69 lines
1.3 KiB
Go
69 lines
1.3 KiB
Go
|
package middleware
|
||
|
|
|
||
|
|
import (
|
||
|
|
"strings"
|
||
|
|
"yuyue/utils"
|
||
|
|
|
||
|
|
"github.com/gofiber/fiber/v2"
|
||
|
|
"github.com/golang-jwt/jwt/v5"
|
||
|
|
)
|
||
|
|
|
||
|
|
// jwtSecret 在 jwt.go 中定义
|
||
|
|
|
||
|
|
func AuthMiddleware() fiber.Handler {
|
||
|
|
return func(c *fiber.Ctx) error {
|
||
|
|
authHeader := c.Get("Authorization")
|
||
|
|
if authHeader == "" {
|
||
|
|
return utils.Unauthorized(c, "缺少认证信息")
|
||
|
|
}
|
||
|
|
|
||
|
|
tokenString := strings.Replace(authHeader, "Bearer ", "", 1)
|
||
|
|
|
||
|
|
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
|
||
|
|
return jwtSecret, nil
|
||
|
|
})
|
||
|
|
|
||
|
|
if err != nil || !token.Valid {
|
||
|
|
return utils.Unauthorized(c, "无效的认证令牌")
|
||
|
|
}
|
||
|
|
|
||
|
|
if claims, ok := token.Claims.(jwt.MapClaims); ok {
|
||
|
|
c.Locals("user_id", claims["user_id"])
|
||
|
|
c.Locals("username", claims["username"])
|
||
|
|
c.Locals("role", claims["role"])
|
||
|
|
}
|
||
|
|
|
||
|
|
return c.Next()
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
func AdminMiddleware() fiber.Handler {
|
||
|
|
return func(c *fiber.Ctx) error {
|
||
|
|
role := c.Locals("role")
|
||
|
|
if role != "admin" {
|
||
|
|
return utils.Unauthorized(c, "需要管理员权限")
|
||
|
|
}
|
||
|
|
return c.Next()
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
func GetUserID(c *fiber.Ctx) uint {
|
||
|
|
userID := c.Locals("user_id")
|
||
|
|
if userID != nil {
|
||
|
|
if id, ok := userID.(float64); ok {
|
||
|
|
return uint(id)
|
||
|
|
}
|
||
|
|
}
|
||
|
|
return 0
|
||
|
|
}
|
||
|
|
|
||
|
|
func GetUserRole(c *fiber.Ctx) string {
|
||
|
|
role := c.Locals("role")
|
||
|
|
if role != nil {
|
||
|
|
if r, ok := role.(string); ok {
|
||
|
|
return r
|
||
|
|
}
|
||
|
|
}
|
||
|
|
return ""
|
||
|
|
}
|