feat(verification): enforce user verification requirement for posts, comments, and WebSocket connections
Some checks failed
Build Backend / build-docker (push) Has been cancelled
Build Backend / build (push) Has been cancelled

Add verification status checks to protected routes including post creation, updates, deletion, likes, favorites, voting, and WebSocket connections. Also rename RequireVerification middleware to RequireVerified and update error response format with string error codes.
This commit is contained in:
lafay
2026-04-08 02:28:10 +08:00
parent 98b8abd26a
commit ef9a30ee54
7 changed files with 68 additions and 40 deletions

View File

@@ -20,6 +20,7 @@ import (
"carrot_bbs/internal/model"
"carrot_bbs/internal/pkg/response"
"carrot_bbs/internal/pkg/ws"
"carrot_bbs/internal/repository"
"carrot_bbs/internal/service"
)
@@ -71,6 +72,7 @@ type WSHandler struct {
groupService service.GroupService
jwtService *service.JWTService
callService service.CallService
userRepo repository.UserRepository
clientSeq uint64
}
@@ -81,6 +83,7 @@ func NewWSHandler(
groupService service.GroupService,
jwtService *service.JWTService,
callService service.CallService,
userRepo repository.UserRepository,
) *WSHandler {
return &WSHandler{
wsHub: wsHub,
@@ -88,6 +91,7 @@ func NewWSHandler(
groupService: groupService,
jwtService: jwtService,
callService: callService,
userRepo: userRepo,
}
}
@@ -118,6 +122,18 @@ func (h *WSHandler) HandleWebSocket(c *gin.Context) {
}
userID := claims.UserID
// 检查用户认证状态
user, err := h.userRepo.GetByID(userID)
if err != nil {
response.InternalServerError(c, "获取用户信息失败")
return
}
if user.VerificationStatus != model.VerificationStatusApproved {
response.ErrorWithStringCode(c, http.StatusForbidden, "VERIFICATION_REQUIRED", "请先完成身份认证")
return
}
zap.L().Info("WebSocket connection attempt",
zap.String("user_id", userID),
)