duoqi-api/src/middleware/auth.ts
Wang Zhuoxuan 0ca06df078
Some checks failed
CI/CD Pipeline / Code Quality (push) Failing after 19s
CI/CD Pipeline / Unit Tests (push) Has been skipped
CI/CD Pipeline / Build & Deploy Test (push) Has been skipped
CI/CD Pipeline / Build & Deploy Production (push) Has been skipped
refactor: 移除阿里云融合认证集成,保留基础设施以备后续使用
移除 fusion-auth-client、融合认证路由和阿里云 SDK 依赖,
同时保留 findOrCreatePhone、appSettings 表、auth-providers
管理端和 /auth/providers 端点等基础设施。
2026-06-01 10:18:15 +08:00

42 lines
1.0 KiB
TypeScript

import { FastifyInstance } from 'fastify';
import fp from 'fastify-plugin';
import { UnauthorizedError } from '../utils/errors.js';
import type { JwtPayload } from '../types/auth.js';
// Extend @fastify/jwt's type system instead of decorating FastifyRequest
declare module '@fastify/jwt' {
interface FastifyJWT {
payload: JwtPayload;
}
}
async function authMiddleware(app: FastifyInstance): Promise<void> {
app.addHook('onRequest', async (request) => {
const publicPaths = [
'/health',
'/v1/auth/huawei',
'/v1/auth/guest',
'/v1/auth/phone',
'/v1/auth/refresh',
'/v1/auth/providers',
];
if (publicPaths.some((p) => request.url.startsWith(p))) {
return;
}
// Skip admin routes (handled by admin-auth middleware)
if (request.url.startsWith('/v1/admin')) {
return;
}
try {
await request.jwtVerify();
} catch {
throw new UnauthorizedError('Invalid or expired token');
}
});
}
export default fp(authMiddleware);