|
@@ -8,6 +8,7 @@ import ( |
|
@@ -8,6 +8,7 @@ import ( |
8
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/application/factory"
|
8
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/application/factory"
|
9
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/application/mobile/auth/command"
|
9
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/application/mobile/auth/command"
|
10
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/domain"
|
10
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/domain"
|
|
|
11
|
+ "gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/infrastructure/cache"
|
11
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/infrastructure/service_gateway/allied_creation_user"
|
12
|
"gitlab.fjmaimaimai.com/allied-creation/allied-creation-gateway/pkg/infrastructure/service_gateway/allied_creation_user"
|
12
|
)
|
13
|
)
|
13
|
|
14
|
|
|
@@ -64,6 +65,9 @@ func (srv AuthService) SignInCaptcha(phone string, captcha string) (interface{}, |
|
@@ -64,6 +65,9 @@ func (srv AuthService) SignInCaptcha(phone string, captcha string) (interface{}, |
64
|
|
65
|
|
65
|
//GetAuthAccessToken 获取令牌Token
|
66
|
//GetAuthAccessToken 获取令牌Token
|
66
|
func (srv AuthService) GetAuthAccessToken(accessTokenCommand *command.AccessTokenCommand) (interface{}, error) {
|
67
|
func (srv AuthService) GetAuthAccessToken(accessTokenCommand *command.AccessTokenCommand) (interface{}, error) {
|
|
|
68
|
+ if err := accessTokenCommand.ValidateCommand(); err != nil {
|
|
|
69
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
70
|
+ }
|
67
|
ltoken := domain.LoginToken{}
|
71
|
ltoken := domain.LoginToken{}
|
68
|
err := ltoken.ParseToken(accessTokenCommand.AuthCode)
|
72
|
err := ltoken.ParseToken(accessTokenCommand.AuthCode)
|
69
|
if err != nil {
|
73
|
if err != nil {
|
|
@@ -123,6 +127,32 @@ func (srv AuthService) GetAuthAccessToken(accessTokenCommand *command.AccessToke |
|
@@ -123,6 +127,32 @@ func (srv AuthService) GetAuthAccessToken(accessTokenCommand *command.AccessToke |
123
|
UpdatedTime: time.Now(),
|
127
|
UpdatedTime: time.Now(),
|
124
|
}
|
128
|
}
|
125
|
}
|
129
|
}
|
|
|
130
|
+ //判定当前凭证的companyId,OrganizationId 是否在用户列表中
|
|
|
131
|
+ var currentOrgIsOK bool
|
|
|
132
|
+loopUser1:
|
|
|
133
|
+ for _, v := range userSeachResult.Users {
|
|
|
134
|
+ if v.Company.CompanyId == int(currentAccess.CompanyId) {
|
|
|
135
|
+ for _, vv := range v.UserOrg {
|
|
|
136
|
+ if vv.OrgID == int(currentAccess.OrganizationId) {
|
|
|
137
|
+ currentOrgIsOK = true
|
|
|
138
|
+ break loopUser1
|
|
|
139
|
+ }
|
|
|
140
|
+ }
|
|
|
141
|
+ }
|
|
|
142
|
+ }
|
|
|
143
|
+ //记录上一次的登录公司组织信息不可用 ,重登录置记录
|
|
|
144
|
+ if !currentOrgIsOK {
|
|
|
145
|
+ loopUser2:
|
|
|
146
|
+ for _, v := range userSeachResult.Users {
|
|
|
147
|
+ currentAccess.CompanyId = int64(v.Company.CompanyId)
|
|
|
148
|
+ for _, vv := range v.UserOrg {
|
|
|
149
|
+ currentAccess.OrganizationId = int64(vv.OrgID)
|
|
|
150
|
+ currentOrgIsOK = true
|
|
|
151
|
+ break loopUser2
|
|
|
152
|
+ }
|
|
|
153
|
+ }
|
|
|
154
|
+ }
|
|
|
155
|
+ //TODO
|
126
|
loginToken := domain.LoginToken{
|
156
|
loginToken := domain.LoginToken{
|
127
|
UserId: currentAccess.UserId,
|
157
|
UserId: currentAccess.UserId,
|
128
|
Account: currentAccess.Account,
|
158
|
Account: currentAccess.Account,
