package middleware import ( "net/http" "strings" "x-agents/server/internal/service" "github.com/gin-gonic/gin" ) // CORS 中间件 func CORS() gin.HandlerFunc { return func(c *gin.Context) { c.Header("Access-Control-Allow-Origin", "*") c.Header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS") c.Header("Access-Control-Allow-Headers", "Origin, Content-Type, Authorization") c.Header("Access-Control-Max-Age", "86400") if c.Request.Method == "OPTIONS" { c.AbortWithStatus(http.StatusNoContent) return } c.Next() } } // Recovery 中间件 - 恢复 panic func Recovery() gin.HandlerFunc { return gin.Recovery() } // Auth 认证中间件 func Auth(jwtSecret string) gin.HandlerFunc { return func(c *gin.Context) { // 从 Header 获取 Token authHeader := c.GetHeader("Authorization") if authHeader == "" { c.JSON(http.StatusUnauthorized, gin.H{"error": "authorization header required"}) c.Abort() return } // 解析 Bearer Token parts := strings.SplitN(authHeader, " ", 2) if len(parts) != 2 || parts[0] != "Bearer" { c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid authorization format"}) c.Abort() return } tokenString := parts[1] // 验证 Token authService := service.NewAuthService(jwtSecret, nil) claims, err := authService.ValidateToken(tokenString) if err != nil { c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid token"}) c.Abort() return } // 将用户信息存入上下文 c.Set("user_id", claims["sub"]) c.Set("username", claims["username"]) c.Set("role", claims["role"]) c.Next() } }