From a048f45aa30802a6d969d17e256a44de9fd4571a Mon Sep 17 00:00:00 2001
From: denghui <1016848185@qq.com>
Date: Tue, 27 May 2025 15:46:40 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E4=B8=AD=E9=97=B4=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/middleware/auth.go     | 48 +++++++++++++++++++++++++++++++++
 internal/middleware/response.go | 11 ++++++++
 2 files changed, 59 insertions(+)
 create mode 100644 internal/middleware/auth.go
 create mode 100644 internal/middleware/response.go

diff --git a/internal/middleware/auth.go b/internal/middleware/auth.go
new file mode 100644
index 0000000..0b721a0
--- /dev/null
+++ b/internal/middleware/auth.go
@@ -0,0 +1,48 @@
+package middleware
+
+import (
+	"github.com/gogf/gf/v2/net/ghttp"
+	"github.com/gogf/gf/v2/os/glog"
+	"server/utility/ecode"
+	"server/utility/jwt"
+	"strings"
+)
+
+// Auth 是用于权限验证的中间件。
+//
+// 它会从请求头中读取 Authorization 字段，验证 JWT Token 的合法性。
+// 如果请求未携带 Token，则默认赋予 "guest" 权限。
+// 如果 Token 存在且合法，则将用户信息（userId、permission、jti）注入到请求上下文中。
+//
+// Token 应采用 Bearer 方案，例如：
+//
+//	Authorization: Bearer <token>
+//
+// 参数:
+//
+//	r *ghttp.Request - 当前的请求对象，由 ghttp 框架自动注入。
+//
+// 行为:
+//   - 若无 Token：设定 permission 为 guest，放行请求。
+//   - 若 Token 格式非法或解析失败：终止请求并返回错误。
+//   - 若 Token 合法：将用户信息写入上下文，继续执行下一个中间件或处理函数。
+func Auth(r *ghttp.Request) {
+	token := r.Header.Get("Authorization")
+	ctx := r.GetCtx()
+	if token == "" {
+		glog.Infof(ctx, "未登录用户访问: %s %s", r.URL.Path, r.Method)
+		r.SetCtxVar("permission", "guest")
+	} else {
+		if !strings.HasPrefix(token, "Bearer ") {
+			Exit(r, ecode.InvalidOperation.Sub("无效的token格式"))
+		}
+		tokenOut, err := jwt.ParseToken(token)
+		if err != nil {
+			Exit(r, err)
+		}
+		r.SetCtxVar("userId", tokenOut.UserId)
+		r.SetCtxVar("permission", tokenOut.Permission)
+		r.SetCtxVar("jti", tokenOut.JTI)
+	}
+	r.Middleware.Next()
+}
diff --git a/internal/middleware/response.go b/internal/middleware/response.go
new file mode 100644
index 0000000..3d65af1
--- /dev/null
+++ b/internal/middleware/response.go
@@ -0,0 +1,11 @@
+package middleware
+
+import (
+	"github.com/gogf/gf/v2/net/ghttp"
+)
+
+// Response 统一响应中间件
+func Response(r *ghttp.Request) {
+	r.Middleware.Next()
+
+}