feat: add admin auth middleware

2025-04-16 20:26:02 +08:00
parent 4a9836db68
commit 92a070cc81
5 changed files with 34 additions and 13 deletions
--- a/backend/app/http/admin/auth.go
+++ b/backend/app/http/admin/auth.go
@@ -16,10 +16,14 @@ type AuthBody struct {
 	Password string `json:"password" validate:"required"`
 }

+type TokenResponse struct {
+	Token string `json:"token"`
+}
+
 // Login
 // @Router			/v1/admin/auth [post]
 // @Bind body body
-func (ctl *auth) Login(ctx fiber.Ctx, body *AuthBody) (string, error) {
+func (ctl *auth) Login(ctx fiber.Ctx, body *AuthBody) (*TokenResponse, error) {
 	if body.Username == "admin" && body.Password == "xixi@0202" {
 		claim := ctl.jwt.CreateClaims(jwt.BaseClaims{
 			UserID: 1,
@@ -27,9 +31,9 @@ func (ctl *auth) Login(ctx fiber.Ctx, body *AuthBody) (string, error) {

 		token, err := ctl.jwt.CreateToken(claim)
 		if err != nil {
-			return "", err
+			return nil, err
 		}
-		return token, nil
+		return &TokenResponse{Token: token}, nil
 	}
-	return "", fiber.ErrUnauthorized
+	return nil, fiber.ErrUnauthorized
 }
--- a/backend/app/middlewares/mid_auth.go
+++ b/backend/app/middlewares/mid_auth.go
@@ -16,6 +16,18 @@ func (f *Middlewares) Auth(ctx fiber.Ctx) error {
 	}

 	if strings.HasPrefix(ctx.Path(), "/v1/admin/") {
+		token := ctx.Get("Authorization")
+		if token == "" {
+			return ctx.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
+		}
+		jwt, err := f.jwt.Parse(token)
+		if err != nil {
+			return ctx.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
+		}
+		if jwt.UserID != 1 {
+			return ctx.Status(fiber.StatusForbidden).SendString("Forbidden")
+		}
+
 		return ctx.Next()
 	}