quyun/backend/app/middlewares/mid_auth.go

package middlewares

import (
	"net/url"
	"strings"

	"quyun/app/models"

	"github.com/gofiber/fiber/v3"
	"github.com/gofiber/fiber/v3/log"
)

func (f *Middlewares) Auth(ctx fiber.Ctx) error {
	if ctx.Path() == "/v1/admin/auth" {
		return ctx.Next()
	}

	if strings.HasPrefix(ctx.Path(), "/MP_verify_") {
		return ctx.Next()
	}

	if strings.HasPrefix(ctx.Path(), "/v1/admin/") {
		token := ctx.Get("Authorization")
		if token == "" {
			token = ctx.Query("token")
			if token == "" {
				return ctx.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
			}
		}
		jwt, err := f.jwt.Parse(token)
		if err != nil {
			return ctx.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
		}
		if jwt.UserID != 1 {
			return ctx.Status(fiber.StatusForbidden).SendString("Forbidden")
		}

		return ctx.Next()
	}

	if strings.HasPrefix(ctx.Path(), "/auth/") {
		return ctx.Next()
	}
	return ctx.Next()

	fullUrl := string(ctx.Request().URI().FullURI())
	u, err := url.Parse(fullUrl)
	if err != nil {
		return err
	}
	query := u.Query()
	query.Set("redirect", fullUrl)
	u.RawQuery = query.Encode()
	u.Path = "/auth/wechat"
	fullUrl = u.String()

	// check cookie exists
	cookie := ctx.Cookies("token")
	log.Infof("cookie: %s", cookie)
	if cookie == "" {
		log.Infof("auth redirect_uri: %s", fullUrl)
		return ctx.Redirect().To(fullUrl)
	}

	jwt, err := f.jwt.Parse(cookie)
	if err != nil {
		// remove cookie
		ctx.ClearCookie("token")
		return ctx.Redirect().To(fullUrl)
	}

	user, err := models.Users.GetByID(ctx.Context(), jwt.UserID)
	if err != nil {
		// remove cookie
		ctx.ClearCookie("token")
		return ctx.Redirect().To(fullUrl)
	}
	ctx.Locals("user", user)

	return ctx.Next()
}