31 lines
708 B
Go
31 lines
708 B
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
"os"
|
|
"strings"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// CronAuth 定时任务鉴权:校验 X-Cron-Secret 请求头或 ?secret= 参数与 CRON_SECRET 环境变量一致
|
|
// 若 CRON_SECRET 未配置则直接放行(开发环境兼容)
|
|
func CronAuth() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
secret := strings.TrimSpace(os.Getenv("CRON_SECRET"))
|
|
if secret == "" {
|
|
c.Next()
|
|
return
|
|
}
|
|
provided := c.GetHeader("X-Cron-Secret")
|
|
if provided == "" {
|
|
provided = c.Query("secret")
|
|
}
|
|
if provided != secret {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"success": false, "error": "cron secret 不匹配"})
|
|
return
|
|
}
|
|
c.Next()
|
|
}
|
|
}
|