| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 |
- import { Context, Next } from 'hono';
- import { AuthService } from '../services/index';
- import { UserService } from '../../../user-module/src/services/index';
- import { AppDataSource } from '@d8d/shared-utils';
- import { AuthContext } from '@d8d/shared-types';
- import { parseWithAwait } from '@d8d/shared-utils';
- import { EnterpriseUserResponseSchema } from '../schemas/index';
- export async function enterpriseAuthMiddleware(c: Context<AuthContext>, next: Next) {
- try {
- const authHeader = c.req.header('Authorization');
- if (!authHeader) {
- return c.json({ message: 'Authorization header missing' }, 401);
- }
- const tokenParts = authHeader.split(' ');
- if (tokenParts.length !== 2 || tokenParts[0] !== 'Bearer') {
- return c.json({ message: 'Authorization header missing' }, 401);
- }
- const token = tokenParts[1];
- if (!token) {
- return c.json({ message: 'Token missing' }, 401);
- }
- const userService = new UserService(AppDataSource);
- const authService = new AuthService(userService);
- const decoded = authService.verifyToken(token);
- // 获取用户信息,包含企业关联
- const user = await userService.getUserWithCompany(decoded.id);
- if (!user) {
- return c.json({ message: 'User not found' }, 401);
- }
- // 验证用户是否是企业用户
- if (!user.companyId) {
- return c.json({ message: 'User is not an enterprise user' }, 403);
- }
- // 设置用户上下文(包含企业详情)
- const userData = await parseWithAwait(EnterpriseUserResponseSchema, user);
- c.set('user', userData);
- c.set('token', token);
- await next();
- } catch (error) {
- console.error('Enterprise authentication error:', error);
- return c.json({ message: 'Invalid token or insufficient permissions' }, 401);
- }
- }
|
