gangbi_web/backend/middleware/auth.js

const jwt = require('jsonwebtoken');
const db = require('../utils/db');

const auth = async (req, res, next) => {
  try {
    const token = req.header('Authorization').replace('Bearer ', '');
    const decoded = jwt.verify(token, process.env.JWT_SECRET);
    
    const [admins] = await db.query(
      'SELECT a.*, GROUP_CONCAT(ap.permission) as permissions FROM admins a ' +
      'LEFT JOIN admin_permissions ap ON a.id = ap.admin_id ' +
      'WHERE a.id = ? AND a.status = "active" ' +
      'GROUP BY a.id',
      [decoded.id]
    );
    
    if (!admins[0]) {
      throw new Error();
    }
    
    req.admin = {
      ...admins[0],
      permissions: admins[0].permissions ? admins[0].permissions.split(',') : []
    };
    next();
  } catch (error) {
    res.status(401).json({ message: '请先登录' });
  }
};

module.exports = auth;
first commit 2025-02-07 05:10:01 +00:00			`const jwt = require('jsonwebtoken');`
			`const db = require('../utils/db');`

			`const auth = async (req, res, next) => {`
			`try {`
			`const token = req.header('Authorization').replace('Bearer ', '');`
			`const decoded = jwt.verify(token, process.env.JWT_SECRET);`

			`const [admins] = await db.query(`
			`'SELECT a.*, GROUP_CONCAT(ap.permission) as permissions FROM admins a ' +`
			`'LEFT JOIN admin_permissions ap ON a.id = ap.admin_id ' +`
			`'WHERE a.id = ? AND a.status = "active" ' +`
			`'GROUP BY a.id',`
			`[decoded.id]`
			`);`

			`if (!admins[0]) {`
			`throw new Error();`
			`}`

			`req.admin = {`
			`...admins[0],`
			`permissions: admins[0].permissions ? admins[0].permissions.split(',') : []`
			`};`
			`next();`
			`} catch (error) {`
			`res.status(401).json({ message: '请先登录' });`
			`}`
			`};`

			`module.exports = auth;`