shumengya/InfoGenie
2
2
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1c81d4e6eaebd395c8852ee02cd8d96602835e3a
InfoGenie/infogenie-backend-go/internal/middleware/auth.go
树萌芽 1c81d4e6ea update: 2026-03-28 20:59
2026-03-28 20:59:52 +08:00

128 lines
3.4 KiB
Go
Raw Blame History

package middleware
import (
"bytes"
"encoding/json"
"fmt"
"io"
"net/http"
"strings"
"time"
"github.com/gin-gonic/gin"
"infogenie-backend/config"
)
type AuthCenterUser struct {
Account string `json:"account"`
Username string `json:"username"`
Email string `json:"email"`
Level int `json:"level"`
SproutCoins float64 `json:"sproutCoins"`
AvatarURL string `json:"avatarUrl"`
WebsiteURL string `json:"websiteUrl"`
Bio string `json:"bio"`
CheckInDays int `json:"checkInDays"`
CheckInStreak int `json:"checkInStreak"`
}
type VerifyResponse struct {
Valid bool `json:"valid"`
User *AuthCenterUser `json:"user,omitempty"`
Error string `json:"error,omitempty"`
BanReason string `json:"banReason,omitempty"`
}
func verifyTokenWithAuthCenter(tokenStr string) (*VerifyResponse, error) {
body, _ := json.Marshal(map[string]string{"token": tokenStr})
url := config.Cfg.AuthCenter.APIURL + "/api/auth/verify"
req, err := http.NewRequest("POST", url, bytes.NewReader(body))
if err != nil {
return nil, fmt.Errorf("创建请求失败: %w", err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("X-Auth-Client", "infogenie")
req.Header.Set("X-Auth-Client-Name", "万象口袋")
client := &http.Client{Timeout: 10 * time.Second}
resp, err := client.Do(req)
if err != nil {
return nil, fmt.Errorf("请求认证中心失败: %w", err)
}
defer resp.Body.Close()
data, _ := io.ReadAll(resp.Body)
if resp.StatusCode == 401 {
return &VerifyResponse{Valid: false, Error: "invalid token"}, nil
}
var result VerifyResponse
if err := json.Unmarshal(data, &result); err != nil {
return nil, fmt.Errorf("解析认证响应失败: %w", err)
}
return &result, nil
}
func extractToken(c *gin.Context) string {
auth := c.GetHeader("Authorization")
if strings.HasPrefix(auth, "Bearer ") {
return auth[7:]
}
return auth
}
func JWTAuth() gin.HandlerFunc {
return func(c *gin.Context) {
tokenStr := extractToken(c)
if tokenStr == "" {
c.JSON(http.StatusUnauthorized, gin.H{"success": false, "message": "缺少认证token"})
c.Abort()
return
}
result, err := verifyTokenWithAuthCenter(tokenStr)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "message": "认证服务暂时不可用"})
c.Abort()
return
}
if !result.Valid || result.User == nil {
msg := "Token无效或已过期"
if result.BanReason != "" {
msg = "账户已被封禁"
}
c.JSON(http.StatusUnauthorized, gin.H{"success": false, "message": msg})
c.Abort()
return
}
c.Set("account", result.User.Account)
c.Set("username", result.User.Username)
c.Set("email", result.User.Email)
c.Set("sprout_coins", result.User.SproutCoins)
c.Set("auth_user", result.User)
c.Next()
}
}
func OptionalJWTAuth() gin.HandlerFunc {
return func(c *gin.Context) {
tokenStr := extractToken(c)
if tokenStr != "" {
result, err := verifyTokenWithAuthCenter(tokenStr)
if err == nil && result.Valid && result.User != nil {
c.Set("account", result.User.Account)
c.Set("username", result.User.Username)
c.Set("email", result.User.Email)
c.Set("sprout_coins", result.User.SproutCoins)
c.Set("auth_user", result.User)
}
}
c.Next()
}
}
Reference in New Issue View Git Blame Copy Permalink