🎨 update

2024-11-05 17:24:11 +08:00
parent a153e0345a
commit 0b22d9800c
16 changed files with 210 additions and 289 deletions
--- a/middleware/casbin.go
+++ b/middleware/casbin.go
@@ -10,7 +10,7 @@ import (

 func CasbinMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		userIdAny, exists := c.Get("userId")
+		userIdAny, exists := c.Get("user_id")
 		if !exists {
 			global.LOG.Error("casbin middleware: userId not found")
 			result.FailWithMessage(ginI18n.MustGetMessage(c, "PermissionDenied"), c)
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@@ -10,17 +10,11 @@ import (
 	"schisandra-cloud-album/common/constant"
 	"schisandra-cloud-album/common/redis"
 	"schisandra-cloud-album/common/result"
+	"schisandra-cloud-album/common/types"
 	"schisandra-cloud-album/global"
 	"schisandra-cloud-album/utils"
 )

-type TokenData struct {
-	AccessToken  string  `json:"access_token"`
-	RefreshToken string  `json:"refresh_token"`
-	ExpiresAt    int64   `json:"expires_at"`
-	UID          *string `json:"uid"`
-}
-
 func JWTAuthMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		// 默认Token放在请求头Authorization的Bearer中，并以空格隔开
@@ -51,7 +45,7 @@ func JWTAuthMiddleware() gin.HandlerFunc {
 			c.Abort()
 			return
 		}
-		tokenResult := TokenData{}
+		tokenResult := types.RedisToken{}
 		err = json.Unmarshal([]byte(token), &tokenResult)
 		if err != nil {
 			result.FailWithCodeAndMessage(403, ginI18n.MustGetMessage(c, "AuthVerifyExpired"), c)
@@ -63,7 +57,13 @@ func JWTAuthMiddleware() gin.HandlerFunc {
 			c.Abort()
 			return
 		}
-		c.Set("userId", parseToken.UserID)
+		uid := utils.GetSession(c, constant.SessionKey).UID
+		if uid != *parseToken.UserID {
+			result.FailWithCodeAndMessage(403, ginI18n.MustGetMessage(c, "AuthVerifyExpired"), c)
+			c.Abort()
+			return
+		}
+		c.Set("user_id", parseToken.UserID)
 		global.DB.Set("user_id", parseToken.UserID) // 全局变量中设置用户ID
 		c.Next()
 	}
--- a/middleware/session_check.go
+++ b/middleware/session_check.go
@@ -1,41 +0,0 @@
-package middleware
-
-import (
-	ginI18n "github.com/gin-contrib/i18n"
-	"github.com/gin-gonic/gin"
-
-	"schisandra-cloud-album/common/constant"
-	"schisandra-cloud-album/common/result"
-	"schisandra-cloud-album/utils"
-)
-
-// SessionCheckMiddleware session检查中间件
-func SessionCheckMiddleware() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		session := utils.GetSession(c, constant.SessionKey)
-		if session == nil {
-			result.FailWithCodeAndMessage(403, ginI18n.MustGetMessage(c, "AuthVerifyExpired"), c)
-			c.Abort()
-			return
-		}
-
-		userIdAny, exists := c.Get("userId")
-		if !exists {
-			result.FailWithCodeAndMessage(403, ginI18n.MustGetMessage(c, "AuthVerifyExpired"), c)
-			c.Abort()
-			return
-		}
-		userId, ok := userIdAny.(*string)
-		if !ok {
-			result.FailWithCodeAndMessage(403, ginI18n.MustGetMessage(c, "AuthVerifyExpired"), c)
-			c.Abort()
-			return
-		}
-		if *userId != *session.UID {
-			result.FailWithCodeAndMessage(403, ginI18n.MustGetMessage(c, "AuthVerifyExpired"), c)
-			c.Abort()
-			return
-		}
-		c.Next()
-	}
-}