bl/common/utils/go-jsonrpc/auth/handler.go

package auth

import (
	"context"
	"net/http"
	"strings"

	logging "github.com/ipfs/go-log/v2"
)

var log = logging.Logger("auth")

type Handler struct {
	Verify func(ctx context.Context, token string) ([]Permission, error)
	Next   http.HandlerFunc
}

func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	ctx := r.Context()

	token := r.Header.Get("Authorization")
	if token == "" {
		token = r.FormValue("token")
		if token != "" {
			token = "Bearer " + token
		}
	}

	if token != "" {
		if !strings.HasPrefix(token, "Bearer ") {
			log.Warn("missing Bearer prefix in auth header")
			w.WriteHeader(401)
			return
		}
		token = strings.TrimPrefix(token, "Bearer ")

		allow, err := h.Verify(ctx, token)
		if err != nil {
			log.Warnf("JWT Verification failed (originating from %s): %s", r.RemoteAddr, err)
			w.WriteHeader(401)
			return
		}

		ctx = WithPerm(ctx, allow)
	}

	h.Next(w, r.WithContext(ctx))
}
refactor(project): 重构项目并更新依赖 - 更新 README.md 中的项目结构说明 - 添加 pprof 性能分析工具的使用说明 - 更新 build.bat 文件，增加 proto 文件编译命令 - 升级 go-logr/logr 依赖至 v1.3.0 - 降级 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc 依赖至 v1.16.0 - 降级 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp 依赖至 v1.16.0 - 升级 go.opentelemetry.io/otel/trace 依赖至 v1.20.0 - 移除 logic/main.go 中的冗余代码 - 重构 logic/server.go 中的 Start 函数 - 更新 login/main.go 文件 2025-07-06 17:05:10 +08:00			`package auth`

			`import (`
			`"context"`
			`"net/http"`
			`"strings"`

			`logging "github.com/ipfs/go-log/v2"`
			`)`

			`var log = logging.Logger("auth")`

			`type Handler struct {`
			`Verify func(ctx context.Context, token string) ([]Permission, error)`
			`Next http.HandlerFunc`
			`}`

			`func (h Handler) ServeHTTP(w http.ResponseWriter, r http.Request) {`
			`ctx := r.Context()`

			`token := r.Header.Get("Authorization")`
			`if token == "" {`
			`token = r.FormValue("token")`
			`if token != "" {`
			`token = "Bearer " + token`
			`}`
			`}`

			`if token != "" {`
			`if !strings.HasPrefix(token, "Bearer ") {`
			`log.Warn("missing Bearer prefix in auth header")`
			`w.WriteHeader(401)`
			`return`
			`}`
			`token = strings.TrimPrefix(token, "Bearer ")`

			`allow, err := h.Verify(ctx, token)`
			`if err != nil {`
			`log.Warnf("JWT Verification failed (originating from %s): %s", r.RemoteAddr, err)`
			`w.WriteHeader(401)`
			`return`
			`}`

			`ctx = WithPerm(ctx, allow)`
			`}`

			`h.Next(w, r.WithContext(ctx))`
			`}`