|
|
package service
|
|
|
|
|
|
import (
|
|
|
"github.com/GeeTeam/gt3-golang-sdk/geetest"
|
|
|
"github.com/google/uuid"
|
|
|
"github.com/linmadan/egglib-go/utils/json"
|
|
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/application/auth/query"
|
|
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/application/web/auth/dto"
|
|
|
"time"
|
...
|
...
|
@@ -17,17 +19,26 @@ import ( |
|
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/infrastructure/service_gateway/sms_serve"
|
|
|
)
|
|
|
|
|
|
const (
|
|
|
captchaID = "33a2abf9c5df0d6bc3b89fb39280114b"
|
|
|
privateKey = "13320fd2b10199e9a2440a4fbb4d46f7"
|
|
|
)
|
|
|
|
|
|
// 组织管理
|
|
|
type AuthService struct {
|
|
|
}
|
|
|
|
|
|
//AuthLogin 用户登录
|
|
|
func (srv AuthService) AuthLogin(loginCommand *command.LoginCommand) (interface{}, error) {
|
|
|
func (svr AuthService) AuthLogin(loginCommand *command.LoginCommand) (interface{}, error) {
|
|
|
var (
|
|
|
authCode string
|
|
|
result interface{}
|
|
|
err error
|
|
|
loginPlatform string = domain.LoginPlatformApp
|
|
|
)
|
|
|
if loginCommand.DeviceType == domain.DeviceTypeWeb {
|
|
|
loginPlatform = domain.LoginPlatformWeb
|
|
|
}
|
|
|
creationUserGateway := allied_creation_user.NewHttplibAlliedCreationUser(domain.Operator{})
|
|
|
_, err = creationUserGateway.AuthRefreshIM(allied_creation_user.ReqAuthRefreshIM{
|
|
|
Phone: loginCommand.Phone,
|
...
|
...
|
@@ -36,16 +47,20 @@ func (srv AuthService) AuthLogin(loginCommand *command.LoginCommand) (interface{ |
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
switch loginCommand.GrantType {
|
|
|
case "signInPassword":
|
|
|
authCode, err = srv.SignInPassword(loginCommand.Phone, loginCommand.Password)
|
|
|
case "signInCaptcha":
|
|
|
authCode, err = srv.SignInCaptcha(loginCommand.Phone, loginCommand.Captcha)
|
|
|
case domain.LoginPwd:
|
|
|
authCode, err = svr.SignInPassword(loginCommand.Phone, loginCommand.Password, loginPlatform)
|
|
|
case domain.LoginSmsCode:
|
|
|
authCode, err = svr.SignInCaptcha(loginCommand.Phone, loginCommand.Captcha, loginPlatform)
|
|
|
default:
|
|
|
err = application.ThrowError(application.TRANSACTION_ERROR, "登录方式无法解析")
|
|
|
}
|
|
|
result, err = srv.GetAuthAccessToken(&command.AccessTokenCommand{
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.BUSINESS_ERROR, err.Error())
|
|
|
}
|
|
|
result, err = svr.GetAuthAccessToken(&command.AccessTokenCommand{
|
|
|
AuthCode: authCode,
|
|
|
SessionMode: loginCommand.SessionMode,
|
|
|
LoginPlatform: loginPlatform,
|
|
|
})
|
|
|
return map[string]interface{}{
|
|
|
"access": result,
|
...
|
...
|
@@ -53,7 +68,7 @@ func (srv AuthService) AuthLogin(loginCommand *command.LoginCommand) (interface{ |
|
|
}
|
|
|
|
|
|
//AuthLogin 用户登录
|
|
|
func (srv AuthService) AuthLoginPwd(loginCommand *command.LoginPwdCommand) (interface{}, error) {
|
|
|
func (svr AuthService) AuthLoginPwd(loginCommand *command.LoginPwdCommand) (interface{}, error) {
|
|
|
if err := loginCommand.ValidateCommand(); err != nil {
|
|
|
return nil, application.ThrowError(application.ARG_ERROR, err.Error())
|
|
|
}
|
...
|
...
|
@@ -63,11 +78,18 @@ func (srv AuthService) AuthLoginPwd(loginCommand *command.LoginPwdCommand) (inte |
|
|
Password: loginCommand.Password,
|
|
|
SessionMode: loginCommand.SessionMode,
|
|
|
}
|
|
|
return srv.AuthLogin(login)
|
|
|
if len(loginCommand.CaptchaChallenge) > 0 {
|
|
|
geetest := geetest.NewGeetestLib(captchaID, privateKey, 2*time.Second)
|
|
|
validateResult := geetest.SuccessValidate(loginCommand.CaptchaChallenge, loginCommand.CaptchaValidate, loginCommand.CaptchaSeccode, "", "")
|
|
|
if !validateResult {
|
|
|
log.Logger.Error("validate captcha fail")
|
|
|
}
|
|
|
}
|
|
|
return svr.AuthLogin(login)
|
|
|
}
|
|
|
|
|
|
//AuthLogin 用户登录
|
|
|
func (srv AuthService) AuthLoginSms(loginCommand *command.LoginSmsCommand) (interface{}, error) {
|
|
|
func (svr AuthService) AuthLoginSms(loginCommand *command.LoginSmsCommand) (interface{}, error) {
|
|
|
if err := loginCommand.ValidateCommand(); err != nil {
|
|
|
return nil, application.ThrowError(application.ARG_ERROR, err.Error())
|
|
|
}
|
...
