Files
infinite-canvas/middleware/admin.go
T
HouYunFei fe3294ed60 feat(auth): 添加用户认证中间件并重构Linux.do登录流程
- 新增UserAuth中间件用于验证用户登录状态和权限
- 移除Linux.do登录中的redirectUri和minimumTrustLevel配置项
- 修改Linux.do登录流程以支持动态构建回调URL
- 将API v1接口组迁移至需要用户认证的路由
- 在远程AI服务调用中添加用户令牌认证
- 修复被封禁用户的认证检查逻辑
- 更新登录重定向函数以处理请求来源
- 添加RequestOrigin函数解析转发的主机和协议头
2026-05-25 12:05:02 +08:00

53 lines
1.3 KiB
Go

package middleware
import (
"net/http"
"strings"
"github.com/basketikun/infinite-canvas/handler"
"github.com/basketikun/infinite-canvas/model"
"github.com/basketikun/infinite-canvas/service"
"github.com/gin-gonic/gin"
)
func AdminAuth(c *gin.Context) {
user, ok := authUser(c)
if !ok || user.Role != model.UserRoleAdmin {
handler.Fail(c.Writer, "未登录或权限不足")
c.Abort()
return
}
c.Request = c.Request.WithContext(service.WithUser(c.Request.Context(), user))
c.Next()
}
func UserAuth(c *gin.Context) {
user, ok := authUser(c)
if !ok || user.Role == model.UserRoleGuest {
handler.Fail(c.Writer, "未登录或权限不足")
c.Abort()
return
}
c.Request = c.Request.WithContext(service.WithUser(c.Request.Context(), user))
c.Next()
}
func OptionalAuth(c *gin.Context) {
if user, ok := authUser(c); ok {
c.Request = c.Request.WithContext(service.WithUser(c.Request.Context(), user))
}
c.Next()
}
func NotFoundJSON(c *gin.Context) {
c.JSON(http.StatusNotFound, gin.H{"code": 1, "data": nil, "msg": "接口不存在"})
}
func authUser(c *gin.Context) (model.AuthUser, bool) {
token := strings.TrimPrefix(c.GetHeader("Authorization"), "Bearer ")
if strings.TrimSpace(token) == "" {
return model.AuthUser{}, false
}
return service.CurrentAuthUser(token)
}