采用中间件授权的方式

api/handler/admin/admin_handler.go

@@ -11,6 +11,7 @@ import (
 	"context"
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	logger2 "geekai/logger"
@@ -49,14 +50,21 @@ func NewAdminHandler(app *core.AppServer, db *gorm.DB, client *redis.Client, cap
 // RegisterRoutes 注册路由
 func (h *ManagerHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/admin/")
+
+	// 公开接口，不需要授权
 	group.POST("login", h.Login)
 	group.GET("logout", h.Logout)
 	group.GET("session", h.Session)
-	group.GET("list", h.List)
-	group.POST("save", h.Save)
-	group.POST("enable", h.Enable)
-	group.GET("remove", h.Remove)
-	group.POST("resetPass", h.ResetPass)
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+		group.POST("save", h.Save)
+		group.POST("enable", h.Enable)
+		group.GET("remove", h.Remove)
+		group.POST("resetPass", h.ResetPass)
+	}
 }
 
 // Login 登录

api/handler/admin/api_key_handler.go

@@ -10,6 +10,7 @@ package admin
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	"geekai/store/model"
@@ -32,11 +33,16 @@ func NewApiKeyHandler(app *core.AppServer, db *gorm.DB) *ApiKeyHandler {
 
 // RegisterRoutes 注册路由
 func (h *ApiKeyHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/admin/apikey/")
-	group.POST("save", h.Save)
-	group.GET("list", h.List)
-	group.POST("set", h.Set)
-	group.GET("remove", h.Remove)
+	group := h.App.Engine.Group("/api/admin/apiKey/")
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+		group.POST("save", h.Save)
+		group.POST("set", h.Set)
+		group.GET("remove", h.Remove)
+	}
 }
 
 func (h *ApiKeyHandler) Save(c *gin.Context) {

api/handler/admin/chat_app_handler.go

@@ -10,6 +10,7 @@ package admin
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	"geekai/store/model"
@@ -32,12 +33,17 @@ func NewChatAppHandler(app *core.AppServer, db *gorm.DB) *ChatAppHandler {
 
 // RegisterRoutes 注册路由
 func (h *ChatAppHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/admin/role/")
-	group.GET("list", h.List)
-	group.POST("save", h.Save)
-	group.POST("sort", h.Sort)
-	group.POST("set", h.Set)
-	group.GET("remove", h.Remove)
+	group := h.App.Engine.Group("/api/admin/app/")
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+		group.POST("save", h.Save)
+		group.POST("sort", h.Sort)
+		group.POST("set", h.Set)
+		group.GET("remove", h.Remove)
+	}
 }
 
 // Save 创建或者更新某个角色
@@ -184,7 +190,6 @@ func (h *ChatAppHandler) Remove(c *gin.Context) {
 	}
 	res := h.DB.Where("id", id).Delete(&model.ChatRole{})
 	if res.Error != nil {
-		logger.Error("error with update database：", res.Error)
 		resp.ERROR(c, "删除失败！")
 		return
 	}

api/handler/admin/chat_app_type_handler.go

@@ -2,12 +2,14 @@ package admin
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	"geekai/store/model"
 	"geekai/store/vo"
 	"geekai/utils"
 	"geekai/utils/resp"
+
 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
 )
@@ -22,12 +24,17 @@ func NewChatAppTypeHandler(app *core.AppServer, db *gorm.DB) *ChatAppTypeHandler
 
 // RegisterRoutes 注册路由
 func (h *ChatAppTypeHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/admin/app/type")
-	group.POST("save", h.Save)
-	group.GET("list", h.List)
-	group.GET("remove", h.Remove)
-	group.POST("enable", h.Enable)
-	group.POST("sort", h.Sort)
+	group := h.App.Engine.Group("/api/admin/app/type/")
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+		group.POST("save", h.Save)
+		group.GET("remove", h.Remove)
+		group.POST("enable", h.Enable)
+		group.POST("sort", h.Sort)
+	}
 }
 
