完善认证逻辑，添加用户信息 introspect 接口，更新 .gitignore 忽略 scripts 目录

2025-04-26 17:59:34 +08:00
parent 08c88da0ce
commit 3e837b5fec
13 changed files with 67 additions and 1378 deletions
--- a/web/handlers/auth.go
+++ b/web/handlers/auth.go
@@ -268,7 +268,7 @@ type RevokeReq struct {
 }

 func Revoke(c *fiber.Ctx) error {
-	_, err := auth.Protect(c, []s.PayloadType{s.PayloadUser}, []string{})
+	_, err := auth.Protect(c, []s.PayloadType{s.PayloadClientConfidential}, []string{})
 	if err != nil {
 		// 用户未登录
 		return nil
@@ -290,3 +290,30 @@ func Revoke(c *fiber.Ctx) error {
 }

 // endregion
+
+// region /profile
+
+type IntrospectResp struct {
+	m.User
+}
+
+func Introspect(c *fiber.Ctx) error {
+	// 验证权限
+	authCtx, err := auth.Protect(c, []s.PayloadType{s.PayloadUser}, []string{})
+	if err != nil {
+		return err
+	}
+
+	// 获取用户信息
+	profile, err := q.User.
+		Where(q.User.ID.Eq(authCtx.Payload.Id)).
+		Omit(q.User.Password, q.User.DeletedAt).
+		Take()
+	if err != nil {
+		return err
+	}
+
+	return c.JSON(IntrospectResp{*profile})
+}
+
+// endregion