fix: 修复 C 端公开路由被认证中间件拦截的问题
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 6m51s
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 6m51s
Fiber 的 Group.Use() 在路由表中注册全局 USE 处理器,不区分 Group 对象。 原代码先调用 authProtectedGroup.Use() 再注册公开路由,导致 verify-asset、 wechat-login、miniapp-login、send-code 四个无需认证的接口被拦截返回 1004。 修复方式:公开路由直接注册在 router 上且在任何 Use() 之前, 利用 Fiber 按注册顺序匹配的机制确保公开路由优先命中。
This commit is contained in:
@@ -12,13 +12,16 @@ import (
|
|||||||
|
|
||||||
// RegisterPersonalCustomerRoutes 注册个人客户路由
|
// RegisterPersonalCustomerRoutes 注册个人客户路由
|
||||||
// 路由挂载在 /api/c/v1 下
|
// 路由挂载在 /api/c/v1 下
|
||||||
|
//
|
||||||
|
// 重要:Fiber 的 Group.Use() 会在路由表中注册全局 USE 处理器,
|
||||||
|
// 匹配该前缀下的所有请求(不区分 Group 对象)。
|
||||||
|
// 因此公开路由必须在任何 Use() 调用之前注册,利用 Fiber 按注册顺序匹配的机制,
|
||||||
|
// 确保公开路由优先命中并直接返回,不会被后续的认证中间件拦截。
|
||||||
func RegisterPersonalCustomerRoutes(router fiber.Router, doc *openapi.Generator, basePath string, handlers *bootstrap.Handlers, personalAuthMiddleware *middleware.PersonalAuthMiddleware) {
|
func RegisterPersonalCustomerRoutes(router fiber.Router, doc *openapi.Generator, basePath string, handlers *bootstrap.Handlers, personalAuthMiddleware *middleware.PersonalAuthMiddleware) {
|
||||||
authBasePath := "/auth"
|
authBasePath := "/auth"
|
||||||
authPublicGroup := router.Group(authBasePath)
|
|
||||||
authProtectedGroup := router.Group(authBasePath)
|
|
||||||
authProtectedGroup.Use(personalAuthMiddleware.Authenticate())
|
|
||||||
|
|
||||||
Register(authPublicGroup, doc, basePath+authBasePath, "POST", "/verify-asset", handlers.ClientAuth.VerifyAsset, RouteSpec{
|
// === 公开路由(无需认证)===
|
||||||
|
Register(router, doc, basePath, "POST", authBasePath+"/verify-asset", handlers.ClientAuth.VerifyAsset, RouteSpec{
|
||||||
Summary: "资产验证",
|
Summary: "资产验证",
|
||||||
Tags: []string{"个人客户 - 认证"},
|
Tags: []string{"个人客户 - 认证"},
|
||||||
Auth: false,
|
Auth: false,
|
||||||
@@ -26,7 +29,7 @@ func RegisterPersonalCustomerRoutes(router fiber.Router, doc *openapi.Generator,
|
|||||||
Output: &dto.VerifyAssetResponse{},
|
Output: &dto.VerifyAssetResponse{},
|
||||||
})
|
})
|
||||||
|
|
||||||
Register(authPublicGroup, doc, basePath+authBasePath, "POST", "/wechat-login", handlers.ClientAuth.WechatLogin, RouteSpec{
|
Register(router, doc, basePath, "POST", authBasePath+"/wechat-login", handlers.ClientAuth.WechatLogin, RouteSpec{
|
||||||
Summary: "公众号登录",
|
Summary: "公众号登录",
|
||||||
Tags: []string{"个人客户 - 认证"},
|
Tags: []string{"个人客户 - 认证"},
|
||||||
Auth: false,
|
Auth: false,
|
||||||
@@ -34,7 +37,7 @@ func RegisterPersonalCustomerRoutes(router fiber.Router, doc *openapi.Generator,
|
|||||||
Output: &dto.WechatLoginResponse{},
|
Output: &dto.WechatLoginResponse{},
|
||||||
})
|
})
|
||||||
|
|
||||||
Register(authPublicGroup, doc, basePath+authBasePath, "POST", "/miniapp-login", handlers.ClientAuth.MiniappLogin, RouteSpec{
|
Register(router, doc, basePath, "POST", authBasePath+"/miniapp-login", handlers.ClientAuth.MiniappLogin, RouteSpec{
|
||||||
Summary: "小程序登录",
|
Summary: "小程序登录",
|
||||||
Tags: []string{"个人客户 - 认证"},
|
Tags: []string{"个人客户 - 认证"},
|
||||||
Auth: false,
|
Auth: false,
|
||||||
@@ -42,7 +45,7 @@ func RegisterPersonalCustomerRoutes(router fiber.Router, doc *openapi.Generator,
|
|||||||
Output: &dto.WechatLoginResponse{},
|
Output: &dto.WechatLoginResponse{},
|
||||||
})
|
})
|
||||||
|
|
||||||
Register(authPublicGroup, doc, basePath+authBasePath, "POST", "/send-code", handlers.ClientAuth.SendCode, RouteSpec{
|
Register(router, doc, basePath, "POST", authBasePath+"/send-code", handlers.ClientAuth.SendCode, RouteSpec{
|
||||||
Summary: "发送验证码",
|
Summary: "发送验证码",
|
||||||
Tags: []string{"个人客户 - 认证"},
|
Tags: []string{"个人客户 - 认证"},
|
||||||
Auth: false,
|
Auth: false,
|
||||||
@@ -50,6 +53,10 @@ func RegisterPersonalCustomerRoutes(router fiber.Router, doc *openapi.Generator,
|
|||||||
Output: &dto.ClientSendCodeResponse{},
|
Output: &dto.ClientSendCodeResponse{},
|
||||||
})
|
})
|
||||||
|
|
||||||
|
// === 需要认证的 auth 路由 ===
|
||||||
|
authProtectedGroup := router.Group(authBasePath)
|
||||||
|
authProtectedGroup.Use(personalAuthMiddleware.Authenticate())
|
||||||
|
|
||||||
Register(authProtectedGroup, doc, basePath+authBasePath, "POST", "/bind-phone", handlers.ClientAuth.BindPhone, RouteSpec{
|
Register(authProtectedGroup, doc, basePath+authBasePath, "POST", "/bind-phone", handlers.ClientAuth.BindPhone, RouteSpec{
|
||||||
Summary: "绑定手机号",
|
Summary: "绑定手机号",
|
||||||
Tags: []string{"个人客户 - 认证"},
|
Tags: []string{"个人客户 - 认证"},
|
||||||
|
|||||||
Reference in New Issue
Block a user