feat: 添加功能和修复问题

- 添加全局 API Token 认证支持 (环境变量 API_TOKEN) - Team 页面添加直接邀请按钮 - Team 页面添加随机邀请按钮 - 修复已邀请用户列表字段名不匹配问题 - 修复数据库为空时错误显示 toast 的问题
2026-01-14 13:25:49 +08:00
parent a0a7640e8a
commit 93aa31219d
6 changed files with 194 additions and 7 deletions
--- a/backend/.env.example
+++ b/backend/.env.example
@@ -16,3 +16,6 @@ PORT=8080
 ADMIN_USERNAME=admin
 ADMIN_EMAIL=admin@example.com
 ADMIN_PASSWORD=admin123
+
+# API Token (用于外部 API 调用，可选)
+API_TOKEN=your-api-token-here
--- a/backend/internal/middleware/auth_middleware.go
+++ b/backend/internal/middleware/auth_middleware.go
@@ -3,6 +3,7 @@ package middleware
 import (
 	"context"
 	"net/http"
+	"os"
 	"strings"

 	"gpt-manager-go/internal/auth"
@@ -31,7 +32,21 @@ func AuthMiddleware(next http.Handler) http.Handler {

 		tokenString := parts[1]

-		// 解析 Token
+		// 首先检查是否是 API Token
+		apiToken := os.Getenv("API_TOKEN")
+		if apiToken != "" && tokenString == apiToken {
+			// API Token 认证成功，创建虚拟管理员上下文
+			claims := &auth.Claims{
+				UserID:       0,
+				Username:     "api_token",
+				IsSuperAdmin: true,
+			}
+			ctx := context.WithValue(r.Context(), UserContextKey, claims)
+			next.ServeHTTP(w, r.WithContext(ctx))
+			return
+		}
+
+		// 解析 JWT Token
 		claims, err := auth.ParseToken(tokenString)
 		if err != nil {
 			http.Error(w, `{"success":false,"message":"Invalid or expired token"}`, http.StatusUnauthorized)