feat(verification): enforce user verification requirement for posts, comments, and WebSocket connections
Some checks failed
Build Backend / build-docker (push) Has been cancelled
Build Backend / build (push) Has been cancelled

Add verification status checks to protected routes including post creation, updates, deletion, likes, favorites, voting, and WebSocket connections. Also rename RequireVerification middleware to RequireVerified and update error response format with string error codes.
This commit is contained in:
lafay
2026-04-08 02:28:10 +08:00
parent 98b8abd26a
commit ef9a30ee54
7 changed files with 68 additions and 40 deletions

View File

@@ -1,14 +1,16 @@
package middleware
import (
"github.com/gin-gonic/gin"
"net/http"
"carrot_bbs/internal/model"
"carrot_bbs/internal/pkg/response"
"carrot_bbs/internal/repository"
"github.com/gin-gonic/gin"
)
func RequireVerification(userRepo repository.UserRepository) gin.HandlerFunc {
func RequireVerified(userRepo repository.UserRepository) gin.HandlerFunc {
return func(c *gin.Context) {
userID, exists := c.Get("user_id")
if !exists {
@@ -19,13 +21,13 @@ func RequireVerification(userRepo repository.UserRepository) gin.HandlerFunc {
user, err := userRepo.GetByID(userID.(string))
if err != nil {
response.HandleError(c, err, "获取用户信息失败")
response.InternalServerError(c, "获取用户信息失败")
c.Abort()
return
}
if user.VerificationStatus != model.VerificationStatusApproved {
response.Forbidden(c, "需要完成身份认证")
response.ErrorWithStringCode(c, http.StatusForbidden, "VERIFICATION_REQUIRED", "请先完成身份认证")
c.Abort()
return
}