feat: Token生成｜存储｜验证

2026-02-04 12:40:07 +00:00 · 2022-05-18 10:10:35 +08:00
parent 5d356a30e2
commit 990394bf46
6 changed files with 188 additions and 55 deletions
--- a/pkg/mygin/auth.go
+++ b/pkg/mygin/auth.go
@@ -15,6 +15,7 @@ type AuthorizeOption struct {
 	Guest    bool
 	Member   bool
 	IsPage   bool
+	AllowAPI bool
 	Msg      string
 	Redirect string
 	Btn      string
@@ -50,18 +51,20 @@ func Authorize(opt AuthorizeOption) func(*gin.Context) {
 		}

 		// API鉴权
-		apiToken := c.GetHeader("Authorization")
-		if apiToken != "" {
-			var t model.ApiToken
-			// TODO: 需要有缓存机制 减少数据库查询次数
-			if err := singleton.DB.Where("token = ?", apiToken).First(&t).Error; err == nil {
-				isLogin = t.TokenExpired.After(time.Now())
-			}
-			if isLogin {
-				c.Set(model.CtxKeyAuthorizedUser, &t)
+		if opt.AllowAPI {
+			apiToken := c.GetHeader("Authorization")
+			if apiToken != "" {
+				var u model.User
+				if _, ok := singleton.ApiTokenList[apiToken]; ok {
+					err := singleton.DB.First(&u).Where("id = ?", singleton.ApiTokenList[apiToken].UserID).Error
+					isLogin = err == nil
+				}
+				if isLogin {
+					c.Set(model.CtxKeyAuthorizedUser, &u)
+					c.Set("isAPI", true)
+				}
 			}
 		}
-
 		// 已登录且只能游客访问
 		if isLogin && opt.Guest {
 			ShowErrorPage(c, commonErr, opt.IsPage)