|
...
|
@@ -77,11 +99,44 @@ func (srv AuthService) AuthLoginSms(loginCommand *command.LoginSmsCommand) (inte |
|
|
Captcha: loginCommand.Code,
|
|
|
SessionMode: loginCommand.SessionMode,
|
|
|
}
|
|
|
return srv.AuthLogin(login)
|
|
|
return svr.AuthLogin(login)
|
|
|
}
|
|
|
|
|
|
//AuthLoginQrcode 扫码登录
|
|
|
func (svr AuthService) AuthLoginQrcode(queryParam *query.QrcodeLoginStatusQuery) (interface{}, error) {
|
|
|
qrmsg := domain.QrcodeMessage{}
|
|
|
err := qrmsg.ParseToken(queryParam.Key)
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
qrCache := cache.LoginQrcodeCache{}
|
|
|
qrmsgCache, err := qrCache.Get(qrmsg.Id)
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
loginToken := domain.LoginToken{
|
|
|
UserId: qrmsgCache.UserId,
|
|
|
UserBaseId: qrmsgCache.UserBaseId,
|
|
|
Account: qrmsgCache.Account,
|
|
|
Platform: domain.LoginPlatformWeb,
|
|
|
CompanyId: qrmsgCache.CompanyId,
|
|
|
OrgId: qrmsgCache.OrgId,
|
|
|
}
|
|
|
accessToken, err := loginToken.GenerateAccessToken()
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
_ = accessToken
|
|
|
result, err := svr.getToken(loginToken)
|
|
|
data := map[string]interface{}{
|
|
|
"isLogin": qrmsgCache.IsLogin,
|
|
|
"access": result["token"],
|
|
|
}
|
|
|
return data, nil
|
|
|
}
|
|
|
|
|
|
//SendSmsCaptcha 发送验证码短信
|
|
|
func (srv AuthService) SendSmsCaptcha(smsCodeCommand *command.SendSmsCodeCommand) error {
|
|
|
func (svr AuthService) SendSmsCaptcha(smsCodeCommand *command.SendSmsCodeCommand) error {
|
|
|
smsServeGateway := sms_serve.NewHttplibHttplibSmsServe()
|
|
|
err := smsServeGateway.SendSms(smsCodeCommand.Phone)
|
|
|
if err != nil {
|
...
|
...
|
@@ -91,7 +146,7 @@ func (srv AuthService) SendSmsCaptcha(smsCodeCommand *command.SendSmsCodeCommand |
|
|
}
|
|
|
|
|
|
//SignInPassword 使用账号密码校验
|
|
|
func (srv AuthService) SignInPassword(account string, password string) (string, error) {
|
|
|
func (svr AuthService) SignInPassword(account string, password string, loginPlatform string) (string, error) {
|
|
|
creationUserGateway := allied_creation_user.NewHttplibAlliedCreationUser(domain.Operator{})
|
|
|
_, err := creationUserGateway.AuthCheckPassword(allied_creation_user.ReqAuthCheckPassword{
|
|
|
Password: password,
|
...
|
...
|
@@ -103,7 +158,7 @@ func (srv AuthService) SignInPassword(account string, password string) (string, |
|
|
ltoken := domain.LoginToken{
|
|
|
UserId: 0,
|
|
|
Account: account,
|
|
|
Platform: domain.LoginPlatformApp,
|
|
|
Platform: loginPlatform,
|
|
|
CompanyId: 0,
|
|
|
}
|
|
|
authcode, err := ltoken.GenerateAuthCode()
|
...
|
...
|
@@ -117,7 +172,7 @@ func (srv AuthService) SignInPassword(account string, password string) (string, |
|
|
}
|
|
|
|
|
|
//SignInCaptcha 使用手机验证码登录
|
|
|
func (srv AuthService) SignInCaptcha(phone string, captcha string) (string, error) {
|
|
|
func (svr AuthService) SignInCaptcha(phone string, captcha string, loginPlatform string) (string, error) {
|
|
|
smsServeGateway := sms_serve.NewHttplibHttplibSmsServe()
|
|
|
err := smsServeGateway.CheckSmsCode(phone, captcha)
|
|
|
if err != nil {
|
...
|
...
|
@@ -126,7 +181,7 @@ func (srv AuthService) SignInCaptcha(phone string, captcha string) (string, erro |
|
|
ltoken := domain.LoginToken{
|
|
|
UserId: 0,
|
|
|
Account: phone,
|
|
|
Platform: domain.LoginPlatformApp,
|
|
|
Platform: loginPlatform,
|
|
|
CompanyId: 0,
|
|
|
}
|
|
|
authcode, err := ltoken.GenerateAuthCode()
|
...
|
...
