import log4js from "logger"; import { getUserFromEvent } from "#server/utils/jwt"; import { getCurrentUser } from "#server/service/auth"; import { setContextUser, getContextUser } from "#server/utils/context"; interface IConfig { auth?: 'required' | 'public' | 'optional'; /** 允许的角色列表,不指定则不校验角色 */ role?: string | string[]; } const defaultConfig: IConfig = { auth: 'required', } const logger = log4js.getLogger("ERROR"); export const defineWrappedResponseHandler = ( handlerOrConfig?: EventHandler | IConfig, _handler?: EventHandler, ): EventHandler => { const handler = typeof handlerOrConfig === 'function' ? handlerOrConfig : _handler; if (!handler) { throw new Error('handler or config is required'); } const config = Object.assign({ ...defaultConfig }, typeof handlerOrConfig === 'object' ? handlerOrConfig : {}); return defineEventHandler(async (event) => { // ---- auth guard ---- if (config.auth !== 'public') { const payload = getUserFromEvent(event); if (config.auth === 'required' && !payload) { return R.error("未登录", null); } if (payload) { const user = await getCurrentUser(payload); if (config.auth === 'required' && !user) { return R.error("用户不存在", null); } if (user) { setContextUser(event, user); } } } // ---- end auth guard ---- // ---- role guard ---- if (config.role) { const user = getContextUser(event); if (!user) { return R.error("未登录", null); } const allowedRoles = Array.isArray(config.role) ? config.role : [config.role]; if (!allowedRoles.includes(user.role)) { return R.error("无权限", null); } } // ---- end role guard ---- const response = await handler(event) return response }) }