WEQServer/internal/middleware/middleware.go

package middleware

import (
	"crypto/md5"
	"encoding/hex"
	"fmt"
	"github.com/cloudwego/hertz/pkg/app"
	"github.com/cloudwego/hertz/pkg/protocol/consts"
	"weather_and_earthquake/internal/config"
)
import "context"

var Apps *config.Apps

// 跨域
func CorsMiddleware() app.HandlerFunc {
	return func(ctx context.Context, c *app.RequestContext) {
		c.Response.Header.Set("Access-Control-Allow-Origin", "*")
		c.Response.Header.Set("Access-Control-Allow-Methods", "*")
		c.Response.Header.Set("Access-Control-Allow-Headers", "*")
		c.Response.Header.Set("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type")
		c.Next(ctx)
	}
}

// 校验签名
func AuthMiddleware() app.HandlerFunc {
	return func(ctx context.Context, c *app.RequestContext) {
		author := c.Request.Header.Get("Authorization")
		timestamp := c.Request.Header.Get("Timestamp")
		sign := c.Request.Header.Get("Sign")
		if author == "" || timestamp == "" || sign == "" {
			c.AbortWithMsg("Missing Parameter.", consts.StatusUnauthorized)
			return
		}

		var secret string = ""
		for _, v := range Apps.AppSecrets {
			if v.Id == author {
				secret = v.Secret
				break
			}
		}

		if len(secret) == 0 {
			c.AbortWithMsg("Wrong Authorization.", consts.StatusUnauthorized)
			return
		}

		temp := fmt.Sprintf("%s-%s-%s", author, timestamp, secret)

		h := md5.New()
		h.Write([]byte(temp))
		localSign := hex.EncodeToString(h.Sum(nil))
		if localSign != sign {
			c.AbortWithMsg("Wrong Signature.", consts.StatusUnauthorized)
			return
		}

		c.Next(ctx)
	}
}
feat: 加入中间件和NoRoute设定 todo: 校验签名的中间件逻辑 2025-10-31 09:23:44 +00:00			`package middleware`

feat: 读配置，起服务 2025-10-31 10:01:06 +00:00			`import (`
feat: 天气查询逻辑完成 2025-11-03 11:12:39 +00:00			`"crypto/md5"`
			`"encoding/hex"`
			`"fmt"`
feat: 读配置，起服务 2025-10-31 10:01:06 +00:00			`"github.com/cloudwego/hertz/pkg/app"`
feat: 天气查询逻辑完成 2025-11-03 11:12:39 +00:00			`"github.com/cloudwego/hertz/pkg/protocol/consts"`
feat: 读配置，起服务 2025-10-31 10:01:06 +00:00			`"weather_and_earthquake/internal/config"`
			`)`
feat: 加入中间件和NoRoute设定 todo: 校验签名的中间件逻辑 2025-10-31 09:23:44 +00:00			`import "context"`

feat: 读配置，起服务 2025-10-31 10:01:06 +00:00			`var Apps *config.Apps`

feat: 加入中间件和NoRoute设定 todo: 校验签名的中间件逻辑 2025-10-31 09:23:44 +00:00			`// 跨域`
			`func CorsMiddleware() app.HandlerFunc {`
			`return func(ctx context.Context, c *app.RequestContext) {`
			`c.Response.Header.Set("Access-Control-Allow-Origin", "*")`
			`c.Response.Header.Set("Access-Control-Allow-Methods", "*")`
			`c.Response.Header.Set("Access-Control-Allow-Headers", "*")`
			`c.Response.Header.Set("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type")`
			`c.Next(ctx)`
			`}`
			`}`

			`// 校验签名`
			`func AuthMiddleware() app.HandlerFunc {`
			`return func(ctx context.Context, c *app.RequestContext) {`
feat: 天气查询逻辑完成 2025-11-03 11:12:39 +00:00			`author := c.Request.Header.Get("Authorization")`
			`timestamp := c.Request.Header.Get("Timestamp")`
			`sign := c.Request.Header.Get("Sign")`
			`if author == "" \|\| timestamp == "" \|\| sign == "" {`
			`c.AbortWithMsg("Missing Parameter.", consts.StatusUnauthorized)`
			`return`
			`}`

			`var secret string = ""`
			`for _, v := range Apps.AppSecrets {`
			`if v.Id == author {`
			`secret = v.Secret`
			`break`
			`}`
			`}`

			`if len(secret) == 0 {`
			`c.AbortWithMsg("Wrong Authorization.", consts.StatusUnauthorized)`
			`return`
			`}`

			`temp := fmt.Sprintf("%s-%s-%s", author, timestamp, secret)`

			`h := md5.New()`
			`h.Write([]byte(temp))`
			`localSign := hex.EncodeToString(h.Sum(nil))`
			`if localSign != sign {`
			`c.AbortWithMsg("Wrong Signature.", consts.StatusUnauthorized)`
			`return`
			`}`

feat: 加入中间件和NoRoute设定 todo: 校验签名的中间件逻辑 2025-10-31 09:23:44 +00:00			`c.Next(ctx)`
			`}`
			`}`