|
@@ -137,7 +192,7 @@ func (srv AuthService) SignInCaptcha(phone string, captcha string) (string, erro |
|
|
}
|
|
|
|
|
|
//GetAuthAccessToken 获取令牌Token
|
|
|
func (srv AuthService) GetAuthAccessToken(accessTokenCommand *command.AccessTokenCommand) (interface{}, error) {
|
|
|
func (svr AuthService) GetAuthAccessToken(accessTokenCommand *command.AccessTokenCommand) (interface{}, error) {
|
|
|
if err := accessTokenCommand.ValidateCommand(); err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
...
|
...
|
@@ -146,138 +201,12 @@ func (srv AuthService) GetAuthAccessToken(accessTokenCommand *command.AccessToke |
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
phone := ltoken.Account
|
|
|
creationUserGateway := allied_creation_user.NewHttplibAlliedCreationUser(domain.Operator{})
|
|
|
userSeachResult, err := creationUserGateway.UserSearch(allied_creation_user.ReqUserSearch{
|
|
|
CompanyId: ltoken.CompanyId,
|
|
|
Phone: phone,
|
|
|
})
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
if len(userSeachResult.Users) == 0 {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, "获取用户信息失败")
|
|
|
}
|
|
|
transactionContext, err := factory.CreateTransactionContext(nil)
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
if err := transactionContext.StartTransaction(); err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
defer func() {
|
|
|
transactionContext.RollbackTransaction()
|
|
|
}()
|
|
|
var loginAccessRepository domain.LoginAccessRepository
|
|
|
if loginAccessRepository, err = factory.CreateLoginAccessRepository(map[string]interface{}{
|
|
|
"transactionContext": transactionContext,
|
|
|
}); err != nil {
|
|
|
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, err.Error())
|
|
|
}
|
|
|
_, lAccess, err := loginAccessRepository.Find(map[string]interface{}{
|
|
|
"account": phone,
|
|
|
"platform": domain.LoginPlatformApp,
|
|
|
})
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
var currentAccess *domain.LoginAccess
|
|
|
if len(lAccess) > 0 {
|
|
|
currentAccess = lAccess[0]
|
|
|
currentAccess.UpdatedTime = time.Now()
|
|
|
} else {
|
|
|
currentAccess = &domain.LoginAccess{
|
|
|
UserBaseId: int64(userSeachResult.Users[0].UserBaseId),
|
|
|
UserId: int64(userSeachResult.Users[0].UserId),
|
|
|
Account: userSeachResult.Users[0].UserInfo.Phone,
|
|
|
Platform: domain.LoginPlatformApp,
|
|
|
OrganizationId: int64(userSeachResult.Users[0].Org.OrgId),
|
|
|
AccessToken: "",
|
|
|
RefreshToken: "",
|
|
|
AccessExpired: 0,
|
|
|
RefreshExpired: 0,
|
|
|
CreatedTime: time.Now(),
|
|
|
UpdatedTime: time.Now(),
|
|
|
}
|
|
|
if userSeachResult.Users[0].Company != nil {
|
|
|
currentAccess.CompanyId = int64(userSeachResult.Users[0].Company.CompanyId)
|
|
|
}
|
|
|
}
|
|
|
//判定当前凭证的companyId,OrganizationId 是否在用户列表中
|
|
|
var currentOrgIsOK bool
|
|
|
loopUser1:
|
|
|
for _, v := range userSeachResult.Users {
|
|
|
if v.Company.CompanyId == int(currentAccess.CompanyId) {
|
|
|
for _, vv := range v.UserOrg {
|
|
|
if vv.OrgID == int(currentAccess.OrganizationId) {
|
|
|
currentOrgIsOK = true
|
|
|
currentAccess.UserId = int64(v.UserId)
|
|
|
currentAccess.UserBaseId = int64(v.UserBaseId)
|
|
|
break loopUser1
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
//记录上一次的登录公司组织信息不可用 ,重置登录记录
|
|
|
//使用找到的第一个可用的公司组织
|
|
|
if !currentOrgIsOK {
|
|
|
loopUser2:
|
|
|
for _, v := range userSeachResult.Users {
|
|
|
currentAccess.CompanyId = int64(v.Company.CompanyId)
|
|
|
for _, vv := range v.UserOrg {
|
|
|
currentAccess.UserId = int64(v.UserId)
|
|
|
currentAccess.UserBaseId = int64(v.UserBaseId)
|
|
|
currentAccess.OrganizationId = int64(vv.OrgID)
|
|
|
currentOrgIsOK = true
|
|
|
break loopUser2
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
|
|
|
loginToken := domain.LoginToken{
|
|
|
UserId: currentAccess.UserId,
|
|
|
Account: currentAccess.Account,
|
|
|
UserBaseId: currentAccess.UserBaseId,
|
|
|
CompanyId: currentAccess.CompanyId,
|
|
|
OrgId: currentAccess.OrganizationId,
|
|
|
Platform: currentAccess.Platform,
|
|
|
}
|
|
|
|
|
|
accessTokenStr, err := loginToken.GenerateAccessToken()
