实现登录校验中间件

2025-09-27 23:17:23 +08:00
parent 18c4747de6
commit ea9cc3cbe4
2 changed files with 88 additions and 35 deletions
--- a/internal/app/middleware/auth.go
+++ b/internal/app/middleware/auth.go
@@ -0,0 +1,50 @@
+// Package middleware 存放 gin 中间件
+package middleware
+
+import (
+	"net/http"
+	"strings"
+
+	"git.huangwc.com/pig/pig-farm-controller/internal/app/service/token"
+	"github.com/gin-gonic/gin"
+)
+
+const (
+	// ContextUserIDKey 是存储在 gin.Context 中的用户ID的键名
+	ContextUserIDKey = "userID"
+)
+
+// AuthMiddleware 创建一个Gin中间件，用于JWT身份验证
+// 它依赖于 TokenService 来解析和验证 token
+func AuthMiddleware(tokenService token.TokenService) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// 从 Authorization header 获取 token
+		authHeader := c.GetHeader("Authorization")
+		if authHeader == "" {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "请求未包含授权标头"})
+			return
+		}
+
+		// 授权标头的格式应为 "Bearer <token>"
+		parts := strings.Split(authHeader, " ")
+		if len(parts) != 2 || parts[0] != "Bearer" {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "授权标头格式不正确"})
+			return
+		}
+
+		tokenString := parts[1]
+
+		// 解析和验证 token
+		claims, err := tokenService.ParseToken(tokenString)
+		if err != nil {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "无效的Token"})
+			return
+		}
+
+		// 将解析出的用户ID存储在 context 中，以便后续的处理函数使用
+		c.Set(ContextUserIDKey, claims.UserID)
+
+		// 继续处理请求链中的下一个处理程序
+		c.Next()
+	}
+}