P3 阶段交付物: - services/core-edu: 教学核心服务(DDD 限界上下文:exams/grades/homework/classes) - exams: 考试 CRUD + 事务内写 exam + outbox - grades: 成绩 CRUD - homework: 作业 CRUD - classes.module: 复用 P1 classes 模块(聚合到 core-edu 服务) - Outbox 模式实现: - outbox.schema.ts: core_edu_outbox 表(id/aggregate_id/event_type/payload/status/retry_count) - outbox.repository.ts: 支持事务参数 tx,确保业务+事件原子性 - outbox.publisher.ts: Kafka idempotent producer + transactionalId,TOPIC_MAP 路由 9 种事件,MAX_RETRY=5 - config/kafka.ts: idempotent producer + transactionalId 配置 - main.ts: 启动顺序 initTracer → connectKafka → outboxPublisher.start → app.listen - packages/shared-proto/proto/core_edu.proto: ExamService/HomeworkService/GradeService 契约 - packages/shared-proto/proto/events.proto: ClassEvent/ExamEvent/HomeworkEvent/GradeEvent 领域事件契约
41 lines
1017 B
TypeScript
41 lines
1017 B
TypeScript
import {
|
|
Injectable,
|
|
NestMiddleware,
|
|
UnauthorizedException,
|
|
} from '@nestjs/common';
|
|
import type { Request, Response, NextFunction } from 'express';
|
|
|
|
export interface AuthenticatedUser {
|
|
id: string;
|
|
role: string;
|
|
permissions: string[];
|
|
}
|
|
|
|
export interface AuthenticatedRequest extends Request {
|
|
user?: AuthenticatedUser;
|
|
}
|
|
|
|
@Injectable()
|
|
export class AuthMiddleware implements NestMiddleware {
|
|
use(req: AuthenticatedRequest, _res: Response, next: NextFunction): void {
|
|
const userId = req.headers['x-user-id'] as string | undefined;
|
|
const role = req.headers['x-user-role'] as string | undefined;
|
|
const permissionsHeader = req.headers['x-user-permissions'] as
|
|
| string
|
|
| undefined;
|
|
|
|
if (!userId || !role) {
|
|
throw new UnauthorizedException(
|
|
'Missing authentication headers (x-user-id, x-user-role)',
|
|
);
|
|
}
|
|
|
|
req.user = {
|
|
id: userId,
|
|
role,
|
|
permissions: permissionsHeader ? permissionsHeader.split(',') : [],
|
|
};
|
|
next();
|
|
}
|
|
}
|