biss/Exam_registration
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-04-05. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
master
Exam_registration/internal/middleware/auth.go
bisnsh 3d1d4cf506 init
2026-03-20 21:41:00 +08:00

80 lines
2.0 KiB
Go
Raw Permalink Blame History

package middleware
import (
"exam_registration/pkg/response"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
"github.com/spf13/viper"
"net/http"
"strings"
)
type Claims struct {
UserID uint64 `json:"user_id"`
Username string `json:"username"`
Role string `json:"role"`
jwt.RegisteredClaims
}
func JWT() gin.HandlerFunc {
return func(c *gin.Context) {
authHeader := c.GetHeader("Authorization")
if authHeader == "" {
response.Error(c, response.UNAUTHORIZED, "未授权")
c.Abort()
return
}
parts := strings.SplitN(authHeader, " ", 2)
if !(len(parts) == 2 && parts[0] == "Bearer") {
response.Error(c, response.UNAUTHORIZED, "请求头中 auth 格式有误")
c.Abort()
return
}
tokenString := parts[1]
token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (interface{}, error) {
return []byte(viper.GetString("jwt.secret")), nil
})
if err != nil || !token.Valid {
response.Error(c, response.UNAUTHORIZED, "token 无效或已过期")
c.Abort()
return
}
claims, ok := token.Claims.(*Claims)
if !ok {
response.Error(c, response.UNAUTHORIZED, "无法获取用户信息")
c.Abort()
return
}
c.Set("claims", claims)
c.Set("user_id", claims.UserID)
c.Set("username", claims.Username)
c.Next()
}
}
// Cors 跨域中间件
func Cors() gin.HandlerFunc {
return func(c *gin.Context) {
method := c.Request.Method
origin := c.Request.Header.Get("Origin")
c.Header("Access-Control-Allow-Origin", origin)
c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
c.Header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization")
c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type")
c.Header("Access-Control-Allow-Credentials", "true")
if method == "OPTIONS" {
c.AbortWithStatus(http.StatusNoContent)
return
}
c.Next()
}
}
Reference in New Issue View Git Blame Copy Permalink