Spaces:
Paused
Paused
| package api | |
| import ( | |
| "augment2api/config" | |
| "augment2api/pkg/logger" | |
| "fmt" | |
| "net/http" | |
| "strings" | |
| "github.com/gin-gonic/gin" | |
| ) | |
| // AuthMiddleware 验证请求的Authorization header | |
| func AuthMiddleware() gin.HandlerFunc { | |
| return func(c *gin.Context) { | |
| // 如果未设置 AuthToken,则不启用鉴权 | |
| if config.AppConfig.AuthToken == "" { | |
| c.Next() | |
| return | |
| } | |
| authHeader := c.GetHeader("Authorization") | |
| if authHeader == "" { | |
| logger.Log.Error("Authorization is empty") | |
| c.JSON(http.StatusUnauthorized, gin.H{"error": "Authorization header is required"}) | |
| c.Abort() | |
| return | |
| } | |
| // 支持 "Bearer <token>" 格式 | |
| token := strings.TrimPrefix(authHeader, "Bearer ") | |
| token = strings.TrimSpace(token) | |
| if token != config.AppConfig.AuthToken { | |
| logger.Log.Error(fmt.Sprintf("Invalid authorization token:%s", token)) | |
| c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid authorization token"}) | |
| c.Abort() | |
| return | |
| } | |
| c.Next() | |
| } | |
| } | |