AuthMiddleware JWT认证中间件
()
| 76 | |
| 77 | // AuthMiddleware JWT认证中间件 |
| 78 | func AuthMiddleware() gin.HandlerFunc { |
| 79 | return func(c *gin.Context) { |
| 80 | // 如果未启用认证,直接放行 |
| 81 | if !config.AppConfig.AuthEnabled { |
| 82 | c.Next() |
| 83 | return |
| 84 | } |
| 85 | |
| 86 | // 定义公开接口(不需要认证) |
| 87 | publicPaths := []string{ |
| 88 | "/api/auth/login", |
| 89 | "/api/auth/logout", |
| 90 | "/api/health", // 健康检查接口可选择是否需要认证 |
| 91 | } |
| 92 | |
| 93 | // 检查当前路径是否是公开接口 |
| 94 | path := c.Request.URL.Path |
| 95 | for _, p := range publicPaths { |
| 96 | if strings.HasPrefix(path, p) { |
| 97 | c.Next() |
| 98 | return |
| 99 | } |
| 100 | } |
| 101 | |
| 102 | // 获取Authorization头 |
| 103 | authHeader := c.GetHeader("Authorization") |
| 104 | if authHeader == "" { |
| 105 | c.JSON(401, gin.H{ |
| 106 | "error": "未授权:缺少认证令牌", |
| 107 | "code": "AUTH_TOKEN_MISSING", |
| 108 | }) |
| 109 | c.Abort() |
| 110 | return |
| 111 | } |
| 112 | |
| 113 | // 解析Bearer token |
| 114 | const bearerPrefix = "Bearer " |
| 115 | if !strings.HasPrefix(authHeader, bearerPrefix) { |
| 116 | c.JSON(401, gin.H{ |
| 117 | "error": "未授权:令牌格式错误", |
| 118 | "code": "AUTH_TOKEN_INVALID_FORMAT", |
| 119 | }) |
| 120 | c.Abort() |
| 121 | return |
| 122 | } |
| 123 | |
| 124 | tokenString := strings.TrimPrefix(authHeader, bearerPrefix) |
| 125 | |
| 126 | // 验证token |
| 127 | claims, err := util.ValidateToken(tokenString, config.AppConfig.AuthJWTSecret) |
| 128 | if err != nil { |
| 129 | c.JSON(401, gin.H{ |
| 130 | "error": "未授权:令牌无效或已过期", |
| 131 | "code": "AUTH_TOKEN_INVALID", |
| 132 | }) |
| 133 | c.Abort() |
| 134 | return |
| 135 | } |
no test coverage detected