Files
X-Agents/server/internal/middleware/auth.go

72 lines
1.6 KiB
Go
Raw Normal View History

package middleware
import (
"net/http"
"strings"
"x-agents/server/internal/service"
"github.com/gin-gonic/gin"
)
// CORS 中间件
func CORS() gin.HandlerFunc {
return func(c *gin.Context) {
c.Header("Access-Control-Allow-Origin", "*")
c.Header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
c.Header("Access-Control-Allow-Headers", "Origin, Content-Type, Authorization")
c.Header("Access-Control-Max-Age", "86400")
if c.Request.Method == "OPTIONS" {
c.AbortWithStatus(http.StatusNoContent)
return
}
c.Next()
}
}
// Recovery 中间件 - 恢复 panic
func Recovery() gin.HandlerFunc {
return gin.Recovery()
}
// Auth 认证中间件
func Auth(jwtSecret string) gin.HandlerFunc {
return func(c *gin.Context) {
// 从 Header 获取 Token
authHeader := c.GetHeader("Authorization")
if authHeader == "" {
c.JSON(http.StatusUnauthorized, gin.H{"error": "authorization header required"})
c.Abort()
return
}
// 解析 Bearer Token
parts := strings.SplitN(authHeader, " ", 2)
if len(parts) != 2 || parts[0] != "Bearer" {
c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid authorization format"})
c.Abort()
return
}
tokenString := parts[1]
// 验证 Token
authService := service.NewAuthService(jwtSecret, nil)
claims, err := authService.ValidateToken(tokenString)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid token"})
c.Abort()
return
}
// 将用户信息存入上下文
c.Set("user_id", claims["sub"])
c.Set("username", claims["username"])
c.Set("role", claims["role"])
c.Next()
}
}