| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- package auth
-
- import (
- "net/http"
- "strings"
-
- "github.com/gin-gonic/gin"
-
- "git.x2erp.com/qdy/go-base/config"
- )
-
- func AuthMiddleware() gin.HandlerFunc {
- return func(c *gin.Context) {
- // 从 Header 中获取 token
- authHeader := c.GetHeader("Authorization")
- if authHeader == "" {
- c.JSON(http.StatusUnauthorized, gin.H{
- "success": false,
- "error": "Authorization header is required",
- })
- c.Abort()
- return
- }
-
- // 检查 Bearer token 格式
- parts := strings.Split(authHeader, " ")
- if len(parts) != 2 || parts[0] != "Bearer" {
- c.JSON(http.StatusUnauthorized, gin.H{
- "success": false,
- "error": "Authorization header format must be Bearer {token}",
- })
- c.Abort()
- return
- }
-
- tokenString := parts[1]
- configTokenString := config.GetConfig().GetAuth().Token
-
- // 比较 token 是否相等
- if tokenString != configTokenString {
- c.JSON(http.StatusUnauthorized, gin.H{
- "success": false,
- "error": "Invalid token",
- })
- c.Abort()
- return
- }
-
- // Token 验证通过,可以存储一些上下文信息
- c.Set("authenticated", true)
- c.Set("authType", "token")
-
- c.Next()
- }
- }
|