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
currentAccess.AccessToken = accessTokenStr
|
|
|
currentAccess.AccessExpired = loginToken.ExpiresAt
|
|
|
refreshTokenStr, err := loginToken.GenerateRefreshToken()
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
currentAccess.RefreshToken = refreshTokenStr
|
|
|
currentAccess.AccessExpired = loginToken.ExpiresAt
|
|
|
//先存数据库
|
|
|
_, err = loginAccessRepository.Save(currentAccess)
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
if err := transactionContext.CommitTransaction(); err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
//后处理redis缓存
|
|
|
tokenCache := cache.LoginTokenCache{}
|
|
|
tokenCache.RemoveAccessToken(currentAccess.Account, domain.LoginPlatformApp)
|
|
|
tokenCache.RemoveRefreshToken(currentAccess.Account, domain.LoginPlatformApp)
|
|
|
tokenCache.SaveAccessToken(currentAccess)
|
|
|
tokenCache.SaveRefreshToken(currentAccess)
|
|
|
nowTime := time.Now().Unix()
|
|
|
return map[string]interface{}{
|
|
|
"refreshToken": accessTokenStr,
|
|
|
"accessToken": refreshTokenStr,
|
|
|
"expiresIn": currentAccess.AccessExpired - nowTime,
|
|
|
}, nil
|
|
|
ltoken.Platform = accessTokenCommand.LoginPlatform
|
|
|
result, err := svr.getToken(*ltoken)
|
|
|
return result["token"], err
|
|
|
}
|
|
|
|
|
|
func (srv AuthService) RefreshAuthAccessToken(refreshTokenCommand *command.RefreshTokenCommand) (interface{}, error) {
|
|
|
func (svr AuthService) RefreshAuthAccessToken(refreshTokenCommand *command.RefreshTokenCommand) (interface{}, error) {
|
|
|
if err := refreshTokenCommand.ValidateCommand(); err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
...
|
...
|
@@ -286,113 +215,15 @@ func (srv AuthService) RefreshAuthAccessToken(refreshTokenCommand *command.Refre |
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, "refreshToken 不可用,"+err.Error())
|
|
|
}
|
|
|
token, err := srv.getToken(domain.Operator{}, ltoken)
|
|
|
// phone := ltoken.Account
|
|
|
// creationUserGateway := allied_creation_user.NewHttplibAlliedCreationUser(domain.Operator{})
|
|
|
// userSearchResult, err := creationUserGateway.UserSearch(allied_creation_user.ReqUserSearch{
|
|
|
// Phone: phone,
|
|
|
// })
|
|
|
// if err != nil {
|
|
|
// return nil, application.ThrowError(application.TRANSACTION_ERROR, "用户信息获取失败,"+err.Error())
|
|
|
// }
|
|
|
// //判定当前凭证的companyId,OrganizationId 是否在用户列表中
|
|
|
// var currentOrgIsOK bool
|
|
|
//loopUser1:
|
|
|
// for _, v := range userSearchResult.Users {
|
|
|
// if v.Company.CompanyId == int(ltoken.CompanyId) {
|
|
|
// for _, vv := range v.UserOrg {
|
|
|
// if vv.OrgID == int(ltoken.OrgId) {
|
|
|
// currentOrgIsOK = true
|
|
|
// break loopUser1
|
|
|
// }
|
|
|
// }
|
|
|
// }
|
|
|
// }
|
|
|
// if !currentOrgIsOK {
|
|
|
// return nil, application.ThrowError(application.TRANSACTION_ERROR, "登录的公司组织不可用")
|
|
|
// }
|
|
|
//
|
|
|
// transactionContext, err := factory.CreateTransactionContext(nil)
|
|
|
// if err != nil {
|
|
|
// return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
// }
|
|
|
// if err := transactionContext.StartTransaction(); err != nil {
|
|
|
// return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
// }
|
|
|
// defer func() {
|
|
|
// transactionContext.RollbackTransaction()
|
|
|
// }()
|
|
|
// var loginAccessRepository domain.LoginAccessRepository
|
|
|
// if loginAccessRepository, err = factory.CreateLoginAccessRepository(map[string]interface{}{
|
|
|
// "transactionContext": transactionContext,
|
|
|
// }); err != nil {
|
|
|
// return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, err.Error())
|
|
|
// }
|
|
|
// _, lAccess, err := loginAccessRepository.Find(map[string]interface{}{
|
|
|
// "account": phone,
|
|
|
// "platform": domain.LoginPlatformApp,
|
|
|
// })
|
|
|
// if err != nil {
|
|
|
// return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
// }
|
|
|
// var currentAccess *domain.LoginAccess
|
|
|
// if len(lAccess) > 0 {
|
|
|
// currentAccess = lAccess[0]
|
|
|
// currentAccess.UpdatedTime = time.Now()
|
|
|
// } else {
|
|
|
// currentAccess = &domain.LoginAccess{
|
|
|
