Inicio Explorar Axuda
Rexistro Iniciar sesión
186-template-175
/
mini-starter
Fork de 155-template-138/mini-starter
2
0
Fork 0
Ficheiros
Explorar o código

♻️ refactor(story): update tenant context design to use Hono middleware pattern

- Replace AsyncLocalStorage-based TenantContext with tenantAuthMiddleware
- Align with existing auth middleware implementation style
- Use JWT token extraction for tenant ID instead of local storage
- Clarify that this middleware is only for tenant management APIs
- Update task descriptions to reflect new middleware approach

🤖 Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
yourname hai 1 mes
pai
35027daaeb
achega
88ee526c06
Modificáronse 1 ficheiros con 41 adicións e 14 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 41 14
      docs/stories/007.001.tenant-base-package-creation.md

+ 41 - 14
docs/stories/007.001.tenant-base-package-creation.md
Ver ficheiro 

@@ -31,10 +31,10 @@ Draft
 
   - [ ] 实现租户CRUD路由
 
   - [ ] 更新Schema定义
 
   - [ ] 添加租户类型定义
 
-- [ ] 创建租户上下文管理 (AC: 4)
 
-  - [ ] 实现TenantContext类
 
-  - [ ] 添加AsyncLocalStorage支持
 
-  - [ ] 创建租户上下文中间件
 
+- [ ] 创建租户认证中间件 (AC: 4)
 
+  - [ ] 实现tenantAuthMiddleware函数
 
+  - [ ] 添加JWT验证和租户ID提取
 
+  - [ ] 创建租户认证中间件
 
 - [ ] 验证租户管理功能 (AC: 5)
 
   - [ ] 编写API集成测试
 
   - [ ] 验证租户数据隔离
 
@@ -76,17 +76,44 @@ packages/
 
 - 移除:`password`, `loginNum`, `loginTime`, `loginIp`, `lastLoginTime`, `lastLoginIp`
 
 - 添加:`status` (租户状态), `config` (租户配置)
 
 
-### 租户上下文设计
 
-```typescript
 
-export class TenantContext {
 
-  private static readonly tenantIdStorage = new AsyncLocalStorage<number>();
 
-
 
-  static getCurrentTenantId(): number | undefined {
 
-    return this.tenantIdStorage.getStore();
 
-  }
 
+### 租户认证中间件设计
 
+**重要说明**:此租户认证中间件仅用于租户管理API,与认证模块的认证中间件是独立的两套系统。
 
 
-  static runWithTenant<T>(tenantId: number, fn: () => Promise<T>): Promise<T> {
 
-    return this.tenantIdStorage.run(tenantId, fn);
 
+采用Hono中间件模式与现有技术栈统一:
 
+```typescript
 
+import { Context, Next } from 'hono';
 
+
 
+export async function tenantAuthMiddleware(c: Context, next: Next) {
 
+  try {
 
+    const authHeader = c.req.header('Authorization');
 
+    if (!authHeader) {
 
+      return c.json({ message: 'Authorization header missing' }, 401);
 
+    }
 
+
 
+    const tokenParts = authHeader.split(' ');
 
+    if (tokenParts.length !== 2 || tokenParts[0] !== 'Bearer') {
 
+      return c.json({ message: 'Authorization header missing' }, 401);
 
+    }
 
+
 
+    const token = tokenParts[1];
 
+    if (!token) {
 
+      return c.json({ message: 'Token missing' }, 401);
 
+    }
 
+
 
+    // 验证JWT并提取租户ID
 
+    const decoded = jwt.verify(token, process.env.JWT_SECRET!) as any;
 
+    const tenantId = decoded.tenantId;
 
+
 
+    if (!tenantId) {
 
+      return c.json({ message: 'Tenant ID not found in token' }, 401);
 
+    }
 
+
 
+    // 设置租户上下文
 
+    c.set('tenantId', tenantId);
 
+    await next();
 
+  } catch (error) {
 
+    console.error('Tenant auth middleware error:', error);
 
+    return c.json({ message: 'Invalid token or tenant context' }, 401);
 
   }
 
 }
 
 ```