From 505c41e9effeff2db4306e19cb1d8735c5334eb8 Mon Sep 17 00:00:00 2001 From: yanghao05 Date: Fri, 25 Apr 2025 10:08:10 +0800 Subject: [PATCH] feat: adjust route register --- backend/app/http/admin/auth.go | 2 +- backend/app/middlewares/mid_auth.go | 24 ------------------- backend/app/middlewares/mid_auth_admin.go | 28 +++++++++++++++++++++++ backend/app/service/http/http.go | 7 ++++-- 4 files changed, 34 insertions(+), 27 deletions(-) create mode 100644 backend/app/middlewares/mid_auth_admin.go diff --git a/backend/app/http/admin/auth.go b/backend/app/http/admin/auth.go index b1073b2..7f3ca04 100644 --- a/backend/app/http/admin/auth.go +++ b/backend/app/http/admin/auth.go @@ -26,7 +26,7 @@ type TokenResponse struct { func (ctl *auth) Login(ctx fiber.Ctx, body *AuthBody) (*TokenResponse, error) { if body.Username == "admin" && body.Password == "xixi@0202" { claim := ctl.jwt.CreateClaims(jwt.BaseClaims{ - UserID: 1, + UserID: -20140202, }) token, err := ctl.jwt.CreateToken(claim) diff --git a/backend/app/middlewares/mid_auth.go b/backend/app/middlewares/mid_auth.go index b54d1c9..de93ae4 100644 --- a/backend/app/middlewares/mid_auth.go +++ b/backend/app/middlewares/mid_auth.go @@ -11,37 +11,13 @@ import ( ) func (f *Middlewares) Auth(ctx fiber.Ctx) error { - if ctx.Path() == "/v1/admin/auth" { - return ctx.Next() - } - if strings.HasPrefix(ctx.Path(), "/MP_verify_") { return ctx.Next() } - if strings.HasPrefix(ctx.Path(), "/v1/admin/") { - token := ctx.Get("Authorization") - if token == "" { - token = ctx.Query("token") - if token == "" { - return ctx.Status(fiber.StatusUnauthorized).SendString("Unauthorized") - } - } - jwt, err := f.jwt.Parse(token) - if err != nil { - return ctx.Status(fiber.StatusUnauthorized).SendString("Unauthorized") - } - if jwt.UserID != 1 { - return ctx.Status(fiber.StatusForbidden).SendString("Forbidden") - } - - return ctx.Next() - } - if strings.HasPrefix(ctx.Path(), "/auth/") { return ctx.Next() } - return ctx.Next() fullUrl := string(ctx.Request().URI().FullURI()) u, err := url.Parse(fullUrl) diff --git a/backend/app/middlewares/mid_auth_admin.go b/backend/app/middlewares/mid_auth_admin.go new file mode 100644 index 0000000..5c745e4 --- /dev/null +++ b/backend/app/middlewares/mid_auth_admin.go @@ -0,0 +1,28 @@ +package middlewares + +import ( + "github.com/gofiber/fiber/v3" +) + +func (f *Middlewares) AuthAdmin(ctx fiber.Ctx) error { + if ctx.Path() == "/v1/admin/auth" { + return ctx.Next() + } + + token := ctx.Get("Authorization") + if token == "" { + token = ctx.Query("token") + if token == "" { + return ctx.Status(fiber.StatusUnauthorized).SendString("Unauthorized") + } + } + jwt, err := f.jwt.Parse(token) + if err != nil { + return ctx.Status(fiber.StatusUnauthorized).SendString("Unauthorized") + } + if jwt.UserID != -20140202 { + return ctx.Status(fiber.StatusForbidden).SendString("Forbidden") + } + + return ctx.Next() +} diff --git a/backend/app/service/http/http.go b/backend/app/service/http/http.go index 047be72..5e69da4 100644 --- a/backend/app/service/http/http.go +++ b/backend/app/service/http/http.go @@ -86,7 +86,6 @@ func Serve(cmd *cobra.Command, args []string) error { } svc.Http.Engine.Use(errorx.Middleware) svc.Http.Engine.Use(svc.Middlewares.DebugMode) - svc.Http.Engine.Use(svc.Middlewares.Auth) svc.Http.Engine.Use(favicon.New(favicon.Config{ Data: []byte{}, @@ -94,7 +93,11 @@ func Serve(cmd *cobra.Command, args []string) error { group := svc.Http.Engine.Group("") for _, route := range svc.Routes { - route.Register(group) + if route.Name() == "admin" { + route.Register(group.Use(svc.Middlewares.AuthAdmin)) + continue + } + route.Register(group.Use(svc.Middlewares.Auth)) } if err := svc.Job.Start(ctx); err != nil {