feat: 接口身份认证白名单

2023-12-01 17:22:32 +08:00
parent 31d50c1fc7
commit e8d1d0470f
1 changed files with 21 additions and 1 deletions
--- a/src/framework/middleware/pre_authorize.go
+++ b/src/framework/middleware/pre_authorize.go
@@ -1,6 +1,8 @@
 package middleware

 import (
+	"strings"
+
 	AdminConstants "ems.agt/src/framework/constants/admin"
 	commonConstants "ems.agt/src/framework/constants/common"
 	"ems.agt/src/framework/i18n"
@@ -11,6 +13,9 @@ import (
 	"github.com/gin-gonic/gin"
 )

+/**无Token可访问白名单 */
+var URL_WHITE_LIST = []string{"/performanceManagement", "/faultManagement"}
+
 // PreAuthorize 用户身份授权认证校验
 //
 // 只需含有其中角色 "hasRoles": {"xxx"},
@@ -24,6 +29,21 @@ func PreAuthorize(options map[string][]string) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		language := ctxUtils.AcceptLanguage(c)

+		requestURI := c.Request.RequestURI
+
+		// 判断白名单
+		isWhite := false
+		for _, w := range URL_WHITE_LIST {
+			if strings.Contains(requestURI, w) {
+				isWhite = true
+				break
+			}
+		}
+		if isWhite {
+			c.Next()
+			return
+		}
+
 		// 获取请求头标识信息
 		tokenStr := ctxUtils.Authorization(c)
 		if tokenStr == "" {
@@ -61,7 +81,7 @@ func PreAuthorize(options map[string][]string) gin.HandlerFunc {
 			perms := loginUser.Permissions
 			verifyOk := verifyRolePermission(roles, perms, options)
 			if !verifyOk {
-				msg := i18n.TTemplate(language, "app.common.err403", map[string]any{"method": c.Request.Method, "requestURI": c.Request.RequestURI})
+				msg := i18n.TTemplate(language, "app.common.err403", map[string]any{"method": c.Request.Method, "requestURI": requestURI})
 				c.JSON(403, result.CodeMsg(403, msg))
 				c.Abort() // 停止执行后续的处理函数
 				return