refactor: 使用session鉴权

app/http/controllers/swagger_controller.go

@@ -2,7 +2,6 @@ package controllers
 
 import (
 	"github.com/goravel/framework/contracts/http"
-	"github.com/goravel/framework/facades"
 	"github.com/swaggo/http-swagger/v2"
 
 	_ "github.com/TheTNB/panel/docs"
@@ -25,10 +24,6 @@ func NewSwaggerController() *SwaggerController {
 //	@Failure		500
 //	@Router			/swagger [get]
 func (r *SwaggerController) Index(ctx http.Context) http.Response {
-	if !facades.Config().GetBool("app.debug") {
-		return Error(ctx, http.StatusNotFound, http.StatusText(http.StatusNotFound))
-	}
-
 	handler := httpSwagger.Handler()
 	handler(ctx.Response().Writer(), ctx.Request().Origin())
 

app/http/controllers/user_controller.go

@@ -1,8 +1,11 @@
 package controllers
 
 import (
+	"fmt"
+
 	"github.com/goravel/framework/contracts/http"
 	"github.com/goravel/framework/facades"
+	"github.com/spf13/cast"
 
 	"github.com/TheTNB/panel/app/http/requests/user"
 	"github.com/TheTNB/panel/app/models"
@@ -20,16 +23,15 @@ func NewUserController() *UserController {
 
 // Login
 //
-//	@Summary		登录
-//	@Description	通过用户名和密码获取访问令牌
-//	@Tags			用户鉴权
-//	@Accept			json
-//	@Produce		json
-//	@Param			data	body		requests.Login	true	"request"
-//	@Success		200		{object}	SuccessResponse
-//	@Failure		403		{object}	ErrorResponse	"用户名或密码错误"
-//	@Failure		500		{object}	ErrorResponse	"系统内部错误
-//	@Router			/panel/user/login [post]
+//	@Summary	登录
+//	@Tags		用户鉴权
+//	@Accept		json
+//	@Produce	json
+//	@Param		data	body		requests.Login	true	"request"
+//	@Success	200		{object}	SuccessResponse
+//	@Failure	403		{object}	ErrorResponse	"用户名或密码错误"
+//	@Failure	500		{object}	ErrorResponse	"系统内部错误
+//	@Router		/panel/user/login [post]
 func (r *UserController) Login(ctx http.Context) http.Response {
 	var loginRequest requests.Login
 	sanitize := SanitizeRequest(ctx, &loginRequest)
@@ -60,32 +62,38 @@ func (r *UserController) Login(ctx http.Context) http.Response {
 		}
 	}
 
-	token, loginErr := facades.Auth(ctx).LoginUsingID(user.ID)
-	if loginErr != nil {
-		facades.Log().Request(ctx.Request()).Tags("面板", "用户").With(map[string]any{
-			"error": err.Error(),
-		}).Info("登录失败")
-		return ErrorSystem(ctx)
+	ctx.Request().Session().Put("user_id", user.ID)
+	return Success(ctx, nil)
+}
+
+// Logout
+//
+//	@Summary	登出
+//	@Tags		用户鉴权
+//	@Produce	json
+//	@Security	BearerToken
+//	@Success	200	{object}	SuccessResponse
+//	@Router		/panel/user/logout [post]
+func (r *UserController) Logout(ctx http.Context) http.Response {
+	if err := ctx.Request().Session().Invalidate(); err != nil {
+		return Error(ctx, http.StatusInternalServerError, fmt.Sprintf("登出失败: %s", err.Error()))
 	}
 
-	return Success(ctx, http.Json{
-		"access_token": token,
-	})
+	return Success(ctx, nil)
 }
 
 // Info
 //
-//	@Summary		用户信息
-//	@Description	获取当前登录用户信息
-//	@Tags			用户鉴权
-//	@Produce		json
-//	@Security		BearerToken
-//	@Success		200	{object}	SuccessResponse
-//	@Router			/panel/user/info [get]
+//	@Summary	用户信息
+//	@Tags		用户鉴权
+//	@Produce	json
+//	@Security	BearerToken
+//	@Success	200	{object}	SuccessResponse
+//	@Router		/panel/user/info [get]
 func (r *UserController) Info(ctx http.Context) http.Response {
+	userID := cast.ToUint(ctx.Value("user_id"))
 	var user models.User
-	err := facades.Auth(ctx).User(&user)
-	if err != nil {
+	if err := facades.Orm().Query().Where("id", userID).Get(&user); err != nil {
 		facades.Log().Request(ctx.Request()).Tags("面板", "用户").With(map[string]any{
 			"error": err.Error(),
 		}).Info("获取用户信息失败")

app/http/middleware/jwt.go

@@ -1,47 +0,0 @@
-package middleware
-
-import (
-	"errors"
-
-	"github.com/goravel/framework/auth"
-	"github.com/goravel/framework/contracts/http"
-	"github.com/goravel/framework/facades"
-)
-
-// Jwt 确保通过 JWT 鉴权
-func Jwt() http.Middleware {
-	return func(ctx http.Context) {
-		translate := facades.Lang(ctx)
-		token := ctx.Request().Header("Authorization", ctx.Request().Header("Sec-WebSocket-Protocol"))
-		if len(token) == 0 {
-			ctx.Request().AbortWithStatusJson(http.StatusUnauthorized, http.Json{
-				"message": translate.Get("auth.token.missing"),
-			})
-			return
-		}
-
-		// JWT 鉴权
-		if _, err := facades.Auth(ctx).Parse(token); err != nil {
-			if errors.Is(err, auth.ErrorTokenExpired) {
-				token, err = facades.Auth(ctx).Refresh()
-				if err != nil {
-					// 到达刷新时间上限
-					ctx.Request().AbortWithStatusJson(http.StatusUnauthorized, http.Json{
-						"message": translate.Get("auth.token.expired"),
-					})
-					return
-				}
-
-				token = "Bearer " + token
-			} else {
-				ctx.Request().AbortWithStatusJson(http.StatusUnauthorized, http.Json{
-					"message": translate.Get("auth.token.expired"),
-				})
-				return
-			}
-		}
-
-		ctx.Response().Header("Authorization", token)
-		ctx.Request().Next()
-	}
-}

app/http/middleware/session.go

@@ -0,0 +1,39 @@
+package middleware
+
+import (
+	"github.com/goravel/framework/contracts/http"
+	"github.com/goravel/framework/facades"
+	"github.com/spf13/cast"
+)
+
+// Session 确保通过 JWT 鉴权
+func Session() http.Middleware {
+	return func(ctx http.Context) {
+		translate := facades.Lang(ctx)
+
+		if !ctx.Request().HasSession() {
+			ctx.Request().AbortWithStatusJson(http.StatusUnauthorized, http.Json{
+				"message": translate.Get("auth.session.missing"),
+			})
+			return
+		}
+
+		if ctx.Request().Session().Missing("user_id") {
+			ctx.Request().AbortWithStatusJson(http.StatusUnauthorized, http.Json{
+				"message": translate.Get("auth.session.expired"),
+			})
+			return
+		}
+
+		userID := cast.ToUint(ctx.Request().Session().Get("user_id"))
+		if userID == 0 {
+			ctx.Request().AbortWithStatusJson(http.StatusUnauthorized, http.Json{
+				"message": translate.Get("auth.session.invalid"),
+			})
+			return
+		}
+
+		ctx.WithValue("user_id", userID)
+		ctx.Request().Next()
+	}
+}