git-sync/crawlab
1
0
Fork 0
mirror of https://github.com/crawlab-team/crawlab.git synced 2026-01-21 17:21:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
acccdb65bd459c88ccfaefc9b9ebe2975d775f84
crawlab/backend/middlewares/auth.go
Marvin Zhang acccdb65bd Revert "V0.4.0 imporve error response"
2019-09-03 15:24:26 +08:00

54 lines
1.2 KiB
Go
Raw Blame History

package middlewares
import (
"crawlab/constants"
"crawlab/routes"
"crawlab/services"
"github.com/gin-gonic/gin"
"net/http"
"strings"
)
func AuthorizationMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
// 如果为登录或注册,不用校验
if c.Request.URL.Path == "/login" ||
(c.Request.URL.Path == "/users" && c.Request.Method == "PUT") ||
strings.HasSuffix(c.Request.URL.Path, "download") {
c.Next()
return
}
// 获取token string
tokenStr := c.GetHeader("Authorization")
// 校验token
user, err := services.CheckToken(tokenStr)
// 校验失败,返回错误响应
if err != nil {
c.AbortWithStatusJSON(http.StatusUnauthorized, routes.Response{
Status: "ok",
Message: "unauthorized",
Error: "unauthorized",
})
return
}
// 如果为普通权限,校验请求地址是否符合要求
if user.Role == constants.RoleNormal {
if strings.HasPrefix(strings.ToLower(c.Request.URL.Path), "/users") {
c.AbortWithStatusJSON(http.StatusUnauthorized, routes.Response{
Status: "ok",
Message: "unauthorized",
Error: "unauthorized",
})
return
}
}
// 校验成功
c.Next()
}
}
Reference in New Issue View Git Blame Copy Permalink