pig/pig-farm-controller
1
0
Fork 0
Code Issues 11 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
86c9073da87a571f4d271d8e98046f09186bc1bc
pig-farm-controller/internal/app/middleware/audit.go
huang 829f0a6253 调整目录结构
2025-10-02 00:18:13 +08:00

118 lines
3.5 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package middleware
import (
"bytes"
"encoding/json"
"io"
"strconv"
"git.huangwc.com/pig/pig-farm-controller/internal/domain/audit"
"git.huangwc.com/pig/pig-farm-controller/internal/infra/models"
"github.com/gin-gonic/gin"
)
type auditResponse struct {
Code int `json:"code"`
Message string `json:"message"`
}
// AuditLogMiddleware 创建一个Gin中间件用于在请求结束后记录用户操作审计日志
func AuditLogMiddleware(auditService audit.Service) gin.HandlerFunc {
return func(c *gin.Context) {
// 使用自定义的 response body writer 来捕获响应体
blw := &bodyLogWriter{body: bytes.NewBufferString(""), ResponseWriter: c.Writer}
c.Writer = blw
// 首先执行请求链中的后续处理程序(即业务控制器)
c.Next()
// --- 在这里,请求已经处理完毕 ---
// 从上下文中尝试获取由控制器设置的业务审计信息
actionType, exists := c.Get(models.ContextAuditActionType.String())
if !exists {
// 如果上下文中没有 actionType说明此接口无需记录审计日志直接返回
return
}
// 从 Gin Context 中获取用户对象
userCtx, userExists := c.Get(models.ContextUserKey.String())
var user *models.User
if userExists {
user, _ = userCtx.(*models.User)
}
// 构建 RequestContext
reqCtx := audit.RequestContext{
ClientIP: c.ClientIP(),
HTTPPath: c.Request.URL.Path,
HTTPMethod: c.Request.Method,
}
// 获取其他审计信息
description, _ := c.Get(models.ContextAuditDescription.String())
targetResource, _ := c.Get(models.ContextAuditTargetResource.String())
// 默认操作状态为成功
status := models.AuditStatusSuccess
resultDetails := ""
// 尝试从捕获的响应体中解析平台响应
var platformResponse auditResponse
if err := json.Unmarshal(blw.body.Bytes(), &platformResponse); err == nil {
// 如果解析成功,根据平台状态码判断操作是否失败
// 成功状态码范围是 2000-2999
if platformResponse.Code < 2000 || platformResponse.Code >= 3000 {
status = models.AuditStatusFailed
resultDetails = platformResponse.Message
}
} else {
// 如果响应体不是预期的平台响应格式或者解析失败则记录原始HTTP状态码作为详情
// 并且如果HTTP状态码不是2xx则标记为失败
if c.Writer.Status() < 200 || c.Writer.Status() >= 300 {
status = models.AuditStatusFailed
}
resultDetails = "HTTP Status: " + strconv.Itoa(c.Writer.Status()) + ", Body Parse Error: " + err.Error()
}
// 调用审计服务记录日志(异步)
auditService.LogAction(
user,
reqCtx,
actionType.(string),
description.(string),
targetResource,
status,
resultDetails,
)
}
}
// bodyLogWriter 是一个自定义的 gin.ResponseWriter用于捕获响应体
// 这对于在操作失败时记录详细的错误信息非常有用
type bodyLogWriter struct {
gin.ResponseWriter
body *bytes.Buffer
}
func (w bodyLogWriter) Write(b []byte) (int, error) {
w.body.Write(b)
return w.ResponseWriter.Write(b)
}
func (w bodyLogWriter) WriteString(s string) (int, error) {
w.body.WriteString(s)
return w.ResponseWriter.WriteString(s)
}
// ReadBody 用于安全地读取请求体,并防止其被重复读取
func ReadBody(c *gin.Context) ([]byte, error) {
bodyBytes, err := io.ReadAll(c.Request.Body)
if err != nil {
return nil, err
}
// 将读取的内容放回 Body 中,以便后续的处理函数可以再次读取
c.Request.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
return bodyBytes, nil
}
Reference in New Issue View Git Blame Copy Permalink