78 lines
1.5 KiB
Go
78 lines
1.5 KiB
Go
// Package middleware 中间件
|
|
package middleware
|
|
|
|
import (
|
|
"strings"
|
|
|
|
"server/common"
|
|
"server/modules/system/service"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
const (
|
|
// ContextUserKey 上下文中存储用户信息的key
|
|
ContextUserKey = "loginUser"
|
|
// TokenHeader 请求头中Token的key
|
|
TokenHeader = "Authorization"
|
|
// TokenPrefix Token前缀
|
|
TokenPrefix = "Bearer "
|
|
)
|
|
|
|
// 白名单路径 (不需要登录即可访问)
|
|
var whiteList = []string{
|
|
"/api/auth/login",
|
|
"/api/auth/register",
|
|
"/swagger/",
|
|
}
|
|
|
|
// AuthMiddleware 登录鉴权中间件
|
|
// 类似Java中的Shiro Filter
|
|
func AuthMiddleware() gin.HandlerFunc {
|
|
userService := service.NewSysUserService()
|
|
|
|
return func(c *gin.Context) {
|
|
path := c.Request.URL.Path
|
|
|
|
// 检查是否在白名单中
|
|
for _, white := range whiteList {
|
|
if strings.HasPrefix(path, white) {
|
|
c.Next()
|
|
return
|
|
}
|
|
}
|
|
|
|
// 获取Token
|
|
token := c.GetHeader(TokenHeader)
|
|
if token == "" {
|
|
common.Error(c, 401, "未登录")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
// 去除Bearer前缀
|
|
token = strings.TrimPrefix(token, TokenPrefix)
|
|
// if strings.HasPrefix(token, TokenPrefix) {
|
|
// token = token[len(TokenPrefix):]
|
|
// }
|
|
|
|
// 验证Token并获取用户信息
|
|
loginUser, err := userService.GetLoginUser(token)
|
|
if err != nil {
|
|
common.Error(c, 401, err.Error())
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
// 将用户信息存入上下文
|
|
c.Set(ContextUserKey, loginUser)
|
|
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
// AddWhiteList 添加白名单路径
|
|
func AddWhiteList(paths ...string) {
|
|
whiteList = append(whiteList, paths...)
|
|
}
|