|
|
@@ -143,12 +173,133 @@ func (srv AuthService) GetAuthAccessToken(accessTokenCommand *command.AccessToke |
|
@@ -143,12 +173,133 @@ func (srv AuthService) GetAuthAccessToken(accessTokenCommand *command.AccessToke |
143
|
}
|
173
|
}
|
144
|
currentAccess.RefreshToken = refreshTokenStr
|
174
|
currentAccess.RefreshToken = refreshTokenStr
|
145
|
currentAccess.AccessExpired = loginToken.ExpiresAt
|
175
|
currentAccess.AccessExpired = loginToken.ExpiresAt
|
|
|
176
|
+ //先存数据库
|
|
|
177
|
+ _, err = loginAccessRepository.Save(currentAccess)
|
|
|
178
|
+ if err != nil {
|
|
|
179
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
180
|
+ }
|
|
|
181
|
+ if err := transactionContext.CommitTransaction(); err != nil {
|
|
|
182
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
183
|
+ }
|
|
|
184
|
+ tokenCache := cache.LoginTokenCache{}
|
|
|
185
|
+ tokenCache.RemoveAccessToken(currentAccess.Account, domain.LoginPlatformApp)
|
|
|
186
|
+ tokenCache.RemoveRefreshToken(currentAccess.Account, domain.LoginPlatformApp)
|
|
|
187
|
+ tokenCache.SaveAccessToken(currentAccess)
|
|
|
188
|
+ tokenCache.SaveRefreshToken(currentAccess)
|
|
|
189
|
+ nowTime := time.Now().Unix()
|
|
|
190
|
+ return map[string]interface{}{
|
|
|
191
|
+ "refreshToken": accessTokenStr,
|
|
|
192
|
+ "accessToken": refreshTokenStr,
|
|
|
193
|
+ "expiresIn": currentAccess.AccessExpired - nowTime,
|
|
|
194
|
+ }, nil
|
|
|
195
|
+}
|
146
|
|
196
|
|
|
|
197
|
+func (srv AuthService) RefreshAuthAccessToken(refreshTokenCommand *command.RefreshTokenCommand) (interface{}, error) {
|
|
|
198
|
+ if err := refreshTokenCommand.ValidateCommand(); err != nil {
|
|
|
199
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
200
|
+ }
|
|
|
201
|
+ ltoken := domain.LoginToken{}
|
|
|
202
|
+ err := ltoken.ParseToken(refreshTokenCommand.RefreshToken)
|
|
|
203
|
+ if err != nil {
|
|
|
204
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, "refreshToken 不可用,"+err.Error())
|
|
|
205
|
+ }
|
|
|
206
|
+ phone := ltoken.Account
|
|
|
207
|
+ creationUserGateway := allied_creation_user.NewHttplibAlliedCreationUser(0, 0, 0)
|
|
|
208
|
+ userSeachResult, err := creationUserGateway.UserSearch(allied_creation_user.ReqUserSearch{
|
|
|
209
|
+ Phone: phone,
|
|
|
210
|
+ })
|
|
|
211
|
+ if err != nil {
|
|
|
212
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, "用户信息获取失败,"+err.Error())
|
|
|
213
|
+ }
|
|
|
214
|
+ //判定当前凭证的companyId,OrganizationId 是否在用户列表中
|
|
|
215
|
+ var currentOrgIsOK bool
|
|
|
216
|
+loopUser1:
|
|
|
217
|
+ for _, v := range userSeachResult.Users {
|
|
|
218
|
+ if v.Company.CompanyId == int(ltoken.CompanyId) {
|
|
|
219
|
+ for _, vv := range v.UserOrg {
|
|
|
220
|
+ if vv.OrgID == int(ltoken.OrgId) {
|
|
|
221
|
+ currentOrgIsOK = true
|
|
|
222
|
+ break loopUser1
|
|
|
223
|
+ }
|
|
|
224
|
+ }
|
|
|
225
|
+ }
|
|
|
226
|
+ }
|
|
|
227
|
+ if !currentOrgIsOK {
|
|
|
228
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, "登录的公司组织不可用")
|
|
|
229
|
+ }
|
|
|
230
|
+
|
|
|
231
|
+ transactionContext, err := factory.CreateTransactionContext(nil)
|
|
|
232
|
+ if err != nil {
|
|
|
233
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
234
|
+ }
|
|
|
235
|
+ if err := transactionContext.StartTransaction(); err != nil {
|
|
|
236
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
