huxunan/gitpm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
885fad6c641f6a73e1fb71b2345df3b28b5f0828
gitpm/internal/middleware/auth.go
huxunan 885fad6c64 Initial commit: Gitea Project Management System 
Features:
- Complete project management system with Epic/Story/Task hierarchy
- Vue.js 3 + Element Plus frontend with kanban board
- Go backend with Gin framework and GORM
- OAuth2 integration with Gitea
- Docker containerization with MySQL
- RESTful API for project, task, and user management
- JWT authentication and authorization
- Responsive web interface with dashboard
2025-09-22 14:53:53 +08:00

93 lines
1.9 KiB
Go
Raw Blame History

package middleware
import (
"net/http"
"strings"
"giteapm/config"
"giteapm/internal/models"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
)
type Claims struct {
UserID uint `json:"user_id"`
Username string `json:"username"`
Role string `json:"role"`
jwt.RegisteredClaims
}
func AuthMiddleware(cfg *config.Config) gin.HandlerFunc {
return func(c *gin.Context) {
tokenString := c.GetHeader("Authorization")
if tokenString == "" {
c.JSON(http.StatusUnauthorized, gin.H{"error": "缺少授权令牌"})
c.Abort()
return
}
if strings.HasPrefix(tokenString, "Bearer ") {
tokenString = tokenString[7:]
}
token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (interface{}, error) {
return []byte(cfg.JWT.Secret), nil
})
if err != nil || !token.Valid {
c.JSON(http.StatusUnauthorized, gin.H{"error": "无效的授权令牌"})
c.Abort()
return
}
claims, ok := token.Claims.(*Claims)
if !ok {
c.JSON(http.StatusUnauthorized, gin.H{"error": "无效的令牌格式"})
c.Abort()
return
}
user, err := models.GetUserByID(claims.UserID)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{"error": "用户不存在"})
c.Abort()
return
}
c.Set("user", user)
c.Set("user_id", claims.UserID)
c.Set("username", claims.Username)
c.Set("role", claims.Role)
c.Next()
}
}
func RequireRole(roles ...string) gin.HandlerFunc {
return func(c *gin.Context) {
userRole, exists := c.Get("role")
if !exists {
c.JSON(http.StatusForbidden, gin.H{"error": "无法获取用户角色"})
c.Abort()
return
}
for _, role := range roles {
if userRole == role {
c.Next()
return
}
}
c.JSON(http.StatusForbidden, gin.H{"error": "权限不足"})
c.Abort()
}
}
func GetCurrentUser(c *gin.Context) (*models.User, error) {
user, exists := c.Get("user")
if !exists {
return nil, jwt.ErrTokenMalformed
}
return user.(*models.User), nil
}
Reference in New Issue View Git Blame Copy Permalink