fix: remove token auth for user login

2025-10-05 08:06:51 +08:00 · 2022-11-22 12:53:27 +08:00
parent 9dc3498a2a
commit 391a1c09af
2 changed files with 8 additions and 64 deletions
--- a/middleware/auth.go
+++ b/middleware/auth.go
@@ -4,7 +4,6 @@ import (
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 	"message-pusher/common"
-	"message-pusher/model"
 	"net/http"
 )

@@ -14,34 +13,12 @@ func authHelper(c *gin.Context, minRole int) {
 	role := session.Get("role")
 	id := session.Get("id")
 	status := session.Get("status")
-	authByToken := false
 	if username == nil {
-		// Check token
-		token := c.Request.Header.Get("Authorization")
-		if token == "" {
-			c.JSON(http.StatusOK, gin.H{
-				"success": false,
-				"message": "无权进行此操作，未登录或 token 无效",
-			})
-			c.Abort()
-			return
-		}
-		user := model.ValidateUserToken(token)
-		if user != nil && user.Username != "" {
-			// Token is valid
-			username = user.Username
-			role = user.Role
-			id = user.Id
-			status = user.Status
-		} else {
-			c.JSON(http.StatusOK, gin.H{
-				"success": false,
-				"message": "无权进行此操作，token 无效",
-			})
-			c.Abort()
-			return
-		}
-		authByToken = true
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": "无权进行此操作，未登录",
+		})
+		c.Abort()
 	}
 	if status.(int) == common.UserStatusDisabled {
 		c.JSON(http.StatusOK, gin.H{
@@ -62,7 +39,6 @@ func authHelper(c *gin.Context, minRole int) {
 	c.Set("username", username)
 	c.Set("role", role)
 	c.Set("id", id)
-	c.Set("authByToken", authByToken)
 	c.Next()
 }

@@ -83,35 +59,3 @@ func RootAuth() func(c *gin.Context) {
 		authHelper(c, common.RoleRootUser)
 	}
 }
-
-// NoTokenAuth You should always use this after normal auth middlewares.
-func NoTokenAuth() func(c *gin.Context) {
-	return func(c *gin.Context) {
-		authByToken := c.GetBool("authByToken")
-		if authByToken {
-			c.JSON(http.StatusOK, gin.H{
-				"success": false,
-				"message": "本接口不支持使用 token 进行验证",
-			})
-			c.Abort()
-			return
-		}
-		c.Next()
-	}
-}
-
-// TokenOnlyAuth You should always use this after normal auth middlewares.
-func TokenOnlyAuth() func(c *gin.Context) {
-	return func(c *gin.Context) {
-		authByToken := c.GetBool("authByToken")
-		if !authByToken {
-			c.JSON(http.StatusOK, gin.H{
-				"success": false,
-				"message": "本接口仅支持使用 token 进行验证",
-			})
-			c.Abort()
-			return
-		}
-		c.Next()
-	}
-}