raowenlong/ai_english
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d4cfe2b9de48c13a911efe27cb3c3e2bb6770692
ai_english/serve/api/middleware.go

61 lines
1.5 KiB
Go
Raw Normal View History

init
2025-11-17 13:39:05 +08:00
package api
import (
"net/http"
"strings"
"github.com/gin-gonic/gin"
)
// AuthMiddleware JWT认证中间件
func AuthMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
// 获取Authorization头
authHeader := c.GetHeader("Authorization")
if authHeader == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Authorization header is required",
})
c.Abort()
return
}
// 检查Bearer token格式
tokenString := strings.TrimPrefix(authHeader, "Bearer ")
if tokenString == authHeader {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Invalid authorization header format",
})
c.Abort()
return
}
// TODO: 验证JWT token
// 这里应该验证token的有效性解析用户信息等
// 暂时跳过验证,直接放行
// 设置用户ID到上下文中示例
c.Set("user_id", "example_user_id")
c.Next()
}
}
// CORSMiddleware CORS中间件
func CORSMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
c.Header("Access-Control-Allow-Origin", "*")
c.Header("Access-Control-Allow-Credentials", "true")
c.Header("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
c.Header("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE")
if c.Request.Method == "OPTIONS" {
c.AbortWithStatus(204)
return
}
c.Next()
}
}
Reference in New Issue Copy Permalink