// UserBaseId: ltoken.UserBaseId,
|
|
|
// UserId: ltoken.UserId,
|
|
|
// Account: ltoken.Account,
|
|
|
// Platform: domain.LoginPlatformApp,
|
|
|
// CompanyId: ltoken.CompanyId,
|
|
|
// OrganizationId: ltoken.OrgId,
|
|
|
// AccessToken: "",
|
|
|
// RefreshToken: "",
|
|
|
// AccessExpired: 0,
|
|
|
// RefreshExpired: 0,
|
|
|
// CreatedTime: time.Now(),
|
|
|
// UpdatedTime: time.Now(),
|
|
|
// }
|
|
|
// }
|
|
|
// accessTokenStr, err := ltoken.GenerateAccessToken()
|
|
|
// if err != nil {
|
|
|
// return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
// }
|
|
|
// currentAccess.AccessToken = accessTokenStr
|
|
|
// currentAccess.AccessExpired = ltoken.ExpiresAt
|
|
|
// refreshTokenStr, err := ltoken.GenerateRefreshToken()
|
|
|
// if err != nil {
|
|
|
// return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
// }
|
|
|
// currentAccess.RefreshToken = refreshTokenStr
|
|
|
// currentAccess.RefreshExpired = ltoken.ExpiresAt
|
|
|
// //先存数据库
|
|
|
// _, err = loginAccessRepository.Save(currentAccess)
|
|
|
// if err != nil {
|
|
|
// return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
// }
|
|
|
// if err := transactionContext.CommitTransaction(); err != nil {
|
|
|
// return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
// }
|
|
|
// //后处理redis缓存
|
|
|
// tokenCache := cache.LoginTokenCache{}
|
|
|
// tokenCache.RemoveAccessToken(currentAccess.Account, domain.LoginPlatformApp)
|
|
|
// tokenCache.RemoveRefreshToken(currentAccess.Account, domain.LoginPlatformApp)
|
|
|
// tokenCache.SaveAccessToken(currentAccess)
|
|
|
// tokenCache.SaveRefreshToken(currentAccess)
|
|
|
// nowTime := time.Now().Unix()
|
|
|
// return map[string]interface{}{
|
|
|
// "refreshToken": accessTokenStr,
|
|
|
// "accessToken": refreshTokenStr,
|
|
|
// "expiresIn": currentAccess.AccessExpired - nowTime,
|
|
|
// }, nil
|
|
|
return token["token"], err
|
|
|
token, err := svr.getToken(ltoken)
|
|
|
return map[string]interface{}{
|
|
|
"access": token["token"],
|
|
|
}, err
|
|
|
}
|
|
|
|
|
|
//GetUserMenus 获取用户信息
|
|
|
func (srv AuthService) GetUserInfo(userInfoCommand *command.UserInfoCommand) (interface{}, error) {
|
|
|
user, err := srv.getUserInfo(userInfoCommand.Operator)
|
|
|
func (svr AuthService) GetUserInfo(userInfoCommand *command.UserInfoCommand) (interface{}, error) {
|
|
|
user, err := svr.getUserInfo(userInfoCommand.Operator)
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.BUSINESS_ERROR, err.Error())
|
|
|
}
|
...
|
...
|
@@ -402,7 +233,7 @@ func (srv AuthService) GetUserInfo(userInfoCommand *command.UserInfoCommand) (in |
|
|
}
|
|
|
|
|
|
//GetUserMenus 获取用户菜单
|
|
|
func (srv AuthService) GetUserMenus(userMenusCommand *command.UserMenusCommand) (interface{}, error) {
|
|
|
func (svr AuthService) GetUserMenus(userMenusCommand *command.UserMenusCommand) (interface{}, error) {
|
|
|
creationUserGateway := allied_creation_user.NewHttplibAlliedCreationUser(
|
|
|
userMenusCommand.Operator)
|
|
|
resultMenu, err := creationUserGateway.UserAccessMenus(allied_creation_user.ReqUserAccessMenus{
|
...
|
...
|
@@ -417,7 +248,7 @@ func (srv AuthService) GetUserMenus(userMenusCommand *command.UserMenusCommand) |
|
|
}
|
|
|
|
|
|
//GetUserMenus 获取用户组织
|
|
|
func (srv AuthService) GetUserOrg(userOrgCommand *command.UserOrgCommand) (interface{}, error) {
|
|
|
func (svr AuthService) GetUserOrg(userOrgCommand *command.UserOrgCommand) (interface{}, error) {
|
|
|
creationUserGateway := allied_creation_user.NewHttplibAlliedCreationUser(userOrgCommand.Operator)
|
|
|
result, err := creationUserGateway.UserSearch(allied_creation_user.ReqUserSearch{
|
|
|
Offset: 0,
|
...
|
...
|
@@ -446,7 +277,7 @@ func (srv AuthService) GetUserOrg(userOrgCommand *command.UserOrgCommand) (inter |
|
|
}
|
|
|
|
|
|
//OrgSwitch 组织切换
|
|
|
func (srv AuthService) OrgSwitch(switchOrgCommand *command.SwitchOrgCommand) (interface{}, error) {
|
|
|
func (svr AuthService) OrgSwitch(switchOrgCommand *command.SwitchOrgCommand) (interface{}, error) {
|
|
|
if err := switchOrgCommand.ValidateCommand(); err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
...
