采用中间件授权的方式

2026-04-27 05:24:27 +08:00 · 2025-08-26 10:45:57 +08:00
parent fb76e24c51
commit 728de61bd6
43 changed files with 527 additions and 484 deletions
--- a/api/core/middleware/rate_limit.go
+++ b/api/core/middleware/rate_limit.go
@@ -0,0 +1,43 @@
+package middleware
+
+import (
+	"context"
+	"fmt"
+	"geekai/core/types"
+	"geekai/utils"
+	"net/http"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/go-redis/redis/v8"
+)
+
+// RateLimitEvery 使用 Redis 做固定间隔限流：在 interval 内仅允许一次请求
+// Key 优先使用登录用户ID，若没有则退化为 route + IP
+func RateLimitEvery(redisClient *redis.Client, interval time.Duration) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		keyID := ""
+		if userID, ok := c.Get(types.LoginUserID); ok {
+			keyID = fmt.Sprintf("user:%s", utils.InterfaceToString(userID))
+		} else {
+			keyID = fmt.Sprintf("ip:%s", c.ClientIP())
+		}
+
+		fullPath := c.FullPath()
+		if fullPath == "" {
+			fullPath = c.Request.URL.Path
+		}
+		key := fmt.Sprintf("rl:%s:%s", fullPath, keyID)
+
+		okSet, err := redisClient.SetNX(context.Background(), key, 1, interval).Result()
+		if err != nil {
+			// Redis 异常时放行，避免误伤可用性
+			return
+		}
+		if !okSet {
+			c.JSON(http.StatusTooManyRequests, types.BizVo{Code: types.Failed, Message: "请求过于频繁，请稍后重试"})
+			c.Abort()
+			return
+		}
+	}
+}