重构增加模型枚举值定义

2025-05-09 18:56:17 +08:00
parent d5a242d6b4
commit 071a0e1a6c
29 changed files with 252 additions and 138 deletions
--- a/web/handlers/auth.go
+++ b/web/handlers/auth.go
@@ -5,6 +5,7 @@ import (
 	"errors"
 	"log/slog"
 	"platform/web/auth"
+	client2 "platform/web/domains/client"
 	m "platform/web/models"
 	q "platform/web/queries"
 	s "platform/web/services"
@@ -188,7 +189,7 @@ func protect(c *fiber.Ctx, grant s.OauthGrantType, clientId, clientSecret string
 			return nil, s.ErrOauthUnauthorizedClient
 		}
 	case s.OauthGrantTypeClientCredentials:
-		if !client.GrantClient || client.Spec != 3 {
+		if !client.GrantClient || client.Spec != int32(client2.SpecWeb) || client.Spec != int32(client2.SpecTrusted) {
 			return nil, s.ErrOauthUnauthorizedClient
 		}
 	case s.OauthGrantTypeRefreshToken:
@@ -202,7 +203,7 @@ func protect(c *fiber.Ctx, grant s.OauthGrantType, clientId, clientSecret string
 	}

 	// 如果客户端是 confidential，验证 client_secret，失败返回错误
-	if client.Spec == 3 {
+	if client.Spec == int32(client2.SpecWeb) || client.Spec == int32(client2.SpecTrusted) {
 		if clientSecret == "" {
 			return nil, s.ErrOauthInvalidRequest
 		}
@@ -215,7 +216,7 @@ func protect(c *fiber.Ctx, grant s.OauthGrantType, clientId, clientSecret string
 	auth.Locals(c, &auth.Context{
 		Payload: auth.Payload{
 			Id:     client.ID,
-			Type:   auth.PayloadClientConfidential,
+			Type:   auth.PayloadSecuredServer,
 			Name:   client.Name,
 			Avatar: client.Icon,
 		},