 // Save 创建或更新App类型

api/handler/admin/chat_handler.go

@@ -9,6 +9,7 @@ package admin
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	"geekai/store/model"
@@ -31,11 +32,16 @@ func NewChatHandler(app *core.AppServer, db *gorm.DB) *ChatHandler {
 // RegisterRoutes 注册路由
 func (h *ChatHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/admin/chat/")
-	group.POST("list", h.List)
-	group.POST("message", h.Messages)
-	group.GET("history", h.History)
-	group.GET("remove", h.RemoveChat)
-	group.GET("message/remove", h.RemoveMessage)
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.POST("list", h.List)
+		group.POST("message", h.Messages)
+		group.GET("history", h.History)
+		group.GET("remove", h.RemoveChat)
+		group.GET("message/remove", h.RemoveMessage)
+	}
 }
 
 type chatItemVo struct {

api/handler/admin/chat_model_handler.go

@@ -10,6 +10,7 @@ package admin
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	"geekai/store/model"
@@ -32,12 +33,17 @@ func NewChatModelHandler(app *core.AppServer, db *gorm.DB) *ChatModelHandler {
 // RegisterRoutes 注册路由
 func (h *ChatModelHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/admin/model/")
-	group.POST("save", h.Save)
-	group.GET("list", h.List)
-	group.POST("set", h.Set)
-	group.POST("sort", h.Sort)
-	group.GET("remove", h.Remove)
-	group.POST("batch-remove", h.BatchRemove)
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+		group.POST("save", h.Save)
+		group.POST("set", h.Set)
+		group.POST("sort", h.Sort)
+		group.GET("remove", h.Remove)
+		group.POST("batch-remove", h.BatchRemove)
+	}
 }
 
 func (h *ChatModelHandler) Save(c *gin.Context) {

api/handler/admin/config_handler.go

@@ -11,6 +11,7 @@ import (
 	"encoding/json"
 	"errors"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	"geekai/service"
@@ -42,12 +43,17 @@ func NewConfigHandler(app *core.AppServer, db *gorm.DB, levelDB *store.LevelDB,
 
 // RegisterRoutes 注册路由
 func (h *ConfigHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/admin/config")
-	group.POST("update", h.Update)
-	group.GET("get", h.Get)
-	group.POST("active", h.Active)
-	group.POST("test", h.Test)
-	group.GET("license", h.GetLicense)
+	group := h.App.Engine.Group("/api/admin/config/")
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.POST("update", h.Update)
+		group.GET("get", h.Get)
+		group.POST("active", h.Active)
+		group.POST("test", h.Test)
+		group.GET("license", h.GetLicense)
+	}
 }
 
 func (h *ConfigHandler) Update(c *gin.Context) {

api/handler/admin/function_handler.go

@@ -9,6 +9,7 @@ package admin
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	"geekai/store/model"
@@ -33,11 +34,16 @@ func NewFunctionHandler(app *core.AppServer, db *gorm.DB) *FunctionHandler {
 // RegisterRoutes 注册路由
 func (h *FunctionHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/admin/function/")
-	group.POST("save", h.Save)
-	group.POST("set", h.Set)
-	group.GET("list", h.List)
-	group.GET("remove", h.Remove)
-	group.GET("token", h.GenToken)
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+		group.POST("save", h.Save)
+		group.POST("set", h.Set)
+		group.GET("remove", h.Remove)
+		group.GET("token", h.GenToken)
+	}
 }
 
 func (h *FunctionHandler) Save(c *gin.Context) {
@@ -129,7 +135,6 @@ func (h *FunctionHandler) GenToken(c *gin.Context) {
 	})
 	tokenString, err := token.SignedString([]byte(h.App.Config.Session.SecretKey))
 	if err != nil {
-		logger.Error("error with generate token", err)
 		resp.ERROR(c)
 		return
 	}

api/handler/admin/image_handler.go

@@ -10,6 +10,7 @@ package admin
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	"geekai/service"
@@ -35,11 +36,16 @@ func NewImageHandler(app *core.AppServer, db *gorm.DB, userService *service.User
 
