Add verification status checks to protected routes including post creation, updates, deletion, likes, favorites, voting, and WebSocket connections. Also rename RequireVerification middleware to RequireVerified and update error response format with string error codes.
38 lines
779 B
Go
38 lines
779 B
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"carrot_bbs/internal/model"
|
|
"carrot_bbs/internal/pkg/response"
|
|
"carrot_bbs/internal/repository"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
func RequireVerified(userRepo repository.UserRepository) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
userID, exists := c.Get("user_id")
|
|
if !exists {
|
|
response.Unauthorized(c, "未授权")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
user, err := userRepo.GetByID(userID.(string))
|
|
if err != nil {
|
|
response.InternalServerError(c, "获取用户信息失败")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
if user.VerificationStatus != model.VerificationStatusApproved {
|
|
response.ErrorWithStringCode(c, http.StatusForbidden, "VERIFICATION_REQUIRED", "请先完成身份认证")
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|