Add exchange api endpoint, fix jwt authtoken var type error

Signed-off-by: Asai Neko <sugar@sne.moe>
2026-01-20 18:51:15 +08:00
parent 9b83ab565a
commit cd93491d98
8 changed files with 75 additions and 48 deletions
--- a/service/auth/exchange.go
+++ b/service/auth/exchange.go
@@ -0,0 +1,65 @@
+package auth
+
+import (
+	"net/url"
+	"nixcn-cms/data"
+	"nixcn-cms/pkgs/authcode"
+	"nixcn-cms/utils"
+
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+)
+
+func Exchange(c *gin.Context) {
+	var exchangeReq struct {
+		ClientId    string `json:"client_id"`
+		RedirectUri string `json:"redirect_uri"`
+		State       string `json:"state"`
+	}
+
+	err := c.BindJSON(exchangeReq)
+	if err != nil {
+		utils.HttpResponse(c, 400, "", "invalid request")
+		return
+	}
+
+	userIdOrig, ok := c.Get("user_id")
+	if !ok {
+		utils.HttpResponse(c, 401, "", "unauthorized")
+		return
+	}
+
+	userId, err := uuid.Parse(userIdOrig.(string))
+	if err != nil {
+		utils.HttpResponse(c, 500, "", "failed to parse uuid")
+		return
+	}
+
+	userData := new(data.User)
+	user, err := userData.GetByUserId(userId)
+	if err != nil {
+		utils.HttpResponse(c, 500, "", "failed to get user id")
+		return
+	}
+
+	code, err := authcode.NewAuthCode(exchangeReq.ClientId, user.Email)
+	if err != nil {
+		utils.HttpResponse(c, 500, "", "code gen failed")
+		return
+	}
+
+	url, err := url.Parse(exchangeReq.RedirectUri)
+	if err != nil {
+		utils.HttpResponse(c, 400, "", "invalid redirect uri")
+		return
+	}
+	query := url.Query()
+	query.Set("code", code)
+	url.RawQuery = query.Encode()
+
+	exchangeResp := struct {
+		RedirectUri string `json:"redirect_uri"`
+	}{url.String()}
+
+	utils.HttpResponse(c, 200, "", "success", exchangeResp)
+}
--- a/service/auth/handler.go
+++ b/service/auth/handler.go
@@ -7,8 +7,9 @@ import (
 )

 func Handler(r *gin.RouterGroup) {
-	r.GET("/redirect", middleware.JWTAuth(false), Redirect)
+	r.GET("/redirect", Redirect)
 	r.POST("/magic", middleware.ApiVersionCheck(), Magic)
 	r.POST("/token", middleware.ApiVersionCheck(), Token)
 	r.POST("/refresh", middleware.ApiVersionCheck(), Refresh)
+	r.POST("/exchange", middleware.ApiVersionCheck(), middleware.JWTAuth(), Exchange)
 }
--- a/service/auth/redirect.go
+++ b/service/auth/redirect.go
@@ -31,43 +31,6 @@ func Redirect(c *gin.Context) {
 	}

 	code := c.Query("code")
-	if code == "" {
-		userIdOrig, ok := c.Get("user_id")
-		if !ok || userIdOrig == "" {
-			utils.HttpResponse(c, 401, "", "unauthorized")
-			return
-		}
-
-		userId, err := uuid.Parse(userIdOrig.(string))
-		if err != nil {
-			utils.HttpResponse(c, 500, "", "failed to parse uuid")
-			return
-		}
-
-		userData := new(data.User)
-		user, err := userData.GetByUserId(userId)
-		if err != nil {
-			utils.HttpResponse(c, 500, "", "failed to get user id")
-			return
-		}
-
-		code, err := authcode.NewAuthCode(clientId, user.Email)
-		if err != nil {
-			utils.HttpResponse(c, 500, "", "code gen failed")
-			return
-		}
-
-		url, err := url.Parse(redirectUri)
-		if err != nil {
-			utils.HttpResponse(c, 400, "", "invalid redirect uri")
-			return
-		}
-		query := url.Query()
-		query.Set("code", code)
-		url.RawQuery = query.Encode()
-
-		c.Redirect(302, url.String())
-	}

 	// Verify email token
 	authCode, ok := authcode.VerifyAuthCode(code)
--- a/service/event/handler.go
+++ b/service/event/handler.go
@@ -7,7 +7,7 @@ import (
 )

 func Handler(r *gin.RouterGroup) {
-	r.Use(middleware.JWTAuth(true), middleware.Permission(10))
+	r.Use(middleware.JWTAuth(), middleware.Permission(10))
 	r.GET("/info", Info)
 	r.GET("/checkin", Checkin)
 	r.GET("/checkin/query", CheckinQuery)
--- a/service/user/handler.go
+++ b/service/user/handler.go
@@ -7,7 +7,7 @@ import (
 )

 func Handler(r *gin.RouterGroup) {
-	r.Use(middleware.JWTAuth(true), middleware.Permission(5))
+	r.Use(middleware.JWTAuth(), middleware.Permission(5))
 	r.GET("/info", Info)
 	r.PATCH("/update", Update)
 	r.GET("/list", middleware.Permission(20), List)