实现登录校验中间件
This commit is contained in:
@@ -15,18 +15,19 @@ import (
|
||||
"net/http/pprof"
|
||||
"time"
|
||||
|
||||
_ "git.huangwc.com/pig/pig-farm-controller/docs" // 引入 swag 生成的 docs
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/controller/device"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/controller/plan"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/controller/user"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/middleware"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/service/task"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/service/token"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/service/transport"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/infra/config"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/infra/logs"
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/infra/repository"
|
||||
"github.com/gin-gonic/gin"
|
||||
|
||||
_ "git.huangwc.com/pig/pig-farm-controller/docs" // 引入 swag 生成的 docs
|
||||
"github.com/gin-gonic/gin"
|
||||
swaggerFiles "github.com/swaggo/files"
|
||||
ginSwagger "github.com/swaggo/gin-swagger"
|
||||
)
|
||||
@@ -91,41 +92,14 @@ func NewAPI(cfg config.ServerConfig,
|
||||
// setupRoutes 设置所有 API 路由
|
||||
// 在此方法中,使用已初始化的控制器实例将其路由注册到 Gin 引擎中。
|
||||
func (a *API) setupRoutes() {
|
||||
// 创建 /api/v1 路由组
|
||||
v1 := a.engine.Group("/api/v1")
|
||||
{
|
||||
// 用户相关路由组
|
||||
userGroup := v1.Group("/users")
|
||||
{
|
||||
userGroup.POST("", a.userController.CreateUser) // 注册创建用户接口 (POST /api/v1/users)
|
||||
userGroup.POST("/login", a.userController.Login) // 注册用户登录接口 (POST /api/v1/users/login)
|
||||
}
|
||||
a.logger.Info("用户相关接口注册成功")
|
||||
|
||||
// 设备相关路由组
|
||||
deviceGroup := v1.Group("/devices")
|
||||
{
|
||||
deviceGroup.POST("", a.deviceController.CreateDevice)
|
||||
deviceGroup.GET("", a.deviceController.ListDevices)
|
||||
deviceGroup.GET("/:id", a.deviceController.GetDevice)
|
||||
deviceGroup.PUT("/:id", a.deviceController.UpdateDevice)
|
||||
deviceGroup.DELETE("/:id", a.deviceController.DeleteDevice)
|
||||
}
|
||||
a.logger.Info("设备相关接口注册成功")
|
||||
// --- Public Routes ---
|
||||
// 这些路由不需要身份验证
|
||||
|
||||
// 计划相关路由组
|
||||
planGroup := v1.Group("/plans")
|
||||
{
|
||||
planGroup.POST("", a.planController.CreatePlan)
|
||||
planGroup.GET("", a.planController.ListPlans)
|
||||
planGroup.GET("/:id", a.planController.GetPlan)
|
||||
planGroup.PUT("/:id", a.planController.UpdatePlan)
|
||||
planGroup.DELETE("/:id", a.planController.DeletePlan)
|
||||
planGroup.POST("/:id/start", a.planController.StartPlan)
|
||||
planGroup.POST("/:id/stop", a.planController.StopPlan)
|
||||
}
|
||||
a.logger.Info("计划相关接口注册成功")
|
||||
}
|
||||
// 用户注册和登录
|
||||
a.engine.POST("/api/v1/users", a.userController.CreateUser)
|
||||
a.engine.POST("/api/v1/users/login", a.userController.Login)
|
||||
a.logger.Info("公开接口注册成功:用户注册、登录")
|
||||
|
||||
// 注册 pprof 路由
|
||||
pprofGroup := a.engine.Group("/debug/pprof")
|
||||
@@ -156,6 +130,35 @@ func (a *API) setupRoutes() {
|
||||
a.engine.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
|
||||
a.logger.Info("Swagger UI 接口注册成功")
|
||||
|
||||
// --- Authenticated Routes ---
|
||||
// 所有在此注册的路由都需要通过 JWT 身份验证
|
||||
authGroup := a.engine.Group("/api/v1")
|
||||
authGroup.Use(middleware.AuthMiddleware(a.tokenService))
|
||||
{
|
||||
// 设备相关路由组
|
||||
deviceGroup := authGroup.Group("/devices")
|
||||
{
|
||||
deviceGroup.POST("", a.deviceController.CreateDevice)
|
||||
deviceGroup.GET("", a.deviceController.ListDevices)
|
||||
deviceGroup.GET("/:id", a.deviceController.GetDevice)
|
||||
deviceGroup.PUT("/:id", a.deviceController.UpdateDevice)
|
||||
deviceGroup.DELETE("/:id", a.deviceController.DeleteDevice)
|
||||
}
|
||||
a.logger.Info("设备相关接口注册成功 (需要认证)")
|
||||
|
||||
// 计划相关路由组
|
||||
planGroup := authGroup.Group("/plans")
|
||||
{
|
||||
planGroup.POST("", a.planController.CreatePlan)
|
||||
planGroup.GET("", a.planController.ListPlans)
|
||||
planGroup.GET("/:id", a.planController.GetPlan)
|
||||
planGroup.PUT("/:id", a.planController.UpdatePlan)
|
||||
planGroup.DELETE("/:id", a.planController.DeletePlan)
|
||||
planGroup.POST("/:id/start", a.planController.StartPlan)
|
||||
planGroup.POST("/:id/stop", a.planController.StopPlan)
|
||||
}
|
||||
a.logger.Info("计划相关接口注册成功 (需要认证)")
|
||||
}
|
||||
}
|
||||
|
||||
// Start 启动 HTTP 服务器
|
||||
|
||||
50
internal/app/middleware/auth.go
Normal file
50
internal/app/middleware/auth.go
Normal file
@@ -0,0 +1,50 @@
|
||||
// Package middleware 存放 gin 中间件
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"git.huangwc.com/pig/pig-farm-controller/internal/app/service/token"
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
const (
|
||||
// ContextUserIDKey 是存储在 gin.Context 中的用户ID的键名
|
||||
ContextUserIDKey = "userID"
|
||||
)
|
||||
|
||||
// AuthMiddleware 创建一个Gin中间件,用于JWT身份验证
|
||||
// 它依赖于 TokenService 来解析和验证 token
|
||||
func AuthMiddleware(tokenService token.TokenService) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
// 从 Authorization header 获取 token
|
||||
authHeader := c.GetHeader("Authorization")
|
||||
if authHeader == "" {
|
||||
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "请求未包含授权标头"})
|
||||
return
|
||||
}
|
||||
|
||||
// 授权标头的格式应为 "Bearer <token>"
|
||||
parts := strings.Split(authHeader, " ")
|
||||
if len(parts) != 2 || parts[0] != "Bearer" {
|
||||
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "授权标头格式不正确"})
|
||||
return
|
||||
}
|
||||
|
||||
tokenString := parts[1]
|
||||
|
||||
// 解析和验证 token
|
||||
claims, err := tokenService.ParseToken(tokenString)
|
||||
if err != nil {
|
||||
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "无效的Token"})
|
||||
return
|
||||
}
|
||||
|
||||
// 将解析出的用户ID存储在 context 中,以便后续的处理函数使用
|
||||
c.Set(ContextUserIDKey, claims.UserID)
|
||||
|
||||
// 继续处理请求链中的下一个处理程序
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user