casbin认证中间件 用户身份校验

app/app.go

@@ -52,8 +52,15 @@ func reloadApp(c *config.BasicConfig) *fiber.App {
 		ErrorHandler: func(ctx *fiber.Ctx, err error) error {
 			code := fiber.StatusInternalServerError
 
+			logger.Log.Errorf("%#v", err)
+
 			if e, ok := err.(*fiber.Error); ok {
+				logger.Log.Debugf("err %v", e)
 				code = e.Code
+				if code == fiber.StatusNotFound {
+					return ctx.Status(fiber.StatusNotFound).JSON(errorx.NewErrorWithCode(code, "页面不存在"))
+				}
+
 			}
 
 			err = ctx.Status(code).JSON(errorx.NewDefaultError(err.Error()))

middleware/casbin.go

@@ -11,6 +11,7 @@ import (
 	"gofiber.study.skcks.cn/common/utils"
 	"gofiber.study.skcks.cn/global"
 	"gofiber.study.skcks.cn/model/casbin_model/models"
+	models2 "gofiber.study.skcks.cn/model/generic/models"
 	"xorm.io/xorm"
 )
 
@@ -74,6 +75,22 @@ func CasbinMiddleWare(c *fiber.Ctx) error {
 		return c.JSON(errorx.NewErrorWithCode(fiber.StatusUnauthorized, "认证失效, 请重新登录"))
 	}
 
+	user := &models2.User{
+		Id:      userClaim.Id,
+		Account: userClaim.Account,
+	}
+
+	exist, err := global.DataSources.Get(user)
+	if !exist {
+		logger.Log.Errorf("[CasbinMiddleWare] 用户不存在 %s", err)
+		return c.JSON(errorx.NewErrorWithCode(fiber.StatusUnauthorized, "认证失效, 请重新登录"))
+	}
+
+	if !user.Active {
+		logger.Log.Errorf("[CasbinMiddleWare] 账号未启用 id: %s, account: %s", user.Id, user.Account)
+		return c.JSON(errorx.NewErrorWithCode(fiber.StatusUnauthorized, "该账号暂未启用"))
+	}
+
 	identify := userClaim.Identify
 	system := headers["System"]
 	if len(system) == 0 {
@@ -83,7 +100,7 @@ func CasbinMiddleWare(c *fiber.Ctx) error {
 	uri := string(c.Request().URI().Path())
 	method := c.Method()
 
-	logger.Log.Debugf("identify=>%s, system=>%s, uri=>%s, method=>%s", identify, system, uri, method)
+	logger.Log.Debugf("[CasbinMiddleWare] identify=>%s, system=>%s, uri=>%s, method=>%s", identify, system, uri, method)
 
 	hasPermission, err := global.Enforcer.Enforce(identify, system, uri, method)
 	if err != nil {