xfc_server_V2/app/main/api/internal/middleware/userauthinterceptormiddleware.go

package middleware

import (
	"context"
	"fmt"
	"net/http"
	"strconv"

	"xingfucha-server/app/main/api/internal/types"
	"xingfucha-server/app/main/model"
	"xingfucha-server/common/ctxdata"
	"xingfucha-server/common/result"
	"xingfucha-server/common/xerr"

	"github.com/pkg/errors"
	"github.com/redis/go-redis/v9"
	"github.com/zeromicro/go-zero/rest/httpx"
)

type UserAuthInterceptorMiddleware struct {
	UserModel model.UserModel
	Redis     RedisStore
}

// RedisStore 仅用于封禁状态缓存的只读+写入接口，避免中间件依赖完整 Redis
type RedisStore interface {
	Get(key string) (string, error)
	Setex(key, value string, seconds int) error
}

func NewUserAuthInterceptorMiddleware(userModel model.UserModel, redisStore RedisStore) *UserAuthInterceptorMiddleware {
	return &UserAuthInterceptorMiddleware{UserModel: userModel, Redis: redisStore}
}

func (m *UserAuthInterceptorMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		claims, err := ctxdata.GetClaimsFromCtx(r.Context())
		if err != nil {
			httpx.Error(w, errors.Wrapf(xerr.NewErrCode(ErrCodeUnauthorized), "token解析失败: %v", err))
			return
		}
		if claims.UserType == model.UserTypeTemp {
			httpx.Error(w, errors.Wrapf(xerr.NewErrCode(xerr.USER_NEED_BIND_MOBILE), "token解析失败: %v", err))
			return
		}
		disabled, err := m.isUserDisabled(r.Context(), w, claims.UserId)
		if err != nil {
			return // 用户不存在时 isUserDisabled 已写响应
		}
		if disabled {
			msg := xerr.MapErrMsg(xerr.USER_DISABLED)
			httpx.WriteJson(w, http.StatusOK, result.Error(xerr.USER_DISABLED, msg))
			return
		}
		next(w, r)
	}
}

// isUserDisabled 先查 Redis 封禁缓存，未命中再查 DB 并回写缓存，减少对 DB/模型缓存的轮询
func (m *UserAuthInterceptorMiddleware) isUserDisabled(ctx context.Context, w http.ResponseWriter, userID int64) (bool, error) {
	key := fmt.Sprintf(types.UserDisableCacheKey, userID)
	val, err := m.Redis.Get(key)
	if err == nil {
		return val == "1", nil
	}
	if err != redis.Nil {
		// Redis 异常时降级为查库，不阻塞请求
	}
	user, err := m.UserModel.FindOne(ctx, userID)
	if err != nil {
		httpx.Error(w, errors.Wrapf(xerr.NewErrCode(ErrCodeUnauthorized), "用户不存在: %v", err))
		return false, err
	}
	_ = m.Redis.Setex(key, strconv.FormatInt(user.Disable, 10), types.UserDisableCacheTTL)
	return user.Disable == model.UserDisableBanned, nil
}
first commit 2026-01-30 15:56:38 +08:00			`package middleware`

			`import (`
f 2026-02-04 15:18:37 +08:00			`"context"`
			`"fmt"`
f 2026-02-02 13:15:13 +08:00			`"net/http"`
f 2026-02-04 15:18:37 +08:00			`"strconv"`
f 2026-02-02 13:15:13 +08:00
f 2026-02-04 15:18:37 +08:00			`"xingfucha-server/app/main/api/internal/types"`
first commit 2026-01-30 15:56:38 +08:00			`"xingfucha-server/app/main/model"`
			`"xingfucha-server/common/ctxdata"`
f 2026-02-04 15:18:37 +08:00			`"xingfucha-server/common/result"`
first commit 2026-01-30 15:56:38 +08:00			`"xingfucha-server/common/xerr"`

			`"github.com/pkg/errors"`
f 2026-02-04 15:18:37 +08:00			`"github.com/redis/go-redis/v9"`
first commit 2026-01-30 15:56:38 +08:00			`"github.com/zeromicro/go-zero/rest/httpx"`
			`)`

			`type UserAuthInterceptorMiddleware struct {`
f 2026-02-02 13:15:13 +08:00			`UserModel model.UserModel`
f 2026-02-04 15:18:37 +08:00			`Redis RedisStore`
first commit 2026-01-30 15:56:38 +08:00			`}`

f 2026-02-04 15:18:37 +08:00			`// RedisStore 仅用于封禁状态缓存的只读+写入接口，避免中间件依赖完整 Redis`
			`type RedisStore interface {`
			`Get(key string) (string, error)`
			`Setex(key, value string, seconds int) error`
			`}`

			`func NewUserAuthInterceptorMiddleware(userModel model.UserModel, redisStore RedisStore) *UserAuthInterceptorMiddleware {`
			`return &UserAuthInterceptorMiddleware{UserModel: userModel, Redis: redisStore}`
first commit 2026-01-30 15:56:38 +08:00			`}`

			`func (m *UserAuthInterceptorMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {`
			`return func(w http.ResponseWriter, r *http.Request) {`
			`claims, err := ctxdata.GetClaimsFromCtx(r.Context())`
			`if err != nil {`
			`httpx.Error(w, errors.Wrapf(xerr.NewErrCode(ErrCodeUnauthorized), "token解析失败: %v", err))`
			`return`
			`}`
			`if claims.UserType == model.UserTypeTemp {`
			`httpx.Error(w, errors.Wrapf(xerr.NewErrCode(xerr.USER_NEED_BIND_MOBILE), "token解析失败: %v", err))`
			`return`
			`}`
f 2026-02-04 15:18:37 +08:00			`disabled, err := m.isUserDisabled(r.Context(), w, claims.UserId)`
f 2026-02-02 13:15:13 +08:00			`if err != nil {`
f 2026-02-04 15:18:37 +08:00			`return // 用户不存在时 isUserDisabled 已写响应`
f 2026-02-02 13:15:13 +08:00			`}`
f 2026-02-04 15:18:37 +08:00			`if disabled {`
			`msg := xerr.MapErrMsg(xerr.USER_DISABLED)`
			`httpx.WriteJson(w, http.StatusOK, result.Error(xerr.USER_DISABLED, msg))`
f 2026-02-02 13:15:13 +08:00			`return`
			`}`
first commit 2026-01-30 15:56:38 +08:00			`next(w, r)`
			`}`
			`}`
f 2026-02-04 15:18:37 +08:00
			`// isUserDisabled 先查 Redis 封禁缓存，未命中再查 DB 并回写缓存，减少对 DB/模型缓存的轮询`
			`func (m *UserAuthInterceptorMiddleware) isUserDisabled(ctx context.Context, w http.ResponseWriter, userID int64) (bool, error) {`
			`key := fmt.Sprintf(types.UserDisableCacheKey, userID)`
			`val, err := m.Redis.Get(key)`
			`if err == nil {`
			`return val == "1", nil`
			`}`
			`if err != redis.Nil {`
			`// Redis 异常时降级为查库，不阻塞请求`
			`}`
			`user, err := m.UserModel.FindOne(ctx, userID)`
			`if err != nil {`
			`httpx.Error(w, errors.Wrapf(xerr.NewErrCode(ErrCodeUnauthorized), "用户不存在: %v", err))`
			`return false, err`
			`}`
			`_ = m.Redis.Setex(key, strconv.FormatInt(user.Disable, 10), types.UserDisableCacheTTL)`
			`return user.Disable == model.UserDisableBanned, nil`
			`}`