snowykami/neo-blog
1
0
Fork 0
mirror of https://github.com/snowykami/neo-blog.git synced 2025-09-05 16:56:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor user service methods, implement OIDC login and user management features, and enhance token handling

Browse Source
This commit is contained in:
远野千束
2025-07-22 20:45:05 +08:00
parent f07200b0b9
commit cbe73121f2
17 changed files with 655 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
internal/middleware/auth.go
View File

@ -3,10 +3,53 @@ package middleware
import (
"context"
"github.com/cloudwego/hertz/pkg/app"
"github.com/snowykami/neo-blog/internal/ctxutils"
"github.com/snowykami/neo-blog/internal/repo"
"github.com/snowykami/neo-blog/pkg/constant"
"github.com/snowykami/neo-blog/pkg/resps"
"github.com/snowykami/neo-blog/pkg/utils"
"time"
)
func UseAuth() app.HandlerFunc {
return func(ctx context.Context, c *app.RequestContext) {
// TODO: Implement authentication logic here
// For cookie
token := string(c.Cookie("token"))
refreshToken := string(c.Cookie("refresh_token"))
tokenClaims, err := utils.Jwt.ParseJsonWebTokenWithoutState(token)
if err == nil && tokenClaims != nil {
ctx = context.WithValue(ctx, "user_id", tokenClaims.UserID)
c.Next(ctx)
return
}
// token 失效 使用refresh token重新签发和鉴权
refreshTokenClaims, err := utils.Jwt.ParseJsonWebTokenWithoutState(refreshToken)
if err == nil && refreshTokenClaims != nil {
ok, err := isStatefulJwtValid(refreshTokenClaims)
if err == nil && ok {
ctx = context.WithValue(ctx, "user_id", refreshTokenClaims.UserID) // 修改这里使用refreshTokenClaims
c.Next(ctx)
newTokenClaims := utils.Jwt.NewClaims(refreshTokenClaims.UserID, refreshTokenClaims.SessionKey, refreshTokenClaims.Stateful, time.Duration(utils.Env.GetAsInt(constant.EnvKeyRefreshTokenDuration, 30)*int(time.Hour)))
newToken, err := newTokenClaims.ToString()
if err == nil {
ctxutils.SetTokenCookie(c, newToken)
} else {
resps.InternalServerError(c, resps.ErrInternalServerError)
}
return
}
}
// 所有认证方式都失败,返回未授权错误
resps.UnAuthorized(c, resps.ErrUnauthorized)
c.Abort()
}
}
func isStatefulJwtValid(claims *utils.Claims) (bool, error) {
if !claims.Stateful {
return true, nil
}
return repo.Session.IsSessionValid(claims.SessionKey)
}