 // RegisterRoutes 注册路由
 func (h *ImageHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/admin/image")
-	group.POST("/list/mj", h.MjList)
-	group.POST("/list/sd", h.SdList)
-	group.POST("/list/dall", h.DallList)
-	group.GET("/remove", h.Remove)
+	group := h.App.Engine.Group("/api/admin/image/")
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.POST("list/mj", h.MjList)
+		group.POST("list/sd", h.SdList)
+		group.POST("list/dall", h.DallList)
+		group.GET("remove", h.Remove)
+	}
 }
 
 type imageQuery struct {

api/handler/admin/media_handler.go

@@ -10,6 +10,7 @@ package admin
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	"geekai/service"
@@ -35,10 +36,15 @@ func NewMediaHandler(app *core.AppServer, db *gorm.DB, userService *service.User
 
 // RegisterRoutes 注册路由
 func (h *MediaHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/admin/media")
-	group.POST("/suno", h.SunoList)
-	group.POST("/videos", h.Videos)
-	group.GET("/remove", h.Remove)
+	group := h.App.Engine.Group("/api/admin/media/")
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.POST("suno", h.SunoList)
+		group.POST("videos", h.Videos)
+		group.GET("remove", h.Remove)
+	}
 }
 
 type mediaQuery struct {

api/handler/admin/upload_handler.go

@@ -9,6 +9,7 @@ package admin
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/handler"
 	"geekai/service/oss"
 	"geekai/store/model"
@@ -30,7 +31,13 @@ func NewUploadHandler(app *core.AppServer, db *gorm.DB, manager *oss.UploaderMan
 
 // RegisterRoutes 注册路由
 func (h *UploadHandler) RegisterRoutes() {
-	h.App.Engine.POST("/api/admin/upload", h.Upload)
+	group := h.App.Engine.Group("/api/admin/upload/")
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.POST("upload", h.Upload)
+	}
 }
 
 func (h *UploadHandler) Upload(c *gin.Context) {

api/handler/admin/user_handler.go

@@ -10,6 +10,7 @@ package admin
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/handler"
 	"geekai/service"
@@ -19,10 +20,9 @@ import (
 	"geekai/utils/resp"
 	"time"
 
+	"github.com/gin-gonic/gin"
 	"github.com/go-redis/redis/v8"
 	"github.com/golang-jwt/jwt/v5"
-
-	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
 )
 
@@ -39,12 +39,17 @@ func NewUserHandler(app *core.AppServer, db *gorm.DB, licenseService *service.Li
 // RegisterRoutes 注册路由
 func (h *UserHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/admin/user/")
-	group.GET("list", h.List)
-	group.POST("save", h.Save)
-	group.GET("remove", h.Remove)
-	group.GET("loginLog", h.LoginLog)
-	group.GET("genLoginLink", h.GenLoginLink)
-	group.POST("resetPass", h.ResetPass)
+
+	// 需要管理员授权的接口
+	group.Use(middleware.AdminAuthMiddleware(h.App.Config.AdminSession.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+		group.POST("save", h.Save)
+		group.GET("remove", h.Remove)
+		group.GET("loginLog", h.LoginLog)
+		group.GET("genLoginLink", h.GenLoginLink)
+		group.POST("resetPass", h.ResetPass)
+	}
 }
 
