app_auth.go 9.8 KB
package service

import (
	"github.com/linmadan/egglib-go/core/application"
	"gitlab.fjmaimaimai.com/allied-creation/performance/pkg/application/auth/command"
	"gitlab.fjmaimaimai.com/allied-creation/performance/pkg/application/factory"
	"gitlab.fjmaimaimai.com/allied-creation/performance/pkg/constant"
	"gitlab.fjmaimaimai.com/allied-creation/performance/pkg/domain"
)

// 员工绩效 手机端登录,来源于能力展示app
func (service *AuthService) MobileLogin(param *command.MobileLoginCommand) (map[string]interface{}, error) {
	transactionContext, err := factory.CreateTransactionContext(nil)
	if err != nil {
		return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
	}
	if errStart := transactionContext.StartTransaction(); errStart != nil {
		return nil, application.ThrowError(application.TRANSACTION_ERROR, errStart.Error())
	}
	defer func() {
		_ = transactionContext.RollbackTransaction()
	}()
	// 统一用户中心登录
	authCodeReply, err := factory.UCenterApi().AppAuthCode(param.Credentials, param.Cuid, param.Cid)
	if err != nil || !authCodeReply.IsOk() {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "统一用户中心认证失败")
	}
	// 用户权限校验
	// 登录平台ID,28-绩效管理后台  29-员工绩效
	userAuthReply, err := factory.BusinessAdminApi().GetUserAuth(int64(param.Muid), constant.PLATFORM_FONT_ID)
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "用户鉴权失败")
	}
	if !userAuthReply.IsOk() {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, userAuthReply.Message())
	}
	//获取公司数据
	companyRepository := factory.CreateCompanyRepository(map[string]interface{}{
		"transactionContext": transactionContext,
	})
	company, err := companyRepository.FindOne(map[string]interface{}{
		"id": param.Cid,
	})
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取公司数据失败")
	}
	userRepository := factory.CreateUserRepository(map[string]interface{}{
		"transactionContext": transactionContext,
	})
	user, err := userRepository.FindOne(map[string]interface{}{
		"id":        param.Muid,
		"companyId": company.Id,
	})
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取用户数据失败")
	}
	if user.Status != domain.UserStatusEnable {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "用户被禁用")
	}
	userAuth := &domain.UserAuth{
		UserId:      user.Id,
		CompanyId:   user.CompanyId,
		CompanyName: company.Name,
		Phone:       user.Account,
		PlatformId:  constant.PLATFORM_FONT_ID,
		Name:        user.Name,
		AdminType:   user.AdminType,
	}
	accessToken, err := userAuth.CreateAccessToken()
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, err.Error())
	}
	if err := transactionContext.CommitTransaction(); err != nil {
		return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
	}
	result := map[string]interface{}{
		"access": map[string]interface{}{
			"accessToken": accessToken,
			"expiresIn":   domain.JWTExpiresSecond,
		},
	}
	return result, nil
}

// Authorize 移动端授权登录
func (srv *AuthService) Authorize(param *command.AuthorizeCommand) (map[string]interface{}, error) {
	transactionContext, err := factory.CreateTransactionContext(nil)
	if err != nil {
		return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
	}
	if errStart := transactionContext.StartTransaction(); errStart != nil {
		return nil, application.ThrowError(application.TRANSACTION_ERROR, errStart.Error())
	}
	defer func() {
		_ = transactionContext.RollbackTransaction()
	}()
	// 统一用户中心登录
	authCodeReply, err := factory.UCenterApi().AppAuthCode(param.Credentials, param.Cuid, param.Cid)
	if err != nil || !authCodeReply.IsOk() {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "统一用户中心认证失败")
	}
	// 用户权限校验
	// 登录平台ID, 29-员工绩效
	userAuthReply, err := factory.BusinessAdminApi().GetUserAuth(int64(param.Muid), constant.PLATFORM_FONT_ID)
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "用户鉴权失败")
	}
	if !userAuthReply.IsOk() {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, userAuthReply.Message())
	}
	//获取公司数据
	companyRepository := factory.CreateCompanyRepository(map[string]interface{}{
		"transactionContext": transactionContext,
	})
	company, err := companyRepository.FindOne(map[string]interface{}{
		"id": param.Cid,
	})
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取公司数据失败")
	}
	userRepository := factory.CreateUserRepository(map[string]interface{}{
		"transactionContext": transactionContext,
	})
	user, err := userRepository.FindOne(map[string]interface{}{
		"id":        param.Muid,
		"companyId": company.Id,
	})
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取用户数据失败")
	}
	if user.Status != domain.UserStatusEnable {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "用户被禁用")
	}
	if err := transactionContext.CommitTransaction(); err != nil {
		return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
	}
	userAuth := &domain.UserAuth{
		UserId:      user.Id,
		CompanyId:   user.CompanyId,
		CompanyName: company.Name,
		Phone:       user.Account,
		PlatformId:  constant.PLATFORM_FONT_ID,
		Name:        user.Name,
		AdminType:   user.AdminType,
	}
	accessToken, err := userAuth.CreateAccessToken()
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, err.Error())
	}
	respData := map[string]interface{}{
		"authCode": accessToken,
	}
	return respData, nil
}

