CN-JS-HuiBai/SingBox-Gopanel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e7b123ea59a228b95fe477764732e32cd9ce5f58
SingBox-Gopanel/internal/middleware/auth_v2.go
CN-JS-HuiBai e7b123ea59
Some checks failed
build / build (api, amd64, linux) (push) Failing after -49s
Details
build / build (api, arm64, linux) (push) Failing after -51s
Details
build / build (api.exe, amd64, windows) (push) Failing after -51s
Details
修复跨域请求问题
2026-04-17 22:50:46 +08:00

104 lines
2.4 KiB
Go
Raw Blame History

package middleware
import (
"net/http"
"strings"
"xboard-go/internal/database"
"xboard-go/internal/model"
"xboard-go/internal/service"
"xboard-go/pkg/utils"
"github.com/gin-gonic/gin"
)
func Auth() gin.HandlerFunc {
return func(c *gin.Context) {
authHeader := strings.TrimSpace(c.GetHeader("Authorization"))
if authHeader == "" {
c.JSON(http.StatusUnauthorized, gin.H{"message": "unauthorized"})
c.Abort()
return
}
token := authHeader
if strings.HasPrefix(authHeader, "Bearer ") {
token = strings.TrimSpace(strings.TrimPrefix(authHeader, "Bearer "))
} else if strings.Contains(authHeader, " ") {
c.JSON(http.StatusUnauthorized, gin.H{"message": "invalid authorization header"})
c.Abort()
return
}
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{"message": "invalid authorization header"})
c.Abort()
return
}
claims, err := utils.VerifyToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{"message": "token expired or invalid"})
c.Abort()
return
}
if service.IsSessionTokenRevoked(token) {
c.JSON(http.StatusUnauthorized, gin.H{"message": "session has been revoked"})
c.Abort()
return
}
c.Set("user_id", claims.UserID)
c.Set("is_admin", claims.IsAdmin)
c.Set("auth_token", token)
c.Set("session", service.TrackSession(claims.UserID, token, c.ClientIP(), c.GetHeader("User-Agent")))
c.Next()
}
}
func AdminAuth() gin.HandlerFunc {
return func(c *gin.Context) {
userID, exists := c.Get("user_id")
if !exists {
c.JSON(http.StatusUnauthorized, gin.H{"message": "unauthorized"})
c.Abort()
return
}
var user model.User
if err := database.DB.Select("is_admin").First(&user, userID).Error; err != nil || !user.IsAdmin {
c.JSON(http.StatusForbidden, gin.H{"message": "admin access required"})
c.Abort()
return
}
c.Set("is_admin", user.IsAdmin)
c.Next()
}
}
func ClientAuth() gin.HandlerFunc {
return func(c *gin.Context) {
token := c.Query("token")
if token == "" {
token = c.Param("token")
}
if token == "" {
c.JSON(http.StatusForbidden, gin.H{"message": "token is required"})
c.Abort()
return
}
var user model.User
if err := database.DB.Where("token = ?", token).First(&user).Error; err != nil {
c.JSON(http.StatusForbidden, gin.H{"message": "invalid token"})
c.Abort()
return
}
c.Set("user", &user)
c.Set("user_id", user.ID)
c.Set("is_admin", user.IsAdmin)
c.Next()
}
}
Reference in New Issue View Git Blame Copy Permalink