 // List 用户列表

api/handler/captcha_handler.go

@@ -9,6 +9,7 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/utils/resp"
@@ -31,10 +32,15 @@ func NewCaptchaHandler(app *core.AppServer, s *service.CaptchaService, sysConfig
 // RegisterRoutes 注册路由
 func (h *CaptchaHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/captcha/")
-	group.GET("get", h.Get)
-	group.POST("check", h.Check)
-	group.GET("slide/get", h.SlideGet)
-	group.POST("slide/check", h.SlideCheck)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("get", h.Get)
+		group.POST("check", h.Check)
+		group.GET("slide/get", h.SlideGet)
+		group.POST("slide/check", h.SlideCheck)
+	}
 }
 
 func (h *CaptchaHandler) Get(c *gin.Context) {

api/handler/chat_app_type_handler.go

@@ -2,6 +2,7 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/store/model"
 	"geekai/store/vo"
 	"geekai/utils"
@@ -21,8 +22,13 @@ func NewChatAppTypeHandler(app *core.AppServer, db *gorm.DB) *ChatAppTypeHandler
 
 // RegisterRoutes 注册路由
 func (h *ChatAppTypeHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/app/type")
-	group.GET("list", h.List)
+	group := h.App.Engine.Group("/api/app/type/")
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+	}
 }
 
 // List 获取App类型列表

api/handler/chat_handler.go

@@ -14,6 +14,7 @@ import (
 	"errors"
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/service/oss"
@@ -81,16 +82,23 @@ func NewChatHandler(app *core.AppServer, db *gorm.DB, redis *redis.Client, manag
 // RegisterRoutes 注册路由
 func (h *ChatHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/chat/")
+
+	// 聊天接口不需要授权（已在authConfig中配置）
 	group.Any("message", h.Chat)
-	group.GET("list", h.List)
-	group.GET("detail", h.Detail)
-	group.POST("update", h.Update)
-	group.GET("remove", h.Remove)
-	group.GET("history", h.History)
-	group.GET("clear", h.Clear)
-	group.POST("tokens", h.Tokens)
-	group.GET("stop", h.StopGenerate)
-	group.POST("tts", h.TextToSpeech)
+
+	// 其他接口需要用户授权
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+		group.GET("detail", h.Detail)
+		group.POST("update", h.Update)
+		group.GET("remove", h.Remove)
+		group.GET("history", h.History)
+		group.GET("clear", h.Clear)
+		group.POST("tokens", h.Tokens)
+		group.GET("stop", h.StopGenerate)
+		group.POST("tts", h.TextToSpeech)
+	}
 }
 
 // Chat 处理聊天请求

api/handler/chat_model_handler.go

@@ -9,6 +9,7 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/store/model"
 	"geekai/store/vo"
 	"geekai/utils"
@@ -29,7 +30,12 @@ func NewChatModelHandler(app *core.AppServer, db *gorm.DB) *ChatModelHandler {
 // RegisterRoutes 注册路由
 func (h *ChatModelHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/model/")
-	group.GET("list", h.List)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+	}
 }
 
 // List 模型列表

api/handler/chat_role_handler.go

@@ -9,6 +9,7 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/store/model"
 	"geekai/store/vo"
@@ -29,10 +30,15 @@ func NewChatRoleHandler(app *core.AppServer, db *gorm.DB) *ChatRoleHandler {
 
 // RegisterRoutes 注册路由
 func (h *ChatRoleHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/app/")
-	group.GET("list", h.List)
-	group.GET("list/user", h.ListByUser)
-	group.POST("update", h.UpdateRole)
+	group := h.App.Engine.Group("/api/role/")
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+		group.GET("list/user", h.ListByUser)
+		group.POST("update", h.UpdateRole)
+	}
 }
 
 // List 获取用户聊天应用列表

api/handler/config_handler.go

@@ -9,6 +9,7 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/service"
 	"geekai/store/model"
 	"geekai/utils"
@@ -30,8 +31,13 @@ func NewConfigHandler(app *core.AppServer, db *gorm.DB, licenseService *service.
 // RegisterRoutes 注册路由
 func (h *ConfigHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/config/")
-	group.GET("get", h.Get)
-	group.GET("license", h.License)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("get", h.Get)
+		group.GET("license", h.License)
+	}
 }
 
 // Get 获取指定的系统配置

api/handler/dalle_handler.go

@@ -10,6 +10,7 @@ package handler
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/service/dalle"
@@ -44,13 +45,20 @@ func NewDallJobHandler(app *core.AppServer, db *gorm.DB, service *dalle.Service,
 