237
|
+ }
|
|
|
238
|
+ defer func() {
|
|
|
239
|
+ transactionContext.RollbackTransaction()
|
|
|
240
|
+ }()
|
|
|
241
|
+ var loginAccessRepository domain.LoginAccessRepository
|
|
|
242
|
+ if loginAccessRepository, err = factory.CreateLoginAccessRepository(map[string]interface{}{
|
|
|
243
|
+ "transactionContext": transactionContext,
|
|
|
244
|
+ }); err != nil {
|
|
|
245
|
+ return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, err.Error())
|
|
|
246
|
+ }
|
|
|
247
|
+ _, lAccess, err := loginAccessRepository.Find(map[string]interface{}{
|
|
|
248
|
+ "account": phone,
|
|
|
249
|
+ "platform": domain.LoginPlatformApp,
|
|
|
250
|
+ })
|
|
|
251
|
+ if err != nil {
|
|
|
252
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
253
|
+ }
|
|
|
254
|
+ var currentAccess *domain.LoginAccess
|
|
|
255
|
+ if len(lAccess) > 0 {
|
|
|
256
|
+ currentAccess = lAccess[0]
|
|
|
257
|
+ currentAccess.UpdatedTime = time.Now()
|
|
|
258
|
+ } else {
|
|
|
259
|
+ currentAccess = &domain.LoginAccess{
|
|
|
260
|
+ UserBaseId: ltoken.UserBaseId,
|
|
|
261
|
+ UserId: ltoken.UserId,
|
|
|
262
|
+ Account: ltoken.Account,
|
|
|
263
|
+ Platform: domain.LoginPlatformApp,
|
|
|
264
|
+ CompanyId: ltoken.CompanyId,
|
|
|
265
|
+ OrganizationId: ltoken.OrgId,
|
|
|
266
|
+ AccessToken: "",
|
|
|
267
|
+ RefreshToken: "",
|
|
|
268
|
+ AccessExpired: 0,
|
|
|
269
|
+ RefreshExpired: 0,
|
|
|
270
|
+ CreatedTime: time.Now(),
|
|
|
271
|
+ UpdatedTime: time.Now(),
|
|
|
272
|
+ }
|
|
|
273
|
+ }
|
|
|
274
|
+ accessTokenStr, err := ltoken.GenerateAccessToken()
|
|
|
275
|
+ if err != nil {
|
|
|
276
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
277
|
+ }
|
|
|
278
|
+ currentAccess.AccessToken = accessTokenStr
|
|
|
279
|
+ currentAccess.AccessExpired = ltoken.ExpiresAt
|
|
|
280
|
+ refreshTokenStr, err := ltoken.GenerateRefreshToken()
|
|
|
281
|
+ if err != nil {
|
|
|
282
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
283
|
+ }
|
|
|
284
|
+ currentAccess.RefreshToken = refreshTokenStr
|
|
|
285
|
+ currentAccess.RefreshExpired = ltoken.ExpiresAt
|
147
|
//先存数据库
|
286
|
//先存数据库
|
|
|
287
|
+ _, err = loginAccessRepository.Save(currentAccess)
|
|
|
288
|
+ if err != nil {
|
|
|
289
|
+ return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
|
|
290
|
+ }
|
148
|
if err := transactionContext.CommitTransaction(); err != nil {
|
291
|
if err := transactionContext.CommitTransaction(); err != nil {
|
149
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
292
|
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
|
150
|
}
|
293
|
}
|
151
|
- //先删缓存
|
|
|
152
|
- //后加缓存
|
|
|
153
|
- return nil, nil
|
294
|
+ tokenCache := cache.LoginTokenCache{}
|
|
|
295
|
+ tokenCache.RemoveAccessToken(currentAccess.Account, domain.LoginPlatformApp)
|
|
|
296
|
+ tokenCache.RemoveRefreshToken(currentAccess.Account, domain.LoginPlatformApp)
|
|
|
297
|
+ tokenCache.SaveAccessToken(currentAccess)
|
|
|
298
|
+ tokenCache.SaveRefreshToken(currentAccess)
|
|
|
299
|
+ nowTime := time.Now().Unix()
|
|
|
300
|
+ return map[string]interface{}{
|
|
|
301
|
+ "refreshToken": accessTokenStr,
|
|
|
302
|
+ "accessToken": refreshTokenStr,
|
|
|
303
|
+ "expiresIn": currentAccess.AccessExpired - nowTime,
|
|
|
304
|
+ }, nil
|
154
|
} |
305
|
} |