loveuer/ushare
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
ef6347a8b438f18a78c48b9a7ec49705120d5ef3
ushare/internal/handler/auth.go
loveuer ef6347a8b4
Some checks are pending
Release Binaries / Build and Release (.exe, amd64, windows, windows-amd64) (push) Waiting to run
Details
Release Binaries / Build and Release (amd64, darwin, darwin-amd64) (push) Waiting to run
Details
Release Binaries / Build and Release (amd64, linux, linux-amd64) (push) Waiting to run
Details
Release Binaries / Build and Release (arm64, darwin, darwin-arm64) (push) Waiting to run
Details
Release Binaries / Build and Release (arm64, linux, linux-arm64) (push) Waiting to run
Details
feat: add token-based API access (v0.6.0) 
- Add Token GORM model with UserID/Name/Token/LastUsedAt/ExpiresAt fields
- Add TokenManager controller: List/Create/Delete/Verify operations
- Add token HTTP handlers: list, create, revoke
- Update AuthVerify to support Bearer token auth; API tokens use "ust_" prefix to distinguish from session tokens
- Add one-step file upload endpoint: PUT /api/v1/upload/:filename (returns {"status":200,"data":{"code":"..."}})
- Add token management routes: GET/POST/DELETE /api/token
- Add /self page: personal center with account info, token management table, and curl usage guide
- Add "个人中心 / API Token" nav link for users with token_manage permission

🤖 Generated with [Qoder][https://qoder.com]
2026-02-28 01:32:08 -08:00

108 lines
2.6 KiB
Go
Raw Blame History

package handler
import (
"fmt"
"net/http"
"strings"
"github.com/loveuer/nf"
"github.com/loveuer/ushare/internal/controller"
"github.com/loveuer/ushare/internal/model"
)
func AuthVerify() nf.HandlerFunc {
tokenFn := func(c *nf.Ctx) (token string) {
if raw := c.Get("Authorization"); raw != "" {
// Strip "Bearer " prefix if present
if strings.HasPrefix(raw, "Bearer ") {
return strings.TrimPrefix(raw, "Bearer ")
}
return raw
}
token = c.Cookies("ushare")
return
}
return func(c *nf.Ctx) error {
token := tokenFn(c)
if token == "" {
return c.Status(http.StatusUnauthorized).JSON(map[string]string{"error": "unauthorized"})
}
var (
session *model.Session
err error
)
// API tokens have the "ust_" prefix; session tokens do not.
if strings.HasPrefix(token, model.TokenPrefix) {
session, err = controller.TokenManager.Verify(token)
} else {
session, err = controller.UserManager.Verify(token)
}
if err != nil {
return c.Status(http.StatusUnauthorized).JSON(map[string]string{"error": "unauthorized", "msg": err.Error()})
}
c.Locals("user", session)
return c.Next()
}
}
func AuthPermission(perm string) nf.HandlerFunc {
return func(c *nf.Ctx) error {
session, ok := c.Locals("user").(*model.Session)
if !ok || session == nil {
return c.Status(http.StatusUnauthorized).JSON(map[string]string{"error": "unauthorized"})
}
for _, p := range session.Permissions {
if p == perm {
return c.Next()
}
}
return c.Status(http.StatusForbidden).JSON(map[string]string{"error": "forbidden", "msg": "权限不足"})
}
}
func AuthMe() nf.HandlerFunc {
return func(c *nf.Ctx) error {
session, ok := c.Locals("user").(*model.Session)
if !ok || session == nil {
return c.Status(http.StatusUnauthorized).JSON(map[string]string{"error": "unauthorized"})
}
return c.Status(http.StatusOK).JSON(map[string]any{"data": session})
}
}
func AuthLogin() nf.HandlerFunc {
return func(c *nf.Ctx) error {
type Req struct {
Username string `json:"username"`
Password string `json:"password"`
}
var (
err error
req Req
session *model.Session
)
if err = c.BodyParser(&req); err != nil {
return c.Status(http.StatusBadRequest).JSON(map[string]string{"msg": "错误的用户名或密码<1>"})
}
if session, err = controller.UserManager.Login(req.Username, req.Password); err != nil {
return c.Status(http.StatusBadRequest).JSON(map[string]string{"msg": err.Error()})
}
header := fmt.Sprintf("ushare=%s; Path=/; Max-Age=%d", session.Token, 8*3600)
c.SetHeader("Set-Cookie", header)
return c.Status(http.StatusOK).JSON(map[string]any{"data": session})
}
}
Reference in New Issue View Git Blame Copy Permalink