思考并回答以下问题：

middleware

casbin_rbac.go

package middleware

import (
    "strconv"
    "strings"

    "github.com/flipped-aurora/gin-vue-admin/server/global"
    "github.com/flipped-aurora/gin-vue-admin/server/model/common/response"
    "github.com/flipped-aurora/gin-vue-admin/server/service"
    "github.com/flipped-aurora/gin-vue-admin/server/utils"
    "github.com/gin-gonic/gin"
)

var casbinService = service.ServiceGroupApp.SystemServiceGroup.CasbinService

// CasbinHandler 拦截器
func CasbinHandler() gin.HandlerFunc {
    return func(c *gin.Context) {
        if global.GVA_CONFIG.System.Env != "develop" {
            waitUse, _ := utils.GetClaims(c)
            //获取请求的PATH
            path := c.Request.URL.Path
            obj := strings.TrimPrefix(path, global.GVA_CONFIG.System.RouterPrefix)
            // 获取请求方法
            act := c.Request.Method
            // 获取用户的角色
            sub := strconv.Itoa(int(waitUse.AuthorityId))
            e := casbinService.Casbin() // 判断策略中是否存在
            success, _ := e.Enforce(sub, obj, act)
            if !success {
                response.FailWithDetailed(gin.H{}, "权限不足", c)
                c.Abort()
                return
            }
        }
        c.Next()
    }
}

cors.go

package middleware

import (
    "github.com/flipped-aurora/gin-vue-admin/server/config"
    "github.com/flipped-aurora/gin-vue-admin/server/global"
    "github.com/gin-gonic/gin"
    "net/http"
)

// Cors 直接放行所有跨域请求并放行所有 OPTIONS 方法
func Cors() gin.HandlerFunc {
    return func(c *gin.Context) {
        method := c.Request.Method
        origin := c.Request.Header.Get("Origin")
        c.Header("Access-Control-Allow-Origin", origin)
        c.Header("Access-Control-Allow-Headers", "Content-Type,AccessToken,X-CSRF-Token, Authorization, Token,X-Token,X-User-Id")
        c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS,DELETE,PUT")
        c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, New-Token, New-Expires-At")
        c.Header("Access-Control-Allow-Credentials", "true")

        // 放行所有OPTIONS方法
        if method == "OPTIONS" {
            c.AbortWithStatus(http.StatusNoContent)
        }
        // 处理请求
        c.Next()
    }
}

// CorsByRules 按照配置处理跨域请求
func CorsByRules() gin.HandlerFunc {
    // 放行全部
    if global.GVA_CONFIG.Cors.Mode == "allow-all" {
        return Cors()
    }
    return func(c *gin.Context) {
        whitelist := checkCors(c.GetHeader("origin"))

        // 通过检查, 添加请求头
        if whitelist != nil {
            c.Header("Access-Control-Allow-Origin", whitelist.AllowOrigin)
            c.Header("Access-Control-Allow-Headers", whitelist.AllowHeaders)
            c.Header("Access-Control-Allow-Methods", whitelist.AllowMethods)
            c.Header("Access-Control-Expose-Headers", whitelist.ExposeHeaders)
            if whitelist.AllowCredentials {
                c.Header("Access-Control-Allow-Credentials", "true")
            }
        }

        // 严格白名单模式且未通过检查，直接拒绝处理请求
        if whitelist == nil && global.GVA_CONFIG.Cors.Mode == "strict-whitelist" && !(c.Request.Method == "GET" && c.Request.URL.Path == "/health") {
            c.AbortWithStatus(http.StatusForbidden)
        } else {
            // 非严格白名单模式，无论是否通过检查均放行所有 OPTIONS 方法
            if c.Request.Method == http.MethodOptions {
                c.AbortWithStatus(http.StatusNoContent)
            }
        }

        // 处理请求
        c.Next()
    }
}

func checkCors(currentOrigin string) *config.CORSWhitelist {
    for _, whitelist := range global.GVA_CONFIG.Cors.Whitelist {
        // 遍历配置中的跨域头，寻找匹配项
        if currentOrigin == whitelist.AllowOrigin {
            return &whitelist
        }
    }
    return nil
}

email.go

package middleware

import (
    "bytes"
    "io"
    "strconv"
    "time"

    "github.com/flipped-aurora/gin-vue-admin/server/plugin/email/utils"
    utils2 "github.com/flipped-aurora/gin-vue-admin/server/utils"

