更新小程序开发文档，新增2026-03-03的最佳实践记录，优化个人中心类页面的卡片区边距规范，确保一致性与可用性。调整相关页面以反映最新设计稿，提升用户体验与功能一致性。

2026-03-04 19:06:06 +08:00
parent 7064f82126
commit 5a5f0087d2
66 changed files with 2555 additions and 1059 deletions
--- a/soul-api/internal/middleware/admin_auth.go
+++ b/soul-api/internal/middleware/admin_auth.go
@@ -9,7 +9,9 @@ import (
 	"github.com/gin-gonic/gin"
 )

-// AdminAuth 管理端鉴权：校验 JWT（Authorization: Bearer 或 Cookie admin_session），未登录返回 401
+const adminClaimsKey = "admin_claims"
+
+// AdminAuth 管理端鉴权：校验 JWT（Authorization: Bearer 或 Cookie admin_session），未登录返回 401；通过则设置 admin_claims 到 context
 func AdminAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		cfg := config.Get()
@@ -18,10 +20,25 @@ func AdminAuth() gin.HandlerFunc {
 			return
 		}
 		token := auth.GetAdminJWTFromRequest(c.Request)
-		if _, ok := auth.ParseAdminJWT(token, cfg.AdminSessionSecret); !ok {
+		claims, ok := auth.ParseAdminJWT(token, cfg.AdminSessionSecret)
+		if !ok {
 			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"success": false, "error": "未授权访问，请先登录"})
 			return
 		}
+		c.Set(adminClaimsKey, claims)
 		c.Next()
 	}
 }
+
+// GetAdminClaims 从 context 获取 admin claims（需在 AdminAuth 之后调用）
+func GetAdminClaims(c *gin.Context) *auth.AdminClaims {
+	v, ok := c.Get(adminClaimsKey)
+	if !ok || v == nil {
+		return nil
+	}
+	claims, ok := v.(*auth.AdminClaims)
+	if !ok {
+		return nil
+	}
+	return claims
+}