🎨 添加中间件 && 完善预设注入功能 && 新增流式传输

2026-03-03 06:10:39 +08:00
parent e1c70fe218
commit 557c865948
16 changed files with 1010 additions and 12117 deletions
--- a/server/middleware/jwt.go
+++ b/server/middleware/jwt.go
@@ -0,0 +1,75 @@
+package middleware
+
+import (
+	"strconv"
+	"time"
+
+	"git.echol.cn/loser/ai_proxy/server/global"
+	"git.echol.cn/loser/ai_proxy/server/model/common/response"
+	"git.echol.cn/loser/ai_proxy/server/model/system"
+	"git.echol.cn/loser/ai_proxy/server/service"
+	"git.echol.cn/loser/ai_proxy/server/utils"
+	"github.com/gin-gonic/gin"
+	"go.uber.org/zap"
+)
+
+var jwtService = service.ServiceGroupApp.SystemServiceGroup.JwtService
+
+func JWTAuth() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// 从请求头获取 token
+		token := utils.GetToken(c)
+		if token == "" {
+			response.FailWithDetailed(gin.H{"reload": true}, "未登录或非法访问", c)
+			c.Abort()
+			return
+		}
+
+		// 检查 JWT 黑名单
+		if jwtService.IsBlacklist(token) {
+			response.FailWithDetailed(gin.H{"reload": true}, "您的帐户异地登陆或令牌失效", c)
+			utils.ClearToken(c)
+			c.Abort()
+			return
+		}
+
+		// 解析 token
+		j := utils.NewJWT()
+		claims, err := j.ParseToken(token)
+		if err != nil {
+			if err == utils.TokenExpired {
+				response.FailWithDetailed(gin.H{"reload": true}, "授权已过期", c)
+				utils.ClearToken(c)
+				c.Abort()
+				return
+			}
+			response.FailWithDetailed(gin.H{"reload": true}, err.Error(), c)
+			utils.ClearToken(c)
+			c.Abort()
+			return
+		}
+
+		// Token 续期检查
+		if claims.ExpiresAt.Unix()-time.Now().Unix() < claims.BufferTime {
+			dr, _ := utils.ParseDuration(global.GVA_CONFIG.JWT.ExpiresTime)
+			claims.ExpiresAt = utils.NewNumericDate(time.Now().Add(dr))
+			newToken, _ := j.CreateTokenByOldToken(token, *claims)
+			newClaims, _ := j.ParseToken(newToken)
+			c.Header("new-token", newToken)
+			c.Header("new-expires-at", strconv.FormatInt(newClaims.ExpiresAt.Unix(), 10))
+			utils.SetToken(c, newToken, int(dr.Seconds()))
+			if global.GVA_CONFIG.System.UseMultipoint {
+				RedisJwtToken, err := jwtService.GetRedisJWT(newClaims.Username)
+				if err != nil {
+					global.GVA_LOG.Error("get redis jwt failed", zap.Error(err))
+				} else {
+					_ = jwtService.JsonInBlacklist(system.JwtBlacklist{Jwt: RedisJwtToken})
+				}
+				_ = jwtService.SetRedisJWT(newToken, newClaims.Username)
+			}
+		}
+
+		c.Set("claims", claims)
+		c.Next()
+	}
+}