Files
Wormhole/internal/api/middleware.go
T
rose_cat707 612d68f56f feat: Wormhole 内网穿透与反向代理网关
Go + Vue 管理台,SQLite 持久化;支持隧道/域名穿透、域名转发插件链、访客认证、
IP 规则、API Key、Docker 单镜像部署;配置通过 Web 系统设置管理,无需 YAML 文件。

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-23 12:15:02 +08:00

57 lines
1.3 KiB
Go

package api
import (
"net/http"
"github.com/gin-gonic/gin"
"github.com/wormhole/wormhole/internal/auth"
"github.com/wormhole/wormhole/internal/store"
)
func (s *Server) authMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
if key := c.GetHeader("X-API-Key"); key != "" {
user, err := s.store.ValidateAPIKey(key)
if err != nil {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "invalid api key"})
return
}
c.Set("claims", &auth.Claims{
UserID: user.ID,
Username: user.Username,
Role: user.Role,
})
c.Set("auth_via", "apikey")
c.Next()
return
}
token := c.GetHeader("Authorization")
if len(token) > 7 && token[:7] == "Bearer " {
token = token[7:]
} else {
token = c.Query("token")
}
if token == "" {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "unauthorized"})
return
}
claims, err := s.auth.ParseToken(token)
if err != nil {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "invalid token"})
return
}
c.Set("claims", claims)
c.Set("auth_via", "jwt")
c.Next()
}
}
func pageParams(c *gin.Context) store.PageParams {
return store.ParsePageQuery(
c.DefaultQuery("page", "1"),
c.DefaultQuery("page_size", "20"),
c.Query("q"),
)
}