git-sync/crawlab
1
0
Fork 0
mirror of https://github.com/crawlab-team/crawlab.git synced 2026-01-22 17:31:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
08fd04e72bc1c19f48302d46fc1e19e5b571eec4
crawlab/backend/middlewares/auth.go
yaziming 5e2b3ca228 Revert "Revert "V0.4.0 imporve error response"" 
This reverts commit acccdb65bd.
2019-09-04 20:41:37 +08:00

55 lines
1.2 KiB
Go
Raw Blame History

package middlewares
import (
"crawlab/constants"
"crawlab/routes"
"crawlab/services"
"github.com/gin-gonic/gin"
"net/http"
"strings"
)
func AuthorizationMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
// 如果为登录或注册,不用校验
//if c.Request.URL.Path == "/login" ||
// (c.Request.URL.Path == "/users" && c.Request.Method == "PUT") ||
// strings.HasSuffix(c.Request.URL.Path, "download") {
// c.Next()
// return
//}
// 获取token string
tokenStr := c.GetHeader("Authorization")
// 校验token
user, err := services.CheckToken(tokenStr)
// 校验失败,返回错误响应
if err != nil {
c.AbortWithStatusJSON(http.StatusUnauthorized, routes.Response{
Status: "ok",
Message: "unauthorized",
Error: "unauthorized",
})
return
}
// 如果为普通权限,校验请求地址是否符合要求
if user.Role == constants.RoleNormal {
if strings.HasPrefix(strings.ToLower(c.Request.URL.Path), "/users") {
c.AbortWithStatusJSON(http.StatusUnauthorized, routes.Response{
Status: "ok",
Message: "unauthorized",
Error: "unauthorized",
})
return
}
}
c.Set(constants.ContextUser, &user)
// 校验成功
c.Next()
}
}
Reference in New Issue View Git Blame Copy Permalink