|
...
|
@@ -456,7 +287,7 @@ func (srv AuthService) OrgSwitch(switchOrgCommand *command.SwitchOrgCommand) (in |
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, "accessToken 不可用,"+err.Error())
|
|
|
}
|
|
|
ltoken.OrgId = switchOrgCommand.OrgId
|
|
|
token, err := srv.getToken(domain.Operator{}, ltoken)
|
|
|
token, err := svr.getToken(ltoken)
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.BUSINESS_ERROR, err.Error())
|
|
|
}
|
...
|
...
|
@@ -466,7 +297,7 @@ func (srv AuthService) OrgSwitch(switchOrgCommand *command.SwitchOrgCommand) (in |
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, "用户不存在")
|
|
|
}
|
|
|
}
|
|
|
user, err := srv.getUserInfo(domain.Operator{UserId: userId})
|
|
|
user, err := svr.getUserInfo(domain.Operator{UserId: userId})
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.BUSINESS_ERROR, err.Error())
|
|
|
}
|
...
|
...
|
@@ -487,7 +318,7 @@ func (srv AuthService) OrgSwitch(switchOrgCommand *command.SwitchOrgCommand) (in |
|
|
}
|
|
|
|
|
|
// CompanySignUp 企业注册
|
|
|
func (srv AuthService) CompanySignUp(companySignUpCommand *command.CompanySignUpCommand) (interface{}, error) {
|
|
|
func (svr AuthService) CompanySignUp(companySignUpCommand *command.CompanySignUpCommand) (interface{}, error) {
|
|
|
//TODO:验证码验证测试去掉,后期恢复回来
|
|
|
//smsServeGateway := sms_serve.NewHttplibHttplibSmsServe()
|
|
|
//err := smsServeGateway.CheckSmsCode(companySignUpCommand.Phone, companySignUpCommand.SmsCode)
|
...
|
...
|
@@ -510,7 +341,7 @@ func (srv AuthService) CompanySignUp(companySignUpCommand *command.CompanySignUp |
|
|
}
|
|
|
|
|
|
// ResetPassword 重置密码(找回密码)
|
|
|
func (srv AuthService) ResetPassword(resetPasswordCommand *command.ResetPasswordCommand) (interface{}, error) {
|
|
|
func (svr AuthService) ResetPassword(resetPasswordCommand *command.ResetPasswordCommand) (interface{}, error) {
|
|
|
if err := resetPasswordCommand.ValidateCommand(); err != nil {
|
|
|
return nil, application.ThrowError(application.ARG_ERROR, err.Error())
|
|
|
}
|
...
|
...
|
@@ -533,7 +364,7 @@ func (srv AuthService) ResetPassword(resetPasswordCommand *command.ResetPassword |
|
|
return result, err
|
|
|
}
|
|
|
|
|
|
func (srv AuthService) getUserInfo(operator domain.Operator) (interface{}, error) {
|
|
|
func (svr AuthService) getUserInfo(operator domain.Operator) (interface{}, error) {
|
|
|
creationUserGateway := allied_creation_user.NewHttplibAlliedCreationUser(
|
|
|
operator)
|
|
|
resultUser, err := creationUserGateway.UserGet(allied_creation_user.ReqGetUser{
|
...
|
...
|
@@ -563,33 +394,46 @@ func (srv AuthService) getUserInfo(operator domain.Operator) (interface{}, error |
|
|
return user, nil
|
|
|
}
|
|
|
|
|
|
func (srv AuthService) getToken(operator domain.Operator, ltoken domain.LoginToken) (map[string]interface{}, error) {
|
|
|
func (svr AuthService) getToken(ltoken domain.LoginToken) (map[string]interface{}, error) {
|
|
|
creationUserGateway := allied_creation_user.NewHttplibAlliedCreationUser(domain.Operator{})
|
|
|
userSearchResult, err := creationUserGateway.UserSearch(allied_creation_user.ReqUserSearch{
|
|
|
Phone: ltoken.Account,
|
|
|
})
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, "用户信息获取失败,"+err.Error())
|
|
|
return nil, application.ThrowError(application.BUSINESS_ERROR, "用户信息获取失败,"+err.Error())
|
|
|
}
|
|
|
//判定当前凭证的companyId,OrganizationId 是否在用户列表中
|
|
|
// 1 . 判定当前凭证的companyId,OrganizationId 是否在用户列表中
|
|
|
var currentOrgIsOK bool
|
|
|
var currentUserId int64
|
|
|
var currentUser allied_creation_user.UserDetail
|
|
|
loopUser1:
|
|
|
for _, v := range userSearchResult.Users {
|
|
|
//if v.Company.CompanyId == int(ltoken.CompanyId) {
|
|
|
for _, vv := range v.UserOrg {
|
|
|
if vv.OrgID == int(ltoken.OrgId) {
|
|
|
currentOrgIsOK = true
|
|
|
currentUserId = int64(v.UserId)
|
|
|
currentUser = v
|
|
|
break loopUser1
|
|
|
}
|
|
|
}
|
|
|
//}
|
|
|
}
|
|
|
if !currentOrgIsOK {
|
|
|
loopUser2:
|
|
|
for _, v := range userSearchResult.Users {
|
|
|
for _, vv := range v.UserOrg {
|
|
|
ltoken.OrgId = int64(vv.OrgID)
|
|
|
currentOrgIsOK = true
|
|
|
currentUser = v
|
|
|
break loopUser2
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
if !currentOrgIsOK {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, "登录的公司组织不可用")
|
|
|
}
|
|
|
ltoken.UserId = int64(currentUser.UserId)
|
|
|
ltoken.UserBaseId = int64(currentUser.UserBaseId)
|
|
|
ltoken.CompanyId = int64(currentUser.Company.CompanyId)
|
|
|
|
|
|
// 2. 更新currentAccess信息
|
|
|
transactionContext, err := factory.CreateTransactionContext(nil)
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
...