    "github.com/flipped-aurora/gin-vue-admin/server/global"
    "github.com/flipped-aurora/gin-vue-admin/server/model/system"
    "github.com/flipped-aurora/gin-vue-admin/server/service"
    "github.com/gin-gonic/gin"
    "go.uber.org/zap"
)

var userService = service.ServiceGroupApp.SystemServiceGroup.UserService

func ErrorToEmail() gin.HandlerFunc {
    return func(c *gin.Context) {
        var username string
        claims, _ := utils2.GetClaims(c)
        if claims.Username != "" {
            username = claims.Username
        } else {
            id, _ := strconv.Atoi(c.Request.Header.Get("x-user-id"))
            user, err := userService.FindUserById(id)
            if err != nil {
                username = "Unknown"
            }
            username = user.Username
        }
        body, _ := io.ReadAll(c.Request.Body)
        // 再重新写回请求体body中，ioutil.ReadAll会清空c.Request.Body中的数据
        c.Request.Body = io.NopCloser(bytes.NewBuffer(body))
        record := system.SysOperationRecord{
            Ip:     c.ClientIP(),
            Method: c.Request.Method,
            Path:   c.Request.URL.Path,
            Agent:  c.Request.UserAgent(),
            Body:   string(body),
        }
        now := time.Now()

        c.Next()

        latency := time.Since(now)
        status := c.Writer.Status()
        record.ErrorMessage = c.Errors.ByType(gin.ErrorTypePrivate).String()
        str := "接收到的请求为" + record.Body + "\n" + "请求方式为" + record.Method + "\n" + "报错信息如下" + record.ErrorMessage + "\n" + "耗时" + latency.String() + "\n"
        if status != 200 {
            subject := username + "" + record.Ip + "调用了" + record.Path + "报错了"
            if err := utils.ErrorToEmail(subject, str); err != nil {
                global.GVA_LOG.Error("ErrorToEmail Failed, err:", zap.Error(err))
            }
        }
    }
}

error.go

package middleware

import (
    "net"
    "net/http"
    "net/http/httputil"
    "os"
    "runtime/debug"
    "strings"

    "github.com/flipped-aurora/gin-vue-admin/server/global"
    "github.com/gin-gonic/gin"
    "go.uber.org/zap"
)

// GinRecovery recover掉项目可能出现的panic，并使用zap记录相关日志
func GinRecovery(stack bool) gin.HandlerFunc {
    return func(c *gin.Context) {
        defer func() {
            if err := recover(); err != nil {
                // Check for a broken connection, as it is not really a
                // condition that warrants a panic stack trace.
                var brokenPipe bool
                if ne, ok := err.(*net.OpError); ok {
                    if se, ok := ne.Err.(*os.SyscallError); ok {
                        if strings.Contains(strings.ToLower(se.Error()), "broken pipe") || strings.Contains(strings.ToLower(se.Error()), "connection reset by peer") {
                            brokenPipe = true
                        }
                    }
                }

                httpRequest, _ := httputil.DumpRequest(c.Request, false)
                if brokenPipe {
                    global.GVA_LOG.Error(c.Request.URL.Path,
                        zap.Any("error", err),
                        zap.String("request", string(httpRequest)),
                    )
                    // If the connection is dead, we can't write a status to it.
                    _ = c.Error(err.(error)) // nolint: errcheck
                    c.Abort()
                    return
                }

                if stack {
                    global.GVA_LOG.Error("[Recovery from panic]",
                        zap.Any("error", err),
                        zap.String("request", string(httpRequest)),
                        zap.String("stack", string(debug.Stack())),
                    )
                } else {
                    global.GVA_LOG.Error("[Recovery from panic]",
                        zap.Any("error", err),
                        zap.String("request", string(httpRequest)),
                    )
                }
                c.AbortWithStatus(http.StatusInternalServerError)
            }
        }()
        c.Next()
    }
}

jwt.go

package middleware

import (
    "errors"
    "github.com/golang-jwt/jwt/v4"
    "strconv"
    "time"

    "github.com/flipped-aurora/gin-vue-admin/server/utils"

    "github.com/flipped-aurora/gin-vue-admin/server/global"
    "github.com/flipped-aurora/gin-vue-admin/server/model/common/response"
    "github.com/flipped-aurora/gin-vue-admin/server/model/system"
    "github.com/flipped-aurora/gin-vue-admin/server/service"