 // RegisterRoutes 注册路由
 func (h *DallJobHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/dall")
-	group.POST("image", h.Image)
-	group.GET("jobs", h.JobList)
+	group := h.App.Engine.Group("/api/dall/")
+
+	// 公开接口，不需要授权
 	group.GET("imgWall", h.ImgWall)
-	group.GET("remove", h.Remove)
-	group.GET("publish", h.Publish)
 	group.GET("models", h.GetModels)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("image", h.Image)
+		group.GET("jobs", h.JobList)
+		group.GET("remove", h.Remove)
+		group.GET("publish", h.Publish)
+	}
 }
 
 // Image 创建一个绘画任务

api/handler/function_handler.go

@@ -11,6 +11,7 @@ import (
 	"errors"
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/service/crawler"
@@ -57,11 +58,16 @@ func NewFunctionHandler(
 // RegisterRoutes 注册路由
 func (h *FunctionHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/function/")
-	group.POST("weibo", h.WeiBo)
-	group.POST("zaobao", h.ZaoBao)
-	group.POST("dalle3", h.Dall3)
-	group.POST("websearch", h.WebSearch)
-	group.GET("list", h.List)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("weibo", h.WeiBo)
+		group.POST("zaobao", h.ZaoBao)
+		group.POST("dalle3", h.Dall3)
+		group.POST("websearch", h.WebSearch)
+		group.GET("list", h.List)
+	}
 }
 
 type resVo struct {

api/handler/invite_handler.go

@@ -10,6 +10,7 @@ package handler
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/store/model"
 	"geekai/store/vo"
 	"geekai/utils"
@@ -33,11 +34,18 @@ func NewInviteHandler(app *core.AppServer, db *gorm.DB) *InviteHandler {
 // RegisterRoutes 注册路由
 func (h *InviteHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/invite/")
-	group.GET("code", h.Code)
-	group.GET("list", h.List)
+
+	// 公开接口，不需要授权
 	group.GET("hits", h.Hits)
-	group.GET("stats", h.Stats)
-	group.GET("rules", h.Rules)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("code", h.Code)
+		group.GET("list", h.List)
+		group.GET("stats", h.Stats)
+		group.GET("rules", h.Rules)
+	}
 }
 
 // Code 获取当前用户邀请码

api/handler/jimeng_handler.go

@@ -2,8 +2,8 @@ package handler
 
 import (
 	"fmt"
-
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/service/jimeng"
@@ -34,12 +34,17 @@ func NewJimengHandler(app *core.AppServer, jimengService *jimeng.Service, db *go
 
 // RegisterRoutes 注册路由，新增统一任务接口
 func (h *JimengHandler) RegisterRoutes() {
-	rg := h.App.Engine.Group("/api/jimeng")
-	rg.POST("task", h.CreateTask)            // 只保留统一任务接口
-	rg.GET("power-config", h.GetPowerConfig) // 新增算力配置接口
-	rg.POST("jobs", h.Jobs)
-	rg.GET("remove", h.Remove)
-	rg.GET("retry", h.Retry)
+	group := h.App.Engine.Group("/api/jimeng/")
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("task", h.CreateTask)
+		group.GET("power-config", h.GetPowerConfig)
+		group.POST("jobs", h.Jobs)
+		group.GET("remove", h.Remove)
+		group.GET("retry", h.Retry)
+	}
 }
 
 // JimengTaskRequest 统一任务请求结构体

api/handler/markmap_handler.go

@@ -10,6 +10,7 @@ package handler
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/store/model"
@@ -37,7 +38,13 @@ func NewMarkMapHandler(app *core.AppServer, db *gorm.DB, userService *service.Us
 
 // RegisterRoutes 注册路由
 func (h *MarkMapHandler) RegisterRoutes() {
-	h.App.Engine.POST("/api/markMap/gen", h.Generate)
+	group := h.App.Engine.Group("/api/markMap/")
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("gen", h.Generate)
+	}
 }
 
