feat: user auth.

2026-04-30 19:10:47 +08:00
parent 23d27b4b6e
commit b8dfa150b2
5 changed files with 113 additions and 70 deletions
@@ -35,33 +35,29 @@ func JWTAuth() gin.HandlerFunc {
 			return
 		}

-		role := claims.Role
-		flavorType := claims.FlavorType
-		regionIDs := claims.RegionIDs
-
-		if role == "" || flavorType == "" {
-			var user models.User
-			if err := config.DB.Preload("Regions").First(&user, claims.UserID).Error; err != nil {
-				c.JSON(http.StatusUnauthorized, gin.H{"error": "User not found"})
-				c.Abort()
-				return
-			}
-			if !user.IsActive {
-				c.JSON(http.StatusForbidden, gin.H{"error": "User is disabled"})
-				c.Abort()
-				return
-			}
-			role = user.Role
-			flavorType = user.FlavorType
-			regionIDs = user.RegionIDs()
+		var user models.User
+		if err := config.DB.Preload("Regions").First(&user, claims.UserID).Error; err != nil {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "User not found"})
+			c.Abort()
+			return
+		}
+		if !user.IsActive {
+			c.JSON(http.StatusForbidden, gin.H{"error": "User is disabled"})
+			c.Abort()
+			return
+		}
+		if util.IsTokenRevoked(&user, claims) {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token has been revoked"})
+			c.Abort()
+			return
 		}

 		// 将用户信息存入上下文
 		c.Set("userID", claims.UserID)
 		c.Set("username", claims.Username)
-		c.Set("role", role)
-		c.Set("flavorType", flavorType)
-		c.Set("regionIDs", regionIDs)
+		c.Set("role", user.Role)
+		c.Set("flavorType", user.FlavorType)
+		c.Set("regionIDs", user.RegionIDs())

 		c.Next()
 	}