zlei6/go-zero
1
0
Fork 0
mirror of https://github.com/zeromicro/go-zero.git synced 2026-05-10 00:20:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix JWT middleware to skip body dump for multipart/form-data requests

Browse Source 
Co-authored-by: kevwan <1918356+kevwan@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-02-07 09:04:34 +00:00
parent a74928a478
commit 5b974b82f2
2 changed files with 75 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
rest/handler/authhandler.go
View File

@@ -5,6 +5,7 @@ import (
"errors"
"net/http"
"net/http/httputil"
"strings"
"github.com/golang-jwt/jwt/v4"
"github.com/zeromicro/go-zero/core/logc"
@@ -99,10 +100,17 @@ func WithUnauthorizedCallback(callback UnauthorizedCallback) AuthorizeOption {
func detailAuthLog(r *http.Request, reason string) {
// discard dump error, only for debug purpose
details, _ := httputil.DumpRequest(r, true)
// Skip dumping request body for multipart/form-data to avoid reading large files
dumpBody := !isMultipartFormData(r)
details, _ := httputil.DumpRequest(r, dumpBody)
logc.Errorf(r.Context(), "authorize failed: %s\n=> %+v", reason, string(details))
}
func isMultipartFormData(r *http.Request) bool {
contentType := r.Header.Get("Content-Type")
return strings.Contains(contentType, "multipart/form-data")
}
func unauthorized(w http.ResponseWriter, r *http.Request, err error, callback UnauthorizedCallback) {
writer := response.NewHeaderOnceResponseWriter(w)