go-base/middleware/authMiddleware.go

package middleware

import (
	"encoding/json"
	"net/http"
	"strings"
	"time"

	"git.x2erp.com/qdy/go-base/types"
)

// ResponseFormat 响应格式
type ResponseFormat int

const (
	FormatJSON ResponseFormat = iota
	FormatCSV
)

// JWT认证中间件（支持指定响应格式）
func JWTAuthMiddleware(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		// 从Header获取Authorization
		authHeader := r.Header.Get("Authorization")

		// 检查Authorization头是否存在
		if authHeader == "" {
			sendAuthError(w, "Authorization header is required", getResponseFormat(r))
			return
		}

		// 检查Bearer格式
		if !strings.HasPrefix(authHeader, "Bearer ") {
			sendAuthError(w, "Authorization header must start with 'Bearer '", getResponseFormat(r))
			return
		}

		token := strings.TrimPrefix(authHeader, "Bearer ")

		// 验证JWT令牌
		if !isValidToken(token) {
			sendAuthError(w, "Invalid token", getResponseFormat(r))
			return
		}

		// 继续处理请求
		next.ServeHTTP(w, r)
	})
}

// 根据请求路径判断响应格式
func getResponseFormat(r *http.Request) ResponseFormat {
	path := r.URL.Path

	// 判断是否为CSV接口（根据你的路由规则）
	if strings.Contains(path, "/csv") || strings.Contains(path, "/export") {
		return FormatCSV
	}

	// 默认返回JSON格式
	return FormatJSON
}

// 发送认证错误响应（根据格式）
func sendAuthError(w http.ResponseWriter, message string, format ResponseFormat) {
	w.WriteHeader(http.StatusUnauthorized)

	switch format {
	case FormatCSV:
		w.Header().Set("Content-Type", "text/csv")
		w.Write([]byte("error,message\n"))
		w.Write([]byte("unauthorized," + message + "\n"))
	default:
		w.Header().Set("Content-Type", "application/json")
		json.NewEncoder(w).Encode(&types.QueryResult{
			Success: false,
			Error:   message,
			Time:    time.Now().Format(time.RFC3339),
		})
	}
}

// 验证令牌（需要根据实际项目实现）
func isValidToken(token string) bool {
	// TODO: 实现真正的JWT验证逻辑
	// 暂时简化处理
	return token != ""
}