|
...
|
@@ -604,35 +448,27 @@ loopUser1: |
|
|
if loginAccessRepository, err = factory.CreateLoginAccessRepository(map[string]interface{}{
|
|
|
"transactionContext": transactionContext,
|
|
|
}); err != nil {
|
|
|
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, err.Error())
|
|
|
return nil, application.ThrowError(application.BUSINESS_ERROR, err.Error())
|
|
|
}
|
|
|
_, lAccess, err := loginAccessRepository.Find(map[string]interface{}{
|
|
|
"account": ltoken.Account,
|
|
|
"platform": domain.LoginPlatformApp,
|
|
|
"platform": ltoken.Platform,
|
|
|
})
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
var currentAccess *domain.LoginAccess
|
|
|
var currentAccess = &domain.LoginAccess{CreatedTime: time.Now()}
|
|
|
if len(lAccess) > 0 {
|
|
|
currentAccess = lAccess[0]
|
|
|
currentAccess.UpdatedTime = time.Now()
|
|
|
} else {
|
|
|
currentAccess = &domain.LoginAccess{
|
|
|
UserBaseId: ltoken.UserBaseId,
|
|
|
UserId: ltoken.UserId,
|
|
|
Account: ltoken.Account,
|
|
|
Platform: domain.LoginPlatformApp,
|
|
|
CompanyId: ltoken.CompanyId,
|
|
|
OrganizationId: ltoken.OrgId,
|
|
|
AccessToken: "",
|
|
|
RefreshToken: "",
|
|
|
AccessExpired: 0,
|
|
|
RefreshExpired: 0,
|
|
|
CreatedTime: time.Now(),
|
|
|
UpdatedTime: time.Now(),
|
|
|
}
|
|
|
}
|
|
|
currentAccess.UserId = int64(ltoken.UserId)
|
|
|
currentAccess.UserBaseId = int64(ltoken.UserBaseId)
|
|
|
currentAccess.Account = ltoken.Account
|
|
|
currentAccess.Platform = ltoken.Platform
|
|
|
currentAccess.CompanyId = int64(ltoken.CompanyId)
|
|
|
currentAccess.OrganizationId = ltoken.OrgId
|
|
|
currentAccess.UpdatedTime = time.Now()
|
|
|
|
|
|
accessTokenStr, err := ltoken.GenerateAccessToken()
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
...
|
...
|
@@ -641,22 +477,24 @@ loopUser1: |
|
|
currentAccess.AccessExpired = ltoken.ExpiresAt
|
|
|
refreshTokenStr, err := ltoken.GenerateRefreshToken()
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
return nil, application.ThrowError(application.BUSINESS_ERROR, err.Error())
|
|
|
}
|
|
|
currentAccess.RefreshToken = refreshTokenStr
|
|
|
currentAccess.RefreshExpired = ltoken.ExpiresAt
|
|
|
//先存数据库
|
|
|
|
|
|
//存数据库
|
|
|
_, err = loginAccessRepository.Save(currentAccess)
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
if err := transactionContext.CommitTransaction(); err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
return nil, application.ThrowError(application.BUSINESS_ERROR, err.Error())
|
|
|
}
|
|
|
//后处理redis缓存
|
|
|
|
|
|
//redis缓存
|
|
|
tokenCache := cache.LoginTokenCache{}
|
|
|
tokenCache.RemoveAccessToken(currentAccess.Account, domain.LoginPlatformApp)
|
|
|
tokenCache.RemoveRefreshToken(currentAccess.Account, domain.LoginPlatformApp)
|
|
|
tokenCache.RemoveAccessToken(currentAccess.Account, ltoken.Platform)
|
|
|
tokenCache.RemoveRefreshToken(currentAccess.Account, ltoken.Platform)
|
|
|
tokenCache.SaveAccessToken(currentAccess)
|
|
|
tokenCache.SaveRefreshToken(currentAccess)
|
|
|
nowTime := time.Now().Unix()
|
...
|
...
