feat(middleware/auth): 部分验证接口添加了 SecurityScheme

issue9 · Dec 30, 2024 · b3fdc03 · b3fdc03
1 parent 0afafd0
commit b3fdc03
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 7 deletions.
diff --git a/middlewares/auth/session/session.go b/middlewares/auth/session/session.go
@@ -142,6 +142,10 @@ func (s *Session[T]) Save(ctx *web.Context, val T) error {
 
 func (s *Session[T]) GetInfo(ctx *web.Context) (T, bool) { return mauth.Get[T](ctx) }
 
+func (s *Session[T]) SecurityScheme(id string, desc web.LocaleStringer) *openapi.SecurityScheme {
+	return SecurityScheme(s, id, desc)
+}
+
 // SecurityScheme 声明支持 openapi 的 [openapi.SecurityScheme] 对象
 func SecurityScheme[T any](s *Session[T], id string, desc web.LocaleStringer) *openapi.SecurityScheme {
 	return &openapi.SecurityScheme{

diff --git a/middlewares/auth/temporary/temporary.go b/middlewares/auth/temporary/temporary.go
@@ -43,7 +43,7 @@ type Temporary[T any] struct {
 //
 // ttl 表示令牌的过期时间。
 // once 是否为一次性令牌，如果为 true，在验证成功之后，该令牌将自动失效；
-// query 如果不为空，那么将由查询参数传递验证；
+// query 如果不为空，那么将由查询参数传递验证，否则表示 Bearer 类型的令牌传递；
 // unauthProblemID 验证不通过时的错误代码；
 // invalidTokenProblemID 令牌无效时返回的错误代码；
 func New[T any](s web.Server, ttl time.Duration, once bool, query string, unauthProblemID, invalidTokenProblemID string) *Temporary[T] {
@@ -119,8 +119,15 @@ func (t *Temporary[T]) Logout(ctx *web.Context) error {
 	return nil
 }
 
+// QueryName 查询参数的名称
+func (t *Temporary[T]) QueryName() string { return t.query }
+
 func (t *Temporary[T]) GetInfo(ctx *web.Context) (T, bool) { return mauth.Get[T](ctx) }
 
+func (t *Temporary[T]) SecurityScheme(id string, desc web.LocaleStringer) *openapi.SecurityScheme {
+	return SecurityScheme(id, desc, t.QueryName())
+}
+
 // SecurityScheme 声明支持 openapi 的 [openapi.SecurityScheme] 对象
 func SecurityScheme(id string, desc web.LocaleStringer, query string) *openapi.SecurityScheme {
 	if query != "" {

diff --git a/middlewares/auth/temporary/temporary_test.go b/middlewares/auth/temporary/temporary_test.go
@@ -150,13 +150,17 @@ func TestTemporary_query(t *testing.T) {
 		})
 }
 
-func TestSecurityScheme(t *testing.T) {
+func TestTemporary_SecurityScheme(t *testing.T) {
 	a := assert.New(t, false)
+	s := testserver.New(a)
 
-	s := SecurityScheme("id", web.Phrase("ss"), "")
-	a.Equal(s.Type, openapi.SecuritySchemeTypeHTTP)
+	temp := New[string](s, time.Second, true, "", web.ProblemForbidden, web.ProblemBadRequest)
+	ss := temp.SecurityScheme("id", web.Phrase("ss"))
+	a.Equal(ss.Type, openapi.SecuritySchemeTypeHTTP)
 
-	s = SecurityScheme("id", web.Phrase("ss"), "query")
-	a.Equal(s.Type, openapi.SecuritySchemeTypeAPIKey).
-		Equal(s.In, openapi.InQuery)
+	temp = New[string](s, time.Second, true, "token", web.ProblemForbidden, web.ProblemBadRequest)
+	ss = temp.SecurityScheme("id", web.Phrase("ss"))
+	a.Equal(ss.Type, openapi.SecuritySchemeTypeAPIKey).
+		Equal(ss.In, openapi.InQuery).
+		Equal(ss.Name, temp.QueryName())
 }