    "github.com/gin-gonic/gin"
    "go.uber.org/zap"
)

var jwtService = service.ServiceGroupApp.SystemServiceGroup.JwtService

func JWTAuth() gin.HandlerFunc {
    return func(c *gin.Context) {
        // 我们这里jwt鉴权取头部信息 x-token 登录时回返回token信息 这里前端需要把token存储到cookie或者本地localStorage中 不过需要跟后端协商过期时间 可以约定刷新令牌或者重新登录
        token := c.Request.Header.Get("x-token")
        if token == "" {
            response.FailWithDetailed(gin.H{"reload": true}, "未登录或非法访问", c)
            c.Abort()
            return
        }
        if jwtService.IsBlacklist(token) {
            response.FailWithDetailed(gin.H{"reload": true}, "您的帐户异地登陆或令牌失效", c)
            c.Abort()
            return
        }
        j := utils.NewJWT()
        // parseToken 解析token包含的信息
        claims, err := j.ParseToken(token)
        if err != nil {
            if errors.Is(err, utils.TokenExpired) {
                response.FailWithDetailed(gin.H{"reload": true}, "授权已过期", c)
                c.Abort()
                return
            }
            response.FailWithDetailed(gin.H{"reload": true}, err.Error(), c)
            c.Abort()
            return
        }

        // 已登录用户被管理员禁用 需要使该用户的jwt失效 此处比较消耗性能 如果需要 请自行打开
        // 用户被删除的逻辑 需要优化 此处比较消耗性能 如果需要 请自行打开

        //if user, err := userService.FindUserByUuid(claims.UUID.String()); err != nil || user.Enable == 2 {
        //  _ = jwtService.JsonInBlacklist(system.JwtBlacklist{Jwt: token})
        //  response.FailWithDetailed(gin.H{"reload": true}, err.Error(), c)
        //  c.Abort()
        //}
        if claims.ExpiresAt.Unix()-time.Now().Unix() < claims.BufferTime {
            dr, _ := utils.ParseDuration(global.GVA_CONFIG.JWT.ExpiresTime)
            claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(dr))
            newToken, _ := j.CreateTokenByOldToken(token, *claims)
            newClaims, _ := j.ParseToken(newToken)
            c.Header("new-token", newToken)
            c.Header("new-expires-at", strconv.FormatInt(newClaims.ExpiresAt.Unix(), 10))
            if global.GVA_CONFIG.System.UseMultipoint {
                RedisJwtToken, err := jwtService.GetRedisJWT(newClaims.Username)
                if err != nil {
                    global.GVA_LOG.Error("get redis jwt failed", zap.Error(err))
                } else { // 当之前的取成功时才进行拉黑操作
                    _ = jwtService.JsonInBlacklist(system.JwtBlacklist{Jwt: RedisJwtToken})
                }
                // 无论如何都要记录当前的活跃状态
                _ = jwtService.SetRedisJWT(newToken, newClaims.Username)
            }
        }
        c.Set("claims", claims)
        c.Next()
    }
}

limit_ip.go

package middleware

import (
    "context"
    "errors"
    "net/http"
    "time"

    "go.uber.org/zap"

    "github.com/flipped-aurora/gin-vue-admin/server/global"
    "github.com/flipped-aurora/gin-vue-admin/server/model/common/response"
    "github.com/gin-gonic/gin"
)

type LimitConfig struct {
    // GenerationKey 根据业务生成key 下面CheckOrMark查询生成
    GenerationKey func(c *gin.Context) string
    // 检查函数,用户可修改具体逻辑,更加灵活
    CheckOrMark func(key string, expire int, limit int) error
    // Expire key 过期时间
    Expire int
    // Limit 周期时间
    Limit int
}

func (l LimitConfig) LimitWithTime() gin.HandlerFunc {
    return func(c *gin.Context) {
        if err := l.CheckOrMark(l.GenerationKey(c), l.Expire, l.Limit); err != nil {
            c.JSON(http.StatusOK, gin.H{"code": response.ERROR, "msg": err})
            c.Abort()
            return
        } else {
            c.Next()
        }
    }
}

// DefaultGenerationKey 默认生成key
func DefaultGenerationKey(c *gin.Context) string {
    return "GVA_Limit" + c.ClientIP()
}

func DefaultCheckOrMark(key string, expire int, limit int) (err error) {
    // 判断是否开启redis
    if global.GVA_REDIS == nil {
        return err
    }
    if err = SetLimitWithTime(key, limit, time.Duration(expire)*time.Second); err != nil {
        global.GVA_LOG.Error("limit", zap.Error(err))
    }
    return err
}

func DefaultLimit() gin.HandlerFunc {
    return LimitConfig{
        GenerationKey: DefaultGenerationKey,
        CheckOrMark:   DefaultCheckOrMark,
        Expire:        global.GVA_CONFIG.System.LimitTimeIP,
        Limit:         global.GVA_CONFIG.System.LimitCountIP,
    }.LimitWithTime()
}

