Files
backend/internal/middleware/verification.go
lan d9aa4b46c3
All checks were successful
Build Backend / build (push) Successful in 4m55s
Build Backend / build-docker (push) Successful in 10m34s
refactor(server): decouple services and improve architecture
- Introduce interfaces for all major services (JWT, PostAI, Comment, Message, Notification, QRCodeLogin, Upload, Vote, etc.) to support dependency inversion.
- Move query parameters from `internal/dto` to a new `internal/query` package to separate request payloads from data transfer objects.
- Refactor `internal/router` to use embedded `RouterDeps` for cleaner dependency management.
- Decouple handlers from repositories by injecting services instead of direct repository access, ensuring proper layering.
- Improve database initialization by moving it from `internal/model` to `internal/database`.
- Optimize message decryption by implementing a more efficient `BatchDecrypt` method in `MessageEncryptor` using a worker pool.
- Enhance error handling and security by implementing fail-fast checks for encryption key length during startup.
- Clean up unused code, including the `avatar` package and several unused DTOs.
2026-06-15 03:41:59 +08:00

42 lines
997 B
Go
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
package middleware
import (
"net/http"
"with_you/internal/model"
"with_you/internal/pkg/response"
"with_you/internal/service"
"github.com/gin-gonic/gin"
)
// RequireVerified 要求用户已通过身份认证。
// 通过 service.UserService 查询用户(而非直接访问 repository保持分层一致
//
// middleware → service → repository
func RequireVerified(userService service.UserService) gin.HandlerFunc {
return func(c *gin.Context) {
userID, exists := c.Get("user_id")
if !exists {
response.Unauthorized(c, "未授权")
c.Abort()
return
}
user, err := userService.GetUserByID(c.Request.Context(), userID.(string))
if err != nil {
response.InternalServerError(c, "获取用户信息失败")
c.Abort()
return
}
if user.VerificationStatus != model.VerificationStatusApproved {
response.ErrorWithStringCode(c, http.StatusForbidden, "VERIFICATION_REQUIRED", "请先完成身份认证")
c.Abort()
return
}
c.Next()
}
}