|
@@ -667,12 +505,12 @@ loopUser1: |
|
|
}
|
|
|
return map[string]interface{}{
|
|
|
"token": token,
|
|
|
"userId": currentUserId,
|
|
|
"userId": currentUser.UserId,
|
|
|
}, nil
|
|
|
}
|
|
|
|
|
|
//GetCompanyOrgsByUser 获取登录用户的公司组织列表
|
|
|
func (srv AuthService) GetCompanyOrgsByUser(queryParam *query.GetCompanyOrgsByUserQuery) (interface{}, error) {
|
|
|
func (svr AuthService) GetCompanyOrgsByUser(queryParam *query.GetCompanyOrgsByUserQuery) (interface{}, error) {
|
|
|
|
|
|
creationUserGateway := allied_creation_user.NewHttplibAlliedCreationUser(queryParam.Operator)
|
|
|
result, err := creationUserGateway.UserSearch(allied_creation_user.ReqUserSearch{
|
...
|
...
|
@@ -708,7 +546,7 @@ func (srv AuthService) GetCompanyOrgsByUser(queryParam *query.GetCompanyOrgsByUs |
|
|
}
|
|
|
|
|
|
//GetQrcode 获取扫码登录需要的二维码
|
|
|
func (srv AuthService) GetQrcode() (interface{}, error) {
|
|
|
func (svr AuthService) GetQrcode() (interface{}, error) {
|
|
|
qrmsg := domain.QrcodeMessage{}
|
|
|
_, err := qrmsg.GenerateImageBase64() //imgBase64
|
|
|
if err != nil {
|
...
|
...
|
@@ -726,41 +564,8 @@ func (srv AuthService) GetQrcode() (interface{}, error) { |
|
|
return data, nil
|
|
|
}
|
|
|
|
|
|
//QrcodeLoginStatus 询问扫码登录状态
|
|
|
func (srv AuthService) QrcodeLoginStatus(queryParam *query.QrcodeLoginStatusQuery) (interface{}, error) {
|
|
|
qrmsg := domain.QrcodeMessage{}
|
|
|
err := qrmsg.ParseToken(queryParam.Key)
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
qrCache := cache.LoginQrcodeCache{}
|
|
|
qrmsgCache, err := qrCache.Get(qrmsg.Id)
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
loginToken := domain.LoginToken{
|
|
|
UserId: qrmsgCache.UserId,
|
|
|
UserBaseId: qrmsgCache.UserBaseId,
|
|
|
Account: qrmsgCache.Account,
|
|
|
Platform: domain.LoginPlatformWeb,
|
|
|
CompanyId: qrmsgCache.CompanyId,
|
|
|
OrgId: qrmsgCache.OrgId,
|
|
|
}
|
|
|
accessToken, err := loginToken.GenerateAccessToken()
|
|
|
if err != nil {
|
|
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
}
|
|
|
_ = accessToken
|
|
|
//TODO 填充token数据
|
|
|
data := map[string]interface{}{
|
|
|
"isLogin": qrmsgCache.IsLogin,
|
|
|
"access": "",
|
|
|
}
|
|
|
return data, nil
|
|
|
}
|
|
|
|
|
|
//CheckSmsCode 验证手机短信验证码
|
|
|
func (srv AuthService) CheckSmsCode(smsCodeCommand *command.CheckSmsCodeCommand) (interface{}, error) {
|
|
|
func (svr AuthService) CheckSmsCode(smsCodeCommand *command.CheckSmsCodeCommand) (interface{}, error) {
|
|
|
smsServeGateway := sms_serve.NewHttplibHttplibSmsServe()
|
|
|
err := smsServeGateway.CheckSmsCode(smsCodeCommand.Phone, smsCodeCommand.SmsCode)
|
|
|
if err != nil {
|
...
|
...
|
@@ -780,3 +585,25 @@ func (srv AuthService) CheckSmsCode(smsCodeCommand *command.CheckSmsCodeCommand) |
|
|
"smsCodeIdentity": uid.String(),
|
|
|
}, nil
|
|
|
}
|
|
|
|
|
|
func (svr *AuthService) CaptchaInit(request *query.CaptchaInitRequest) (interface{}, error) {
|
|
|
var rsp map[string]interface{}
|
|
|
var err error
|
|
|
|
|
|
newGeetest := geetest.NewGeetestLib(captchaID, privateKey, 2*time.Second)
|
|
|
status, responseBt := newGeetest.PreProcess("", request.UserIp)
|
|
|
var geetestRsp geetest.FailbackRegisterRespnse
|
|
|
json.Unmarshal(responseBt, &geetestRsp)
|
|
|
rspData := map[string]interface{}{
|
|
|
"success": geetestRsp.Success,
|
|
|
"gt": geetestRsp.GT,
|
|
|
"challenge": geetestRsp.Challenge,
|
|
|
"newCaptcha": geetestRsp.NewCaptcha,
|
|
|
}
|
|
|
if status == 0 {
|
|
|
return nil, application.ThrowError(application.BUSINESS_ERROR, "获取图形验证码失败,请重试")
|
|
|
}
|
|
|
|
|
|
rsp = rspData
|
|
|
return rsp, err
|
|
|
} |
...
|
...
|
|