// SetLimitWithTime 设置访问次数
func SetLimitWithTime(key string, limit int, expiration time.Duration) error {
    count, err := global.GVA_REDIS.Exists(context.Background(), key).Result()
    if err != nil {
        return err
    }
    if count == 0 {
        pipe := global.GVA_REDIS.TxPipeline()
        pipe.Incr(context.Background(), key)
        pipe.Expire(context.Background(), key, expiration)
        _, err = pipe.Exec(context.Background())
        return err
    } else {
        // 次数
        if times, err := global.GVA_REDIS.Get(context.Background(), key).Int(); err != nil {
            return err
        } else {
            if times >= limit {
                if t, err := global.GVA_REDIS.PTTL(context.Background(), key).Result(); err != nil {
                    return errors.New("请求太过频繁，请稍后再试")
                } else {
                    return errors.New("请求太过频繁, 请 " + t.String() + " 秒后尝试")
                }
            } else {
                return global.GVA_REDIS.Incr(context.Background(), key).Err()
            }
        }
    }
}

loadtls.go

package middleware

import (
    "fmt"

    "github.com/gin-gonic/gin"
    "github.com/unrolled/secure"
)

// 用https把这个中间件在router里面use一下就好

func LoadTls() gin.HandlerFunc {
    return func(c *gin.Context) {
        middleware := secure.New(secure.Options{
            SSLRedirect: true,
            SSLHost:     "localhost:443",
        })
        err := middleware.Process(c.Writer, c.Request)
        if err != nil {
            // 如果出现错误，请不要继续
            fmt.Println(err)
            return
        }
        // 继续往下处理
        c.Next()
    }
}

logger.go

package middleware

import (
    "bytes"
    "encoding/json"
    "fmt"
    "io"
    "strings"
    "time"

    "github.com/gin-gonic/gin"
)

// LogLayout 日志layout
type LogLayout struct {
    Time      time.Time
    Metadata  map[string]interface{} // 存储自定义原数据
    Path      string                 // 访问路径
    Query     string                 // 携带query
    Body      string                 // 携带body数据
    IP        string                 // ip地址
    UserAgent string                 // 代理
    Error     string                 // 错误
    Cost      time.Duration          // 花费时间
    Source    string                 // 来源
}

type Logger struct {
    // Filter 用户自定义过滤
    Filter func(c *gin.Context) bool
    // FilterKeyword 关键字过滤(key)
    FilterKeyword func(layout *LogLayout) bool
    // AuthProcess 鉴权处理
    AuthProcess func(c *gin.Context, layout *LogLayout)
    // 日志处理
    Print func(LogLayout)
    // Source 服务唯一标识
    Source string
}

func (l Logger) SetLoggerMiddleware() gin.HandlerFunc {
    return func(c *gin.Context) {
        start := time.Now()
        path := c.Request.URL.Path
        query := c.Request.URL.RawQuery
        var body []byte
        if l.Filter != nil && !l.Filter(c) {
            body, _ = c.GetRawData()
            // 将原body塞回去
            c.Request.Body = io.NopCloser(bytes.NewBuffer(body))
        }
        c.Next()
        cost := time.Since(start)
        layout := LogLayout{
            Time:      time.Now(),
            Path:      path,
            Query:     query,
            IP:        c.ClientIP(),
            UserAgent: c.Request.UserAgent(),
            Error:     strings.TrimRight(c.Errors.ByType(gin.ErrorTypePrivate).String(), "\n"),
            Cost:      cost,
            Source:    l.Source,
        }
        if l.Filter != nil && !l.Filter(c) {
            layout.Body = string(body)
        }
        if l.AuthProcess != nil {
            // 处理鉴权需要的信息
            l.AuthProcess(c, &layout)
        }
        if l.FilterKeyword != nil {
            // 自行判断key/value 脱敏等
            l.FilterKeyword(&layout)
        }
        // 自行处理日志
        l.Print(layout)
    }
}

func DefaultLogger() gin.HandlerFunc {
    return Logger{
        Print: func(layout LogLayout) {
            // 标准输出,k8s做收集
            v, _ := json.Marshal(layout)
            fmt.Println(string(v))
        },
        Source: "GVA",
    }.SetLoggerMiddleware()
}

need_init.go

package middleware

import (
    "github.com/flipped-aurora/gin-vue-admin/server/global"
    "github.com/flipped-aurora/gin-vue-admin/server/model/common/response"
    "github.com/gin-gonic/gin"
)

