From 4704cf6949ca562917a0b5c21dbcbd2f5d652d53 Mon Sep 17 00:00:00 2001
From: Rogee <rogee@ipao.vip>
Date: Mon, 22 Dec 2025 12:04:38 +0800
Subject: [PATCH] fix: issues

---
 backend_v1/app/http/posts.go                  | 19 ++++++++++++-------
 .../app/middlewares/mid_auth_frontend.go      |  6 ++++--
 2 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/backend_v1/app/http/posts.go b/backend_v1/app/http/posts.go
index cfe55e7..bd3f300 100644
--- a/backend_v1/app/http/posts.go
+++ b/backend_v1/app/http/posts.go
@@ -186,15 +186,20 @@ func (ctl *posts) Play(ctx fiber.Ctx, post *models.Post, user *models.User) (*Pl
 	// return &PlayUrl{
 	// 	Url: "https://github.com/mediaelement/mediaelement-files/raw/refs/heads/master/big_buck_bunny.mp4",
 	// }, nil
-
-	preview := true
-	bought, err := services.Users.HasBought(ctx, user.ID, post.ID)
-	if err != nil {
-		preview = false
+	if post.Status != fields.PostStatusPublished {
+		return nil, fiber.ErrNotFound
 	}
 
-	if bought {
-		preview = false
+	preview := true
+	if user != nil {
+		bought, err := services.Users.HasBought(ctx, user.ID, post.ID)
+		if err != nil {
+			preview = false
+		}
+
+		if bought {
+			preview = false
+		}
 	}
 
 	log.Infof("Fetching play URL for post ID: %d", post.ID)
diff --git a/backend_v1/app/middlewares/mid_auth_frontend.go b/backend_v1/app/middlewares/mid_auth_frontend.go
index c5e16d9..9db03b7 100644
--- a/backend_v1/app/middlewares/mid_auth_frontend.go
+++ b/backend_v1/app/middlewares/mid_auth_frontend.go
@@ -22,7 +22,9 @@ func (f *Middlewares) AuthFrontend(ctx fiber.Ctx) error {
 	if strings.HasPrefix(ctx.Path(), "/v1/posts/") && strings.HasSuffix(ctx.Path(), "show") {
 		return ctx.Next()
 	}
-	if strings.HasPrefix(ctx.Path(), "/v1/posts/") && strings.HasSuffix(ctx.Path(), "play") {
+
+	token := ctx.Get("Authorization")
+	if token == "" && strings.HasPrefix(ctx.Path(), "/v1/posts/") && strings.HasSuffix(ctx.Path(), "play") {
 		return ctx.Next()
 	}
 
@@ -47,7 +49,6 @@ func (f *Middlewares) AuthFrontend(ctx fiber.Ctx) error {
 	fullUrl = u.String()
 
 	// 仅使用 Header 的 Bearer Token（前端 localStorage 存储，随请求透传）。
-	token := ctx.Get("Authorization")
 	if token == "" {
 		log.Infof("auth redirect_uri: %s", fullUrl)
 		if ctx.XHR() {
@@ -73,6 +74,7 @@ func (f *Middlewares) AuthFrontend(ctx fiber.Ctx) error {
 	}
 
 	ctx.Locals("user", user)
+	log.Infof("jwt login user id: %d", user.ID)
 
 	return ctx.Next()
 }