61 lines
1.5 KiB
Go
61 lines
1.5 KiB
Go
package api
|
||
|
||
import (
|
||
"net/http"
|
||
"strings"
|
||
|
||
"github.com/gin-gonic/gin"
|
||
)
|
||
|
||
// AuthMiddleware JWT认证中间件
|
||
func AuthMiddleware() gin.HandlerFunc {
|
||
return func(c *gin.Context) {
|
||
// 获取Authorization头
|
||
authHeader := c.GetHeader("Authorization")
|
||
if authHeader == "" {
|
||
c.JSON(http.StatusUnauthorized, gin.H{
|
||
"code": 401,
|
||
"message": "Authorization header is required",
|
||
})
|
||
c.Abort()
|
||
return
|
||
}
|
||
|
||
// 检查Bearer token格式
|
||
tokenString := strings.TrimPrefix(authHeader, "Bearer ")
|
||
if tokenString == authHeader {
|
||
c.JSON(http.StatusUnauthorized, gin.H{
|
||
"code": 401,
|
||
"message": "Invalid authorization header format",
|
||
})
|
||
c.Abort()
|
||
return
|
||
}
|
||
|
||
// TODO: 验证JWT token
|
||
// 这里应该验证token的有效性,解析用户信息等
|
||
// 暂时跳过验证,直接放行
|
||
|
||
// 设置用户ID到上下文中(示例)
|
||
c.Set("user_id", "example_user_id")
|
||
|
||
c.Next()
|
||
}
|
||
}
|
||
|
||
// CORSMiddleware CORS中间件
|
||
func CORSMiddleware() gin.HandlerFunc {
|
||
return func(c *gin.Context) {
|
||
c.Header("Access-Control-Allow-Origin", "*")
|
||
c.Header("Access-Control-Allow-Credentials", "true")
|
||
c.Header("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
|
||
c.Header("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE")
|
||
|
||
if c.Request.Method == "OPTIONS" {
|
||
c.AbortWithStatus(204)
|
||
return
|
||
}
|
||
|
||
c.Next()
|
||
}
|
||
} |