// 处理跨域请求,支持options访问
func NeedInit() gin.HandlerFunc {
    return func(c *gin.Context) {
        if global.GVA_DB == nil {
            response.OkWithDetailed(gin.H{
                "needInit": true,
            }, "前往初始化数据库", c)
            c.Abort()
        } else {
            c.Next()
        }
        // 处理请求
    }
}

operation.go

package middleware

import (
    "bytes"
    "encoding/json"
    "io"
    "net/http"
    "net/url"
    "strconv"
    "strings"
    "sync"
    "time"

    "github.com/flipped-aurora/gin-vue-admin/server/utils"

    "github.com/flipped-aurora/gin-vue-admin/server/global"
    "github.com/flipped-aurora/gin-vue-admin/server/model/system"
    "github.com/flipped-aurora/gin-vue-admin/server/service"
    "github.com/gin-gonic/gin"
    "go.uber.org/zap"
)

var operationRecordService = service.ServiceGroupApp.SystemServiceGroup.OperationRecordService

var respPool sync.Pool

func init() {
    respPool.New = func() interface{} {
        return make([]byte, 1024)
    }
}

func OperationRecord() gin.HandlerFunc {
    return func(c *gin.Context) {
        var body []byte
        var userId int
        if c.Request.Method != http.MethodGet {
            var err error
            body, err = io.ReadAll(c.Request.Body)
            if err != nil {
                global.GVA_LOG.Error("read body from request error:", zap.Error(err))
            } else {
                c.Request.Body = io.NopCloser(bytes.NewBuffer(body))
            }
        } else {
            query := c.Request.URL.RawQuery
            query, _ = url.QueryUnescape(query)
            split := strings.Split(query, "&")
            m := make(map[string]string)
            for _, v := range split {
                kv := strings.Split(v, "=")
                if len(kv) == 2 {
                    m[kv[0]] = kv[1]
                }
            }
            body, _ = json.Marshal(&m)
        }
        claims, _ := utils.GetClaims(c)
        if claims.BaseClaims.ID != 0 {
            userId = int(claims.BaseClaims.ID)
        } else {
            id, err := strconv.Atoi(c.Request.Header.Get("x-user-id"))
            if err != nil {
                userId = 0
            }
            userId = id
        }
        record := system.SysOperationRecord{
            Ip:     c.ClientIP(),
            Method: c.Request.Method,
            Path:   c.Request.URL.Path,
            Agent:  c.Request.UserAgent(),
            Body:   string(body),
            UserID: userId,
        }

        // 上传文件时候 中间件日志进行裁断操作
        if strings.Contains(c.GetHeader("Content-Type"), "multipart/form-data") {
            if len(record.Body) > 1024 {
                // 截断
                newBody := respPool.Get().([]byte)
                copy(newBody, record.Body)
                record.Body = string(newBody)
                defer respPool.Put(newBody[:0])
            }
        }

        writer := responseBodyWriter{
            ResponseWriter: c.Writer,
            body:           &bytes.Buffer{},
        }
        c.Writer = writer
        now := time.Now()

        c.Next()

        latency := time.Since(now)
        record.ErrorMessage = c.Errors.ByType(gin.ErrorTypePrivate).String()
        record.Status = c.Writer.Status()
        record.Latency = latency
        record.Resp = writer.body.String()

        if strings.Contains(c.Writer.Header().Get("Pragma"), "public") ||
            strings.Contains(c.Writer.Header().Get("Expires"), "0") ||
            strings.Contains(c.Writer.Header().Get("Cache-Control"), "must-revalidate, post-check=0, pre-check=0") ||
            strings.Contains(c.Writer.Header().Get("Content-Type"), "application/force-download") ||
            strings.Contains(c.Writer.Header().Get("Content-Type"), "application/octet-stream") ||
            strings.Contains(c.Writer.Header().Get("Content-Type"), "application/vnd.ms-excel") ||
            strings.Contains(c.Writer.Header().Get("Content-Type"), "application/download") ||
            strings.Contains(c.Writer.Header().Get("Content-Disposition"), "attachment") ||
            strings.Contains(c.Writer.Header().Get("Content-Transfer-Encoding"), "binary") {
            if len(record.Resp) > 1024 {
                // 截断
                newBody := respPool.Get().([]byte)
                copy(newBody, record.Resp)
                record.Resp = string(newBody)
                defer respPool.Put(newBody[:0])
            }
        }

        if err := operationRecordService.CreateSysOperationRecord(record); err != nil {
            global.GVA_LOG.Error("create operation record error:", zap.Error(err))
        }
    }
}

type responseBodyWriter struct {
    gin.ResponseWriter
    body *bytes.Buffer
}

func (r responseBodyWriter) Write(b []byte) (int, error) {
    r.body.Write(b)
    return r.ResponseWriter.Write(b)
}