feat: 接口身份认证白名单

2023-12-01 17:22:32 +08:00
parent 31d50c1fc7
commit e8d1d0470f
1 changed files with 21 additions and 1 deletions
--- a/src/framework/middleware/pre_authorize.go
+++ b/src/framework/middleware/pre_authorize.go
@@ -1,6 +1,8 @@
 package middleware
 import (
 	"strings"
 	AdminConstants "ems.agt/src/framework/constants/admin"
 	commonConstants "ems.agt/src/framework/constants/common"
 	"ems.agt/src/framework/i18n"
@@ -11,6 +13,9 @@ import (
 	"github.com/gin-gonic/gin"
 )
 /**无Token可访问白名单 */
 var URL_WHITE_LIST = []string{"/performanceManagement", "/faultManagement"}
 // PreAuthorize 用户身份授权认证校验
 //
 // 只需含有其中角色 "hasRoles": {"xxx"},
@@ -24,6 +29,21 @@ func PreAuthorize(options map[string][]string) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		language := ctxUtils.AcceptLanguage(c)
 		requestURI := c.Request.RequestURI
 		// 判断白名单
 		isWhite := false
 		for _, w := range URL_WHITE_LIST {
 			if strings.Contains(requestURI, w) {
 				isWhite = true
 				break
 			}
 		}
 		if isWhite {
 			c.Next()
 			return
 		}
 		// 获取请求头标识信息
 		tokenStr := ctxUtils.Authorization(c)
 		if tokenStr == "" {
@@ -61,7 +81,7 @@ func PreAuthorize(options map[string][]string) gin.HandlerFunc {
 			perms := loginUser.Permissions
 			verifyOk := verifyRolePermission(roles, perms, options)
 			if !verifyOk {
-				msg := i18n.TTemplate(language, "app.common.err403", map[string]any{"method": c.Request.Method, "requestURI": c.Request.RequestURI})
+				msg := i18n.TTemplate(language, "app.common.err403", map[string]any{"method": c.Request.Method, "requestURI": requestURI})
 				c.JSON(403, result.CodeMsg(403, msg))
 				c.Abort() // 停止执行后续的处理函数
 				return