tlsserver.go 2.58 KB
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

package main

import (
	"context"
	"fmt"
	"google.golang.org/grpc"
	"google.golang.org/grpc/codes"
	"google.golang.org/grpc/credentials"
	"google.golang.org/grpc/metadata"
	"google.golang.org/grpc/status"
	"google.golang.org/protobuf/types/known/emptypb"
	"log"
	"net"
	"pro2d/components/jwt"
	"pro2d/protos/pb"
)

type Server struct {
	pb.UnimplementedHelloServer
}

func (s *Server) CreateToken(ctx context.Context, in *pb.Login) (*pb.TokenInfo, error)  {
	if in.Login == "login" && in.Password == "123456" {
		return &pb.TokenInfo{Token: jwt.CreateToken(in.Login)}, nil
	}
	return nil, fmt.Errorf("login error")
}

//func (s *Server) SayHello(ctx context.Context, empty *emptypb.Empty) (*pb.HelloWorld, error)  {
//	md, ok := metadata.FromIncomingContext(ctx)
//	if !ok {
//		return nil, status.Errorf(codes.Unauthenticated,"ErrNoMetadataInContext")
//	}
//	// md 的类型是 type MD map[string][]string
//	token, ok := md["authorization"]
//	if !ok || len(token) == 0 {
//		return nil, status.Errorf(codes.Unauthenticated,"ErrNoAuthorizationInMetadata")
//	}
//	login := jwt.ParseToken(token[0])
//	return &pb.HelloWorld{Msg: "Hello world: " + login}, nil
//}

func (s *Server) SayHello(ctx context.Context, empty *emptypb.Empty) (*pb.HelloWorld, error)  {
	md, ok := metadata.FromIncomingContext(ctx)
	if !ok {
		return nil, status.Errorf(codes.Unauthenticated, "无Token认证信息")
	}
	var (
		appId  string
		appKey string
	)
	if val, ok := md["appid"]; ok {
		appId = val[0]
	}

	if val, ok := md["appkey"]; ok {
		appKey = val[0]
	}

	if appId != "100" || appKey != "token" {
		return nil, status.Errorf(codes.Unauthenticated, "Token认证信息无效: appid=%s, appkey=%s", appId, appKey)
	}

	return &pb.HelloWorld{Msg: "Hello world"}, nil
}
func main() {
	// 监听本地端口
	listener, err := net.Listen("tcp", ":8948")
	if err != nil {
		log.Fatalf("net.Listen err: %v", err)
	}
	var opts []grpc.ServerOption
	// 从输入证书文件和密钥文件为服务端构造TLS凭证
	creds, err := credentials.NewServerTLSFromFile("keys/server.pem", "keys/server.key")
	if err != nil {
		log.Fatalf("Failed to generate credentials %v", err)
	}
	opts = append(opts, grpc.Creds(creds))
	// 新建gRPC服务器实例,并开启TLS认证
	grpcServer := grpc.NewServer(opts...)

	// 在gRPC服务器注册我们的服务
	pb.RegisterHelloServer(grpcServer, &Server{})
	log.Println(" net.Listing whth TLS")
	//用服务器 Serve() 方法以及我们的端口信息区实现阻塞等待，直到进程被杀死或者 Stop() 被调用
	err = grpcServer.Serve(listener)
	if err != nil {
		log.Fatalf("grpcServer.Serve err: %v", err)
	}
}