add

trading_assistant_api/common/auth/jwt.go

@@ -5,6 +5,7 @@ import (
 	"time"
 
 	"common/utils"
+	"common/logger"
 	"github.com/golang-jwt/jwt/v5"
 )
 
@@ -27,7 +28,11 @@ func GenerateToken(userID string) (string, error) {
 		ExpiresAt: jwt.NewNumericDate(now.Add(ttl)),
 	}
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-	return token.SignedString([]byte(secret))
+	signed, err := token.SignedString([]byte(secret))
+	if err == nil {
+		logger.L().Printf("jwt generate success user=%s exp=%s", userID, claims.ExpiresAt.Time.Format(time.RFC3339))
+	}
+	return signed, err
 }
 
 func ParseToken(tokenStr string) (string, error) {
@@ -40,10 +45,13 @@ func ParseToken(tokenStr string) (string, error) {
 		return []byte(secret), nil
 	})
 	if err != nil {
+		logger.L().Printf("jwt parse error: %v", err)
 		return "", err
 	}
 	if !tkn.Valid {
+		logger.L().Printf("jwt invalid")
 		return "", errors.New("token_invalid")
 	}
+	logger.L().Printf("jwt parse success user=%s exp=%s", claims.Subject, claims.ExpiresAt.Time.Format(time.RFC3339))
 	return claims.Subject, nil
 }

trading_assistant_api/common/httpx/auth.go

@@ -0,0 +1,39 @@
+package httpx
+
+import (
+	"context"
+	"net/http"
+	"strings"
+
+	"common/auth"
+)
+
+type userIDKey struct{}
+
+func AuthRequired() func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			ah := r.Header.Get("Authorization")
+			if ah == "" || !strings.HasPrefix(ah, "Bearer ") {
+				Unauthorized(w, "unauthorized")
+				return
+			}
+			token := strings.TrimSpace(strings.TrimPrefix(ah, "Bearer "))
+			sub, err := auth.ParseToken(token)
+			if err != nil || sub == "" {
+				Unauthorized(w, "unauthorized")
+				return
+			}
+			ctx := context.WithValue(r.Context(), userIDKey{}, sub)
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}
+
+func UserID(r *http.Request) string {
+	v := r.Context().Value(userIDKey{})
+	if id, ok := v.(string); ok {
+		return id
+	}
+	return ""
+}