Files
Edu/services/core-edu/src/middleware/auth.middleware.ts
SpecialX 23246ade6d feat(p3): core teaching service with Outbox + Kafka event bus
P3 阶段交付物:
- services/core-edu: 教学核心服务(DDD 限界上下文:exams/grades/homework/classes)
  - exams: 考试 CRUD + 事务内写 exam + outbox
  - grades: 成绩 CRUD
  - homework: 作业 CRUD
  - classes.module: 复用 P1 classes 模块(聚合到 core-edu 服务)
- Outbox 模式实现:
  - outbox.schema.ts: core_edu_outbox 表(id/aggregate_id/event_type/payload/status/retry_count)
  - outbox.repository.ts: 支持事务参数 tx,确保业务+事件原子性
  - outbox.publisher.ts: Kafka idempotent producer + transactionalId,TOPIC_MAP 路由 9 种事件,MAX_RETRY=5
- config/kafka.ts: idempotent producer + transactionalId 配置
- main.ts: 启动顺序 initTracer → connectKafka → outboxPublisher.start → app.listen
- packages/shared-proto/proto/core_edu.proto: ExamService/HomeworkService/GradeService 契约
- packages/shared-proto/proto/events.proto: ClassEvent/ExamEvent/HomeworkEvent/GradeEvent 领域事件契约
2026-07-08 01:38:07 +08:00

41 lines
1017 B
TypeScript

import {
Injectable,
NestMiddleware,
UnauthorizedException,
} from '@nestjs/common';
import type { Request, Response, NextFunction } from 'express';
export interface AuthenticatedUser {
id: string;
role: string;
permissions: string[];
}
export interface AuthenticatedRequest extends Request {
user?: AuthenticatedUser;
}
@Injectable()
export class AuthMiddleware implements NestMiddleware {
use(req: AuthenticatedRequest, _res: Response, next: NextFunction): void {
const userId = req.headers['x-user-id'] as string | undefined;
const role = req.headers['x-user-role'] as string | undefined;
const permissionsHeader = req.headers['x-user-permissions'] as
| string
| undefined;
if (!userId || !role) {
throw new UnauthorizedException(
'Missing authentication headers (x-user-id, x-user-role)',
);
}
req.user = {
id: userId,
role,
permissions: permissionsHeader ? permissionsHeader.split(',') : [],
};
next();
}
}