 // Generate 生成思维导图

api/handler/menu_handler.go

@@ -9,10 +9,12 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/store/model"
 	"geekai/store/vo"
 	"geekai/utils"
 	"geekai/utils/resp"
+
 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
 )
@@ -28,7 +30,12 @@ func NewMenuHandler(app *core.AppServer, db *gorm.DB) *MenuHandler {
 // RegisterRoutes 注册路由
 func (h *MenuHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/menu/")
-	group.GET("list", h.List)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+	}
 }
 
 // List 数据列表

api/handler/mj_handler.go

@@ -10,6 +10,7 @@ package handler
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/service/mj"
@@ -49,13 +50,20 @@ func NewMidJourneyHandler(app *core.AppServer, db *gorm.DB, snowflake *service.S
 // RegisterRoutes 注册路由
 func (h *MidJourneyHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/mj/")
-	group.POST("image", h.Image)
-	group.POST("upscale", h.Upscale)
-	group.POST("variation", h.Variation)
-	group.GET("jobs", h.JobList)
+
+	// 公开接口，不需要授权
 	group.GET("imgWall", h.ImgWall)
-	group.GET("remove", h.Remove)
-	group.GET("publish", h.Publish)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("image", h.Image)
+		group.POST("upscale", h.Upscale)
+		group.POST("variation", h.Variation)
+		group.GET("jobs", h.JobList)
+		group.GET("remove", h.Remove)
+		group.GET("publish", h.Publish)
+	}
 }
 
 func (h *MidJourneyHandler) preCheck(c *gin.Context) bool {

api/handler/net_handler.go

@@ -9,6 +9,7 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service/oss"
 	"geekai/store/model"
@@ -34,9 +35,17 @@ func NewNetHandler(app *core.AppServer, db *gorm.DB, manager *oss.UploaderManage
 
 // RegisterRoutes 注册路由
 func (h *NetHandler) RegisterRoutes() {
-	h.App.Engine.POST("/api/upload", h.Upload)
-	h.App.Engine.POST("/api/upload/list", h.List)
-	h.App.Engine.GET("/api/upload/remove", h.Remove)
+	group := h.App.Engine.Group("/api/upload/")
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("upload", h.Upload)
+		group.POST("list", h.List)
+		group.GET("remove", h.Remove)
+	}
+
+	// 公开接口，不需要授权
 	h.App.Engine.GET("/api/download", h.Download)
 }
 

api/handler/order_handler.go

@@ -9,6 +9,7 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/store/model"
 	"geekai/store/vo"
@@ -31,8 +32,13 @@ func NewOrderHandler(app *core.AppServer, db *gorm.DB) *OrderHandler {
 // RegisterRoutes 注册路由
 func (h *OrderHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/order/")
-	group.GET("list", h.List)
-	group.GET("query", h.Query)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+		group.GET("query", h.Query)
+	}
 }
 
 // List 订单列表

api/handler/power_log_handler.go

@@ -9,6 +9,7 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/store/model"
 	"geekai/store/vo"
@@ -31,8 +32,13 @@ func NewPowerLogHandler(app *core.AppServer, db *gorm.DB) *PowerLogHandler {
 // RegisterRoutes 注册路由
 func (h *PowerLogHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/powerLog/")
-	group.POST("list", h.List)
-	group.GET("stats", h.Stats)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("list", h.List)
+		group.GET("stats", h.Stats)
+	}
 }
 
 func (h *PowerLogHandler) List(c *gin.Context) {

api/handler/product_handler.go

@@ -9,10 +9,12 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/store/model"
 	"geekai/store/vo"
 	"geekai/utils"
 	"geekai/utils/resp"
+
 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
 )
@@ -28,7 +30,12 @@ func NewProductHandler(app *core.AppServer, db *gorm.DB) *ProductHandler {
 // RegisterRoutes 注册路由
 func (h *ProductHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/product/")
-	group.GET("list", h.List)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("list", h.List)
+	}
 }
 
