f
This commit is contained in:
@@ -1,22 +1,35 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strconv"
|
||||
|
||||
"xingfucha-server/app/main/api/internal/types"
|
||||
"xingfucha-server/app/main/model"
|
||||
"xingfucha-server/common/ctxdata"
|
||||
"xingfucha-server/common/result"
|
||||
"xingfucha-server/common/xerr"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
"github.com/redis/go-redis/v9"
|
||||
"github.com/zeromicro/go-zero/rest/httpx"
|
||||
)
|
||||
|
||||
type UserAuthInterceptorMiddleware struct {
|
||||
UserModel model.UserModel
|
||||
Redis RedisStore
|
||||
}
|
||||
|
||||
func NewUserAuthInterceptorMiddleware(userModel model.UserModel) *UserAuthInterceptorMiddleware {
|
||||
return &UserAuthInterceptorMiddleware{UserModel: userModel}
|
||||
// RedisStore 仅用于封禁状态缓存的只读+写入接口,避免中间件依赖完整 Redis
|
||||
type RedisStore interface {
|
||||
Get(key string) (string, error)
|
||||
Setex(key, value string, seconds int) error
|
||||
}
|
||||
|
||||
func NewUserAuthInterceptorMiddleware(userModel model.UserModel, redisStore RedisStore) *UserAuthInterceptorMiddleware {
|
||||
return &UserAuthInterceptorMiddleware{UserModel: userModel, Redis: redisStore}
|
||||
}
|
||||
|
||||
func (m *UserAuthInterceptorMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
|
||||
@@ -30,15 +43,34 @@ func (m *UserAuthInterceptorMiddleware) Handle(next http.HandlerFunc) http.Handl
|
||||
httpx.Error(w, errors.Wrapf(xerr.NewErrCode(xerr.USER_NEED_BIND_MOBILE), "token解析失败: %v", err))
|
||||
return
|
||||
}
|
||||
user, err := m.UserModel.FindOne(r.Context(), claims.UserId)
|
||||
disabled, err := m.isUserDisabled(r.Context(), w, claims.UserId)
|
||||
if err != nil {
|
||||
httpx.Error(w, errors.Wrapf(xerr.NewErrCode(ErrCodeUnauthorized), "用户不存在: %v", err))
|
||||
return
|
||||
return // 用户不存在时 isUserDisabled 已写响应
|
||||
}
|
||||
if user.Disable == model.UserDisableBanned {
|
||||
httpx.Error(w, xerr.NewErrCode(xerr.USER_DISABLED))
|
||||
if disabled {
|
||||
msg := xerr.MapErrMsg(xerr.USER_DISABLED)
|
||||
httpx.WriteJson(w, http.StatusOK, result.Error(xerr.USER_DISABLED, msg))
|
||||
return
|
||||
}
|
||||
next(w, r)
|
||||
}
|
||||
}
|
||||
|
||||
// isUserDisabled 先查 Redis 封禁缓存,未命中再查 DB 并回写缓存,减少对 DB/模型缓存的轮询
|
||||
func (m *UserAuthInterceptorMiddleware) isUserDisabled(ctx context.Context, w http.ResponseWriter, userID int64) (bool, error) {
|
||||
key := fmt.Sprintf(types.UserDisableCacheKey, userID)
|
||||
val, err := m.Redis.Get(key)
|
||||
if err == nil {
|
||||
return val == "1", nil
|
||||
}
|
||||
if err != redis.Nil {
|
||||
// Redis 异常时降级为查库,不阻塞请求
|
||||
}
|
||||
user, err := m.UserModel.FindOne(ctx, userID)
|
||||
if err != nil {
|
||||
httpx.Error(w, errors.Wrapf(xerr.NewErrCode(ErrCodeUnauthorized), "用户不存在: %v", err))
|
||||
return false, err
|
||||
}
|
||||
_ = m.Redis.Setex(key, strconv.FormatInt(user.Disable, 10), types.UserDisableCacheTTL)
|
||||
return user.Disable == model.UserDisableBanned, nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user