update

src/middleware/auth.go

@@ -3,6 +3,7 @@ package middleware
 import (
 	"net/http"
 	"strings"
+	"time"
 
 	"github.com/casdoor/casdoor-go-sdk/casdoorsdk"
 	"github.com/gin-gonic/gin"
@@ -37,6 +38,11 @@ func CasdoorAuthMiddleware() gin.HandlerFunc {
 			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Invalid token: " + err.Error()})
 			return
 		}
+		// 检查 token 是否过期
+		if claims.ExpiresAt.Compare(time.Now()) < 0 {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Token has expired"})
+			return
+		}
 
 		// 将用户信息存储在上下文中，以便后续使用
 		c.Set("casdoor_user", claims)