feat(verification): enforce user verification requirement for posts, comments, and WebSocket connections
Add verification status checks to protected routes including post creation, updates, deletion, likes, favorites, voting, and WebSocket connections. Also rename RequireVerification middleware to RequireVerified and update error response format with string error codes.
This commit is contained in:
@@ -1,14 +1,16 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"net/http"
|
||||
|
||||
"carrot_bbs/internal/model"
|
||||
"carrot_bbs/internal/pkg/response"
|
||||
"carrot_bbs/internal/repository"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
func RequireVerification(userRepo repository.UserRepository) gin.HandlerFunc {
|
||||
func RequireVerified(userRepo repository.UserRepository) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
userID, exists := c.Get("user_id")
|
||||
if !exists {
|
||||
@@ -19,13 +21,13 @@ func RequireVerification(userRepo repository.UserRepository) gin.HandlerFunc {
|
||||
|
||||
user, err := userRepo.GetByID(userID.(string))
|
||||
if err != nil {
|
||||
response.HandleError(c, err, "获取用户信息失败")
|
||||
response.InternalServerError(c, "获取用户信息失败")
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
if user.VerificationStatus != model.VerificationStatusApproved {
|
||||
response.Forbidden(c, "需要完成身份认证")
|
||||
response.ErrorWithStringCode(c, http.StatusForbidden, "VERIFICATION_REQUIRED", "请先完成身份认证")
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user