add middleware for CORS and mode configuration

fix 操作痕迹可选加密
Merge branch 'main' of https://git.apinb.com/bsm-sdk/core
2025-09-02 10:01:09 +08:00 · 2025-09-01 12:40:23 +08:00 · 2025-08-23 21:17:56 +08:00 · 2025-08-23 21:17:51 +08:00
4 changed files with 49 additions and 13 deletions
--- a/middleware/cors.go
+++ b/middleware/cors.go
@ -0,0 +1,18 @@
+package middleware
+
+import (
+	"github.com/gin-contrib/cors"
+	"github.com/gin-gonic/gin"
+)
+
+func Cors() gin.HandlerFunc {
+	return cors.New(cors.Config{
+		AllowAllOrigins: true,
+		AllowHeaders: []string{
+			"Origin", "Content-Length", "Content-Type", "Workspace", "Request-Id", "Authorization", "Token",
+		},
+		AllowMethods: []string{
+			"GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS",
+		},
+	})
+}
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@ -4,20 +4,20 @@ import (
 	"encoding/json"
 	"log"
 	"net/http"
+	"time"

-	"git.apinb.com/bsm-sdk/core/cache/redis"
 	"git.apinb.com/bsm-sdk/core/crypto/encipher"
 	"git.apinb.com/bsm-sdk/core/errcode"
 	"git.apinb.com/bsm-sdk/core/types"
 	"github.com/gin-gonic/gin"
 )

-func JwtAuth(redis *redis.RedisClient) gin.HandlerFunc {
+func JwtAuth(time_verify bool) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		// 从请求头中获取 Authorization
 		authHeader := c.GetHeader("Authorization")
 		if authHeader == "" {
-			log.Println("获取token异常:", "Authorization header is required")
+			log.Printf("获取token异常:%v\n", "Authorization header is required")
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "Authorization header is required"})
 			c.Abort()
 			return
@ -25,21 +25,22 @@ func JwtAuth(redis *redis.RedisClient) gin.HandlerFunc {
 		// 提取Token
 		claims, err := encipher.ParseTokenAes(authHeader)
 		if err != nil || claims == nil {
-			log.Println("提取token异常:", "Token is required")
+			log.Printf("提取token异常:%v\n", err)
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is required"})
 			c.Abort()
 			return
 		}

-		// 从redis 获取token,判断当前redis 是否为空
-		// tokenKey := fmt.Sprintf("%d-%s-%s", claims.ID, claims.Role, "token")
-		// redisToken := redis.Client.Get(redis.Ctx, tokenKey)
-		// if redisToken.Val() == "" {
-		// 	log.Println("redis异常", "Token status unauthorized")
-		// 	c.JSON(http.StatusUnauthorized, gin.H{"error": "Token status unauthorized"})
-		// 	c.Abort()
-		// 	return
-		// }
+		// 检测是否需要验证token时间
+		if time_verify {
+			// 判断时间claims.ExpiresAt
+			if time.Now().Unix() > claims.ExpiresAt {
+				log.Println("token过期，请重新获取:", "Token has expired")
+				c.JSON(http.StatusUnauthorized, gin.H{"error": "Token has expired"})
+				c.Abort()
+				return
+			}
+		}

 		// 将解析后的 Token 存储到上下文中
 		c.Set("Auth", claims)
--- a/middleware/mode.go
+++ b/middleware/mode.go
@ -0,0 +1,16 @@
+package middleware
+
+import (
+	"git.apinb.com/bsm-sdk/core/env"
+	"git.apinb.com/bsm-sdk/core/vars"
+	"github.com/gin-gonic/gin"
+)
+
+func Mode(app *gin.Engine) {
+	// 设置gin模式
+	if env.Runtime.Mode == vars.RUN_MODE_PROD {
+		gin.SetMode(gin.ReleaseMode)
+	} else {
+		gin.SetMode(gin.DebugMode)
+	}
+}
--- a/oplog/types.go
+++ b/oplog/types.go
@ -9,6 +9,7 @@ type LogItem struct {
 	Level  uint   `json:"level"`
 	Ip     string `json:"ip"`
 	Module string `json:"module"`
+	Encry  bool   `json:"encry"`
 }

 var (
Author	SHA1	Message	Date
yanweidong	2f398c73b3	add middleware for CORS and mode configuration	2025-09-02 10:01:09 +08:00
zhaoxiaorong	cb8e9bad4b	fix 操作痕迹可选加密	2025-09-01 12:40:23 +08:00
zhaoxiaorong	1005e89e4f	Merge branch 'main' of https://git.apinb.com/bsm-sdk/core	2025-08-23 21:17:56 +08:00
zhaoxiaorong	268c7f99c7	fix 取消从redis获取token，改为从token中获取有效时间	2025-08-23 21:17:51 +08:00