 // List 模型列表

api/handler/prompt_handler.go

@@ -10,6 +10,7 @@ package handler
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/store/model"
@@ -41,11 +42,16 @@ func NewPromptHandler(app *core.AppServer, db *gorm.DB, userService *service.Use
 
 // RegisterRoutes 注册路由
 func (h *PromptHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/prompt")
-	group.POST("/lyric", h.Lyric)
-	group.POST("/image", h.Image)
-	group.POST("/video", h.Video)
-	group.POST("/meta", h.MetaPrompt)
+	group := h.App.Engine.Group("/api/prompt/")
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("lyric", h.Lyric)
+		group.POST("image", h.Image)
+		group.POST("video", h.Video)
+		group.POST("meta", h.MetaPrompt)
+	}
 }
 
 // Lyric 生成歌词

api/handler/realtime_handler.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/store/model"
@@ -41,8 +42,14 @@ func NewRealtimeHandler(server *core.AppServer, db *gorm.DB, userService *servic
 
 // RegisterRoutes 注册路由
 func (h *RealtimeHandler) RegisterRoutes() {
-	h.App.Engine.Any("/api/realtime", h.Connection)
-	h.App.Engine.POST("/api/realtime/voice", h.VoiceChat)
+	group := h.App.Engine.Group("/api/realtime/")
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.Any("", h.Connection)
+		group.POST("voice", h.VoiceChat)
+	}
 }
 
 func (h *RealtimeHandler) Connection(c *gin.Context) {

api/handler/redeem_handler.go

@@ -10,14 +10,16 @@ package handler
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/store/model"
 	"geekai/utils/resp"
-	"github.com/gin-gonic/gin"
-	"gorm.io/gorm"
 	"sync"
 	"time"
+
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
 )
 
 type RedeemHandler struct {
@@ -33,7 +35,12 @@ func NewRedeemHandler(app *core.AppServer, db *gorm.DB, userService *service.Use
 // RegisterRoutes 注册路由
 func (h *RedeemHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/redeem/")
-	group.POST("verify", h.Verify)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("verify", h.Verify)
+	}
 }
 
 func (h *RedeemHandler) Verify(c *gin.Context) {

api/handler/sd_handler.go

@@ -10,6 +10,7 @@ package handler
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/service/oss"
@@ -58,12 +59,19 @@ func NewSdJobHandler(app *core.AppServer,
 
 // RegisterRoutes 注册路由
 func (h *SdJobHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/sd")
-	group.POST("image", h.Image)
-	group.GET("jobs", h.JobList)
+	group := h.App.Engine.Group("/api/sd/")
+
+	// 公开接口，不需要授权
 	group.GET("imgWall", h.ImgWall)
-	group.GET("remove", h.Remove)
-	group.GET("publish", h.Publish)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("image", h.Image)
+		group.GET("jobs", h.JobList)
+		group.GET("remove", h.Remove)
+		group.GET("publish", h.Publish)
+	}
 }
 
 func (h *SdJobHandler) preCheck(c *gin.Context) bool {

api/handler/sms_handler.go

@@ -9,6 +9,7 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/service/sms"
@@ -47,7 +48,12 @@ func NewSmsHandler(
 // RegisterRoutes 注册路由
 func (h *SmsHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/sms/")
-	group.POST("code", h.SendCode)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("code", h.SendCode)
+	}
 }
 
 // SendCode 发送验证码

api/handler/suno_handler.go

@@ -10,6 +10,7 @@ package handler
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/service/oss"
@@ -45,14 +46,21 @@ func NewSunoHandler(app *core.AppServer, db *gorm.DB, service *suno.Service, upl
 
