修改登录校验和初始化

2025-12-18 10:04:01 +08:00 · 2025-05-16 17:43:30 +08:00
parent a286500c05
commit a4bd40b08e
6 changed files with 25 additions and 24 deletions
--- a/backend/middleware/auth.go
+++ b/backend/middleware/auth.go
@@ -26,7 +26,7 @@ func SessionAuthMiddleware() gin.HandlerFunc {
 		if checkApiKey(c) {
 			return
 		}
-		
+
 		routePath := c.Request.URL.Path
 		method := c.Request.Method
 		paths := strings.Split(strings.TrimPrefix(routePath, "/"), "/")
@@ -34,7 +34,7 @@ func SessionAuthMiddleware() gin.HandlerFunc {
 		now := time.Now()
 		gob.Register(time.Time{})
 		last := session.Get("lastRequestTime")
-		
+
 		if routePath == public.Secure {
 			if session.Get("secure") == nil {
 				// 访问安全入口，设置 session
@@ -97,13 +97,13 @@ func SessionAuthMiddleware() gin.HandlerFunc {
 							c.Abort()
 							return
 						} else {
-							if session.Get("__login_key") != public.GetSettingIgnoreError("login_key") {
+							if session.Get("__login_key") != public.LoginKey {
 								// session.Set("secure", true)
 								session.Set("login", nil)
 								session.Save()
 								// c.JSON(http.StatusUnauthorized, gin.H{"message": "登录信息发生变化，请重新登录"})
 								c.Redirect(http.StatusFound, "/login")
-								// c.Abort()
+								c.Abort()
 							} else {
 								// 访问正常，更新最后请求时间
 								session.Set("lastRequestTime", now)
@@ -169,7 +169,7 @@ func checkApiKey(c *gin.Context) bool {
 func generateSignature(timestamp, apiKey string) string {
 	keyMd5 := md5.Sum([]byte(apiKey))
 	keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:]))
-	
+
 	signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex))
 	signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:]))
 	return signMd5Hex