errors&jwt.ValidationErrorNotValidYet != 0 {
-				return nil, TokenNotValidYet
-			} else {
-				return nil, TokenInvalid
+		var validationErr *jwt.ValidationError
+		if errors.As(err, &validationErr) {
+			if validationErr.Errors&jwt.ValidationErrorMalformed != 0 {
+				return nil, ErrTokenMalformed
 			}
+
+			if validationErr.Errors&jwt.ValidationErrorExpired != 0 {
+				// Token is expired
+				return nil, ErrTokenExpired
+			}
+
+			if validationErr.Errors&jwt.ValidationErrorNotValidYet != 0 {
+				return nil, ErrTokenNotValidYet
+			}
+
+			return nil, ErrTokenInvalid
 		}
 	}
+
 	if token != nil {
 		if claims, ok := token.Claims.(*Claims); ok && token.Valid {
 			return claims, nil
 		}
-		return nil, TokenInvalid
-	} else {
-		return nil, TokenInvalid
+
+		return nil, ErrTokenInvalid
 	}
+
+	return nil, ErrTokenInvalid
 }