 // RegisterRoutes 注册路由
 func (h *SunoHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/suno")
-	group.POST("create", h.Create)
-	group.GET("list", h.List)
-	group.GET("remove", h.Remove)
-	group.GET("publish", h.Publish)
-	group.POST("update", h.Update)
-	group.GET("detail", h.Detail)
+	group := h.App.Engine.Group("/api/suno/")
+
+	// 公开接口，不需要授权
 	group.GET("play", h.Play)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("create", h.Create)
+		group.GET("list", h.List)
+		group.GET("remove", h.Remove)
+		group.GET("publish", h.Publish)
+		group.POST("update", h.Update)
+		group.GET("detail", h.Detail)
+	}
 }
 
 func (h *SunoHandler) Create(c *gin.Context) {

api/handler/test_handler.go

@@ -2,6 +2,7 @@ package handler
 
 import (
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/service"
 	"geekai/service/payment"
 	"net/http"
@@ -23,8 +24,13 @@ func NewTestHandler(app *core.AppServer, db *gorm.DB, snowflake *service.Snowfla
 
 // RegisterRoutes 注册路由
 func (h *TestHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/test")
-	group.Any("sse", h.PostTest, h.SseTest)
+	group := h.App.Engine.Group("/api/test/")
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.Any("sse", h.PostTest, h.SseTest)
+	}
 }
 
 func (h *TestHandler) SseTest(c *gin.Context) {

api/handler/user_handler.go

@@ -10,6 +10,7 @@ package handler
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/store"
@@ -61,19 +62,26 @@ func NewUserHandler(
 // RegisterRoutes 注册路由
 func (h *UserHandler) RegisterRoutes() {
 	group := h.App.Engine.Group("/api/user/")
+
+	// 公开接口，不需要授权
 	group.POST("register", h.Register)
 	group.POST("login", h.Login)
-	group.GET("logout", h.Logout)
-	group.GET("session", h.Session)
-	group.GET("profile", h.Profile)
-	group.POST("profile/update", h.ProfileUpdate)
-	group.POST("password", h.UpdatePass)
-	group.POST("bind/mobile", h.BindMobile)
-	group.POST("bind/email", h.BindEmail)
 	group.POST("resetPass", h.ResetPass)
 	group.GET("clogin", h.CLogin)
 	group.GET("clogin/callback", h.CLoginCallback)
-	group.GET("signin", h.SignIn)
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.GET("logout", h.Logout)
+		group.GET("session", h.Session)
+		group.GET("profile", h.Profile)
+		group.POST("profile/update", h.ProfileUpdate)
+		group.POST("password", h.UpdatePass)
+		group.POST("bind/mobile", h.BindMobile)
+		group.POST("bind/email", h.BindEmail)
+		group.GET("signin", h.SignIn)
+	}
 }
 
 // Register user register

api/handler/video_handler.go

@@ -10,6 +10,7 @@ package handler
 import (
 	"fmt"
 	"geekai/core"
+	"geekai/core/middleware"
 	"geekai/core/types"
 	"geekai/service"
 	"geekai/service/oss"
@@ -45,12 +46,17 @@ func NewVideoHandler(app *core.AppServer, db *gorm.DB, service *video.Service, u
 
 // RegisterRoutes 注册路由
 func (h *VideoHandler) RegisterRoutes() {
-	group := h.App.Engine.Group("/api/video")
-	group.POST("luma/create", h.LumaCreate)
-	group.POST("keling/create", h.KeLingCreate)
-	group.GET("list", h.List)
-	group.GET("remove", h.Remove)
-	group.GET("publish", h.Publish)
+	group := h.App.Engine.Group("/api/video/")
+
+	// 需要用户授权的接口
+	group.Use(middleware.UserAuthMiddleware(h.App.Config.Session.SecretKey, h.App.Redis))
+	{
+		group.POST("luma/create", h.LumaCreate)
+		group.POST("keling/create", h.KeLingCreate)
+		group.GET("list", h.List)
+		group.GET("remove", h.Remove)
+		group.GET("publish", h.Publish)
+	}
 }
 
 func (h *VideoHandler) LumaCreate(c *gin.Context) {