:toda:

2024-07-05 14:41:35 +08:00
commit 1f7f57ec9f
70 changed files with 4923 additions and 0 deletions
--- a/http/middleware/authorization.go
+++ b/http/middleware/authorization.go
@@ -0,0 +1,57 @@
+package middleware
+
+import (
+	"github.com/gin-gonic/gin"
+	"strings"
+	"wireguard-ui/component"
+	"wireguard-ui/global/constant"
+	"wireguard-ui/http/response"
+	"wireguard-ui/service"
+	"wireguard-ui/utils"
+)
+
+// Authorization
+// @description: 授权中间件
+// @return gin.HandlerFunc
+func Authorization() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		token := c.GetHeader("Authorization")
+		if token == "" || !strings.HasPrefix(token, "Bearer ") {
+			response.R(c).AuthorizationFailed("未登陆")
+			c.Abort()
+			return
+		}
+
+		userClaims, err := component.JWT().ParseToken(token)
+		if err != nil {
+			response.R(c).AuthorizationFailed("未登陆")
+			c.Abort()
+			return
+		}
+
+		// 如果token的颁发者与请求的站点不一致，则直接给它狗日的丢出去
+		if userClaims.Issuer != utils.WebSite().GetHost(c.Request.Header.Get("Referer")) {
+			response.R(c).AuthorizationFailed("未登陆")
+			c.Abort()
+			return
+		}
+
+		// 查询用户
+		user, err := service.User().GetUserById(userClaims.ID)
+		if err != nil {
+			response.R(c).FailedWithError("用户不存在")
+			c.Abort()
+			return
+		}
+
+		if user.Status != constant.Enabled {
+			response.R(c).FailedWithError("用户状态异常，请联系管理员处理！")
+			c.Abort()
+			return
+		}
+
+		// 将用户信息放入上下文
+		c.Set("user", &user)
+		c.Next()
+	}
+}