pending

backend/app/middlewares/middlewares.go

@@ -5,9 +5,13 @@ import (
 	"quyun/v2/providers/jwt"
 )
 
+// Middlewares provides reusable Fiber middlewares shared across modules.
+//
 // @provider
 type Middlewares struct {
+	// log is the module logger injected by the framework.
 	log *log.Entry `inject:"false"`
+	// jwt is the JWT provider used by auth-related middlewares.
 	jwt *jwt.JWT
 }
 

backend/app/middlewares/tenant.go

@@ -1,6 +1,7 @@
 package middlewares
 
 import (
+	"go.ipao.vip/atom/container"
 	"quyun/v2/app/errorx"
 	"quyun/v2/app/services"
 	"quyun/v2/database/models"
@@ -8,7 +9,6 @@ import (
 	"quyun/v2/providers/jwt"
 
 	"github.com/gofiber/fiber/v3"
-	"github.com/sirupsen/logrus"
 )
 
 func (f *Middlewares) TenantResolve(c fiber.Ctx) error {
@@ -19,9 +19,15 @@ func (f *Middlewares) TenantResolve(c fiber.Ctx) error {
 
 	tenantModel, err := services.Tenant.FindByCode(c, tenantCode)
 	if err != nil {
+		f.log.WithField("tenant_code", tenantCode).WithError(err).Warn("middlewares.tenant.resolve.failed")
 		return err
 	}
 
+	f.log.WithFields(map[string]any{
+		"tenant_id":   tenantModel.ID,
+		"tenant_code": tenantCode,
+	}).Info("middlewares.tenant.resolve.ok")
+
 	c.Locals(consts.CtxKeyTenant, tenantModel)
 	return c.Next()
 }
@@ -29,12 +35,24 @@ func (f *Middlewares) TenantResolve(c fiber.Ctx) error {
 func (f *Middlewares) TenantAuth(c fiber.Ctx) error {
 	authHeader := c.Get(jwt.HttpHeader)
 	if authHeader == "" {
+		f.log.Info("middlewares.tenant.auth.missing_token")
 		return errorx.ErrTokenMissing
 	}
-	logrus.Infof("Token: %s", authHeader)
 
-	claims, err := f.jwt.Parse(authHeader)
+	jwtProvider := f.jwt
+	if jwtProvider == nil {
+		if err := container.Container.Invoke(func(j *jwt.JWT) {
+			jwtProvider = j
+			f.jwt = j
+		}); err != nil {
+			f.log.WithError(err).Error("middlewares.tenant.auth.jwt_provider_missing")
+			return errorx.ErrInternalError.WithMsg("jwt provider missing")
+		}
+	}
+
+	claims, err := jwtProvider.Parse(authHeader)
 	if err != nil {
+		f.log.WithError(err).Warn("middlewares.tenant.auth.invalid_token")
 		switch err {
 		case jwt.TokenExpired:
 			return errorx.ErrTokenExpired
@@ -45,9 +63,14 @@ func (f *Middlewares) TenantAuth(c fiber.Ctx) error {
 		}
 	}
 	if claims.UserID == 0 {
+		f.log.Warn("middlewares.tenant.auth.missing_user_id")
 		return errorx.ErrTokenInvalid
 	}
 
+	f.log.WithFields(map[string]any{
+		"user_id": claims.UserID,
+	}).Info("middlewares.tenant.auth.ok")
+
 	c.Locals(consts.CtxKeyClaims, claims)
 	return c.Next()
 }
@@ -55,24 +78,36 @@ func (f *Middlewares) TenantAuth(c fiber.Ctx) error {
 func (f *Middlewares) TenantRequireMember(c fiber.Ctx) error {
 	tenantModel, ok := c.Locals(consts.CtxKeyTenant).(*models.Tenant)
 	if !ok || tenantModel == nil {
+		f.log.Error("middlewares.tenant.require_member.missing_tenant_context")
 		return errorx.ErrInternalError.WithMsg("tenant context missing")
 	}
 
 	claims, ok := c.Locals(consts.CtxKeyClaims).(*jwt.Claims)
 	if !ok || claims == nil {
+		f.log.Error("middlewares.tenant.require_member.missing_claims_context")
 		return errorx.ErrInternalError.WithMsg("claims context missing")
 	}
 
 	tenantUser, err := services.Tenant.FindTenantUser(c, tenantModel.ID, claims.UserID)
 	if err != nil {
+		f.log.WithFields(map[string]any{
+			"tenant_id": tenantModel.ID,
+			"user_id":   claims.UserID,
+		}).WithError(err).Warn("middlewares.tenant.require_member.denied")
 		return errorx.ErrPermissionDenied.WithMsg("不属于该租户")
 	}
 
 	userModel, err := services.User.FindByID(c, claims.UserID)
 	if err != nil {
+		f.log.WithField("user_id", claims.UserID).WithError(err).Warn("middlewares.tenant.require_member.load_user_failed")
 		return err
 	}
 
+	f.log.WithFields(map[string]any{
+		"tenant_id": tenantModel.ID,
+		"user_id":   claims.UserID,
+	}).Info("middlewares.tenant.require_member.ok")
+
 	c.Locals(consts.CtxKeyTenantUser, tenantUser)
 	c.Locals(consts.CtxKeyUser, userModel)
 	return c.Next()