|
|
package middleware |
|
|
|
|
|
import ( |
|
|
"fmt" |
|
|
"net/http" |
|
|
"strconv" |
|
|
"strings" |
|
|
|
|
|
"github.com/gin-gonic/gin" |
|
|
"github.com/golang-jwt/jwt/v5" |
|
|
) |
|
|
|
|
|
// JWTAuth JWT认证中间件 |
|
|
func JWTAuth() gin.HandlerFunc { |
|
|
return func(c *gin.Context) { |
|
|
// 从请求头获取token |
|
|
authHeader := c.GetHeader("Authorization") |
|
|
if authHeader == "" { |
|
|
c.JSON(http.StatusUnauthorized, gin.H{"error": "未提供认证令牌"}) |
|
|
c.Abort() |
|
|
return |
|
|
} |
|
|
|
|
|
// 检查Bearer前缀 |
|
|
if !strings.HasPrefix(authHeader, "Bearer ") { |
|
|
c.JSON(http.StatusUnauthorized, gin.H{"error": "认证令牌格式错误"}) |
|
|
c.Abort() |
|
|
return |
|
|
} |
|
|
|
|
|
// 提取token |
|
|
tokenString := strings.TrimPrefix(authHeader, "Bearer ") |
|
|
|
|
|
// 解析和验证token |
|
|
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { |
|
|
// 验证签名方法 |
|
|
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { |
|
|
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) |
|
|
} |
|
|
// 返回密钥 - 使用配置中的密钥 |
|
|
return []byte("your-secret-key"), nil |
|
|
}) |
|
|
|
|
|
if err != nil { |
|
|
c.JSON(http.StatusUnauthorized, gin.H{"error": "无效的认证令牌"}) |
|
|
c.Abort() |
|
|
return |
|
|
} |
|
|
|
|
|
// 验证token是否有效 |
|
|
if !token.Valid { |
|
|
c.JSON(http.StatusUnauthorized, gin.H{"error": "认证令牌已失效"}) |
|
|
c.Abort() |
|
|
return |
|
|
} |
|
|
|
|
|
// 获取claims |
|
|
claims, ok := token.Claims.(jwt.MapClaims) |
|
|
if !ok { |
|
|
c.JSON(http.StatusUnauthorized, gin.H{"error": "无法解析认证令牌"}) |
|
|
c.Abort() |
|
|
return |
|
|
} |
|
|
|
|
|
// 将用户信息存储到上下文中 |
|
|
c.Set("user_id", claims["user_id"]) |
|
|
c.Set("username", claims["username"]) |
|
|
|
|
|
c.Next() |
|
|
} |
|
|
} |
|
|
|
|
|
// OptionalJWTAuth 可选的JWT认证中间件(不强制要求认证) |
|
|
func OptionalJWTAuth() gin.HandlerFunc { |
|
|
return func(c *gin.Context) { |
|
|
// 获取Authorization头部 |
|
|
authHeader := c.GetHeader("Authorization") |
|
|
if authHeader == "" { |
|
|
// 没有令牌,继续处理请求 |
|
|
c.Next() |
|
|
return |
|
|
} |
|
|
|
|
|
// 检查Bearer前缀 |
|
|
if !strings.HasPrefix(authHeader, "Bearer ") { |
|
|
// 令牌格式错误,继续处理请求(不强制要求) |
|
|
c.Next() |
|
|
return |
|
|
} |
|
|
|
|
|
// 提取令牌 |
|
|
_ = strings.TrimPrefix(authHeader, "Bearer ") |
|
|
|
|
|
// 创建JWT管理器 |
|
|
// jwtManager := jwt.NewJWTManager(config.SecretKey, config.Issuer) // This line was removed as per the new_code |
|
|
|
|
|
// 验证令牌 |
|
|
// claims, err := jwtManager.ValidateToken(tokenString) // This line was removed as per the new_code |
|
|
// if err != nil { // This line was removed as per the new_code |
|
|
// // 令牌无效,继续处理请求(不强制要求) // This line was removed as per the new_code |
|
|
// c.Next() // This line was removed as per the new_code |
|
|
// return // This line was removed as per the new_code |
|
|
// } // This line was removed as per the new_code |
|
|
|
|
|
// 将用户信息存储到上下文中 |
|
|
// if userID, exists := claims["user_id"]; exists { // This block was removed as per the new_code |
|
|
// c.Set("user_id", userID) // This line was removed as per the new_code |
|
|
// } // This block was removed as per the new_code |
|
|
// if username, exists := claims["username"]; exists { // This block was removed as per the new_code |
|
|
// c.Set("username", username) // This line was removed as per the new_code |
|
|
// } // This block was removed as per the new_code |
|
|
// if email, exists := claims["email"]; exists { // This block was removed as per the new_code |
|
|
// c.Set("email", email) // This line was removed as per the new_code |
|
|
// } // This block was removed as per the new_code |
|
|
|
|
|
// 继续处理请求 |
|
|
c.Next() |
|
|
} |
|
|
} |
|
|
|
|
|
// GetUserID 安全地从上下文中获取用户ID |
|
|
func GetUserID(c *gin.Context) uint { |
|
|
userID, exists := c.Get("user_id") |
|
|
if !exists { |
|
|
fmt.Printf("🔍 GetUserID函数开始执行\n") |
|
|
fmt.Printf("❌ GetUserID - user_id不存在于上下文中\n") |
|
|
return 0 |
|
|
} |
|
|
|
|
|
// 根据不同的类型进行安全转换 |
|
|
switch v := userID.(type) { |
|
|
case uint: |
|
|
return v |
|
|
case int: |
|
|
if v < 0 { |
|
|
return 0 |
|
|
} |
|
|
return uint(v) |
|
|
case int64: |
|
|
if v < 0 { |
|
|
return 0 |
|
|
} |
|
|
return uint(v) |
|
|
case float64: |
|
|
if v < 0 || v > float64(^uint(0)) { |
|
|
return 0 |
|
|
} |
|
|
return uint(v) |
|
|
case string: |
|
|
if parsed, err := strconv.ParseUint(v, 10, 64); err == nil { |
|
|
return uint(parsed) |
|
|
} |
|
|
return 0 |
|
|
default: |
|
|
fmt.Printf("⚠️ GetUserID - 未知的用户ID类型: %T, 值: %v\n", v, v) |
|
|
return 0 |
|
|
} |
|
|
} |
|
|
|
|
|
// GetUsername 从上下文中获取用户名 |
|
|
func GetUsername(c *gin.Context) (string, bool) { |
|
|
username, exists := c.Get("username") |
|
|
if !exists { |
|
|
return "", false |
|
|
} |
|
|
if str, ok := username.(string); ok { |
|
|
return str, true |
|
|
} |
|
|
return "", false |
|
|
} |
|
|
|
|
|
// GetEmail 从上下文中获取邮箱 |
|
|
func GetEmail(c *gin.Context) (string, bool) { |
|
|
email, exists := c.Get("email") |
|
|
if !exists { |
|
|
return "", false |
|
|
} |
|
|
if str, ok := email.(string); ok { |
|
|
return str, true |
|
|
} |
|
|
return "", false |
|
|
}
|
|
|
|
