添加token中间件

2024-05-23 06:22:10 +08:00 · 2024-05-23 06:22:10 +08:00 · 0840048161
commit 0840048161
parent eb990f8f68
3 changed files with 39 additions and 8 deletions
--- a/library/src/middleware/mod.rs
+++ b/library/src/middleware/mod.rs
@ -1,3 +1,4 @@
 pub mod req_id;
 pub mod req_log;
-pub mod cors;
+pub mod cors;
+pub mod req_token;
--- a/library/src/middleware/req_token.rs
+++ b/library/src/middleware/req_token.rs
@ -0,0 +1,30 @@
+use axum::{extract::Request, middleware::Next, response::{IntoResponse, Response}};
+use http::{header, StatusCode};
+use jsonwebtoken::{decode, DecodingKey, Validation};
+
+use crate::{config, token::Claims};
+
+
+pub async fn authenticate_access_token(mut req: Request, next: Next) -> Response {
+    let auth_header = req.headers().get(header::AUTHORIZATION);
+    let token = match auth_header {
+        Some(header_value) => {
+            let parts: Vec<&str> = header_value.to_str().unwrap_or("").split_whitespace().collect();
+            if parts.len() != 2 || parts[0] != "Bearer" {
+                return (StatusCode::BAD_REQUEST, "Invalid authorization header format".to_string()).into_response();
+            }
+            parts[1]
+        },
+        None => return (StatusCode::UNAUTHORIZED, "Missing authorization header".to_string()).into_response(),
+    };
+
+    let validation = Validation::default();
+    match decode::<Claims>(token, &DecodingKey::from_secret(config!().jwt.secret.as_bytes()), &validation) {
+        Ok(decoded) => {
+            // 将Claims附加到请求扩展中，以便后续处理使用
+            req.extensions_mut().insert(decoded.claims);
+            next.run(req).await
+        },
+        Err(_) => (StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response(),
+    }
+}
--- a/library/src/token.rs
+++ b/library/src/token.rs
@ -2,14 +2,14 @@ use serde::{Deserialize, Serialize};

 use crate::config;

-#[derive(Debug, Serialize, Deserialize)]
-pub struct Claim {
+#[derive(Debug, Serialize, Deserialize, Clone)]
+pub struct Claims {
    sub: i64, // 用户ID
    exp: usize, // Token过期时间戳
 }

 pub fn generate_token(sub: i64) -> String {
-    let claim = Claim {
+    let claim = Claims {
        sub,
        exp: config!().jwt.expires,
    };
@ -17,14 +17,14 @@ pub fn generate_token(sub: i64) -> String {
 }

 pub fn generate_refresh_token(sub: i64) -> String {
-    let claim = Claim {
+    let claim = Claims {
        sub,
        exp: config!().jwt.refresh_expires,
    };
    generate(claim)
 }

-fn generate(claim: Claim) -> String {
+fn generate(claim: Claims) -> String {
    let token = jsonwebtoken::encode(
        &jsonwebtoken::Header::default(),
        &claim,
@ -36,8 +36,8 @@ fn generate(claim: Claim) -> String {
    })
 }

-pub fn verify_token(token: &str) -> Result<Claim, jsonwebtoken::errors::Error> {
-    jsonwebtoken::decode::<Claim>(
+pub fn verify_token(token: &str) -> Result<Claims, jsonwebtoken::errors::Error> {
+    jsonwebtoken::decode::<Claims>(
        token,
        &jsonwebtoken::DecodingKey::from_secret(config!().jwt.secret.as_bytes()),
        &jsonwebtoken::Validation::default(),