发布v2.6.10版本，更新内容请查看：https://github.com/bufanyun/hotgo/blob/v2.0/docs/guide-zh-CN/start-update-log.md

2025-12-27 02:26:00 +08:00 · 2023-05-12 16:20:22 +08:00
parent f30fd885be
commit 9198a53584
52 changed files with 982 additions and 834 deletions
--- a/server/internal/logic/middleware/admin_auth.go
+++ b/server/internal/logic/middleware/admin_auth.go
@@ -3,7 +3,6 @@
 // @Copyright  Copyright (c) 2023 HotGo CLI
 // @Author  Ms <133814250@qq.com>
 // @License  https://github.com/bufanyun/hotgo/blob/master/LICENSE
-//
 package middleware

 import (
@@ -15,27 +14,35 @@ import (
 	"hotgo/internal/library/contexts"
 	"hotgo/internal/library/response"
 	"hotgo/internal/service"
-	"hotgo/utility/auth"
 )

 // AdminAuth 后台鉴权中间件
 func (s *sMiddleware) AdminAuth(r *ghttp.Request) {
-	var ctx = r.Context()
-	// 替换掉模块前缀
-	routerPrefix := g.Cfg().MustGet(ctx, "router.admin.prefix", "/admin")
-	path := gstr.Replace(r.URL.Path, routerPrefix.String(), "", 1)
+	var (
+		ctx    = r.Context()
+		prefix = g.Cfg().MustGet(ctx, "router.admin.prefix", "/admin").String()
+		path   = gstr.Replace(r.URL.Path, prefix, "", 1)
+	)

-	/// 不需要验证登录的路由地址
-	if auth.IsExceptLogin(ctx, path) {
+	// 不需要验证登录的路由地址
+	if isExceptLogin(ctx, consts.AppAdmin, path) {
 		r.Middleware.Next()
 		return
 	}

-	if err := inspectAuth(r, consts.AppAdmin); err != nil {
+	// 将用户信息传递到上下文中
+	if err := deliverUserContext(r); err != nil {
+		g.Log().Warningf(ctx, "deliverUserContext err:%+v", err)
 		response.JsonExit(r, gcode.CodeNotAuthorized.Code(), err.Error())
 		return
 	}

+	// 不需要验证权限的路由地址
+	if isExceptAuth(ctx, consts.AppAdmin, path) {
+		r.Middleware.Next()
+		return
+	}
+
 	// 验证路由访问权限
 	if !service.AdminRole().Verify(ctx, path, r.Method) {
 		g.Log().Debugf(ctx, "AdminAuth fail path:%+v, GetRoleKey:%+v, r.Method:%+v", path, contexts.GetRoleKey(ctx), r.Method)