62 lines
2.0 KiB
Go
62 lines
2.0 KiB
Go
// Package middleware 存放 gin 中间件
|
||
package middleware
|
||
|
||
import (
|
||
"net/http"
|
||
"strings"
|
||
|
||
"git.huangwc.com/pig/pig-farm-controller/internal/domain/token"
|
||
"git.huangwc.com/pig/pig-farm-controller/internal/infra/models"
|
||
"git.huangwc.com/pig/pig-farm-controller/internal/infra/repository"
|
||
"github.com/gin-gonic/gin"
|
||
"gorm.io/gorm"
|
||
)
|
||
|
||
// AuthMiddleware 创建一个Gin中间件,用于JWT身份验证
|
||
// 它依赖于 TokenService 来解析和验证 token,并使用 UserRepository 来获取完整的用户信息
|
||
func AuthMiddleware(tokenService token.Service, userRepo repository.UserRepository) gin.HandlerFunc {
|
||
return func(c *gin.Context) {
|
||
// 从 Authorization header 获取 token
|
||
authHeader := c.GetHeader("Authorization")
|
||
if authHeader == "" {
|
||
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "请求未包含授权标头"})
|
||
return
|
||
}
|
||
|
||
// 授权标头的格式应为 "Bearer <token>"
|
||
parts := strings.Split(authHeader, " ")
|
||
if len(parts) != 2 || strings.ToLower(parts[0]) != "bearer" {
|
||
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "授权标头格式不正确"})
|
||
return
|
||
}
|
||
|
||
tokenString := parts[1]
|
||
|
||
// 解析和验证 token
|
||
claims, err := tokenService.ParseToken(tokenString)
|
||
if err != nil {
|
||
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "无效的Token"})
|
||
return
|
||
}
|
||
|
||
// 根据 token 中的用户ID,从数据库中获取完整的用户信息
|
||
user, err := userRepo.FindByID(claims.UserID)
|
||
if err != nil {
|
||
if err == gorm.ErrRecordNotFound {
|
||
// Token有效,但对应的用户已不存在
|
||
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "授权用户不存在"})
|
||
return
|
||
}
|
||
// 其他数据库查询错误
|
||
c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"error": "获取用户信息失败"})
|
||
return
|
||
}
|
||
|
||
// 将完整的用户对象存储在 context 中,以便后续的处理函数使用
|
||
c.Set(models.ContextUserKey.String(), user)
|
||
|
||
// 继续处理请求链中的下一个处理程序
|
||
c.Next()
|
||
}
|
||
}
|