func (srv *AuthService) AccessToken(param *command.AccessTokenCommand) (map[string]interface{}, error) {
	userAuth := domain.UserAuth{}
	_, err := userAuth.ParseAccessToken(param.AuthCode)
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "authcode 失效")
	}

	accessToken, err := userAuth.CreateAccessToken()
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 accessToken 失败")
	}
	refreshToken, err := userAuth.CreateRefreshToken()
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 refreshToken 解析失败")
	}
	respData := map[string]interface{}{
		"refreshToken": refreshToken,
		"accessToken":  accessToken,
		"expiresIn":    domain.JWTExpiresSecond,
	}
	return respData, nil
}

// 刷新token
func (srv *AuthService) RefreshToken(param *command.RefreshTokenCommand) (map[string]interface{}, error) {
	userAuth := domain.UserAuth{}
	_, err := userAuth.ParseAccessToken(param.RefreshToken)
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "refresh_token 失效")
	}
	accessToken, err := userAuth.CreateAccessToken()
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 accessToken 失败")
	}
	refreshToken, err := userAuth.CreateRefreshToken()
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 refreshToken 解析失败")
	}
	respData := map[string]interface{}{
		"refreshToken": refreshToken,
		"accessToken":  accessToken,
		"expiresIn":    domain.JWTExpiresSecond,
	}
	return respData, nil
}

func (srv *AuthService) UserInfo(param *command.GetMeInfo) (map[string]interface{}, error) {
	transactionContext, err := factory.CreateTransactionContext(nil)
	if err != nil {
		return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
	}
	if errStart := transactionContext.StartTransaction(); errStart != nil {
		return nil, application.ThrowError(application.TRANSACTION_ERROR, errStart.Error())
	}
	defer func() {
		_ = transactionContext.RollbackTransaction()
	}()

	userRepository := factory.CreateUserRepository(map[string]interface{}{"transactionContext": transactionContext})
	companyRepository := factory.CreateCompanyRepository(map[string]interface{}{"transactionContext": transactionContext})
	depRepository := factory.CreateDepartmentRepository(map[string]interface{}{"transactionContext": transactionContext})
	userData, err := userRepository.FindOne(map[string]interface{}{
		"id": param.UserId,
	})
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取员工数据"+err.Error())
	}
	companyData, err := companyRepository.FindOne(map[string]interface{}{
		"id": param.CompanyId,
	})
	if err != nil {
		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取公司数据"+err.Error())
	}
	var departmentList []*domain.Department
	if len(userData.DepartmentId) > 0 {
		_, departmentList, err = depRepository.Find(map[string]interface{}{"ids": userData.DepartmentId})
		if err != nil {
			return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取部门数据"+err.Error())
		}
	}

	if err := transactionContext.CommitTransaction(); err != nil {
		return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
	}
	respData := map[string]interface{}{
		"user": map[string]interface{}{
			"uid":   userData.Id,
			"muid":  userData.Id,
			"uname": userData.Name,
			"phone": userData.Account,
			"image": map[string]interface{}{
				"path": userData.AvatarUrl,
				"w":    0,
				"h":    0,
			},
			"company": map[string]interface{}{
				"id":   companyData.Id,
				"name": companyData.Name,
			},
			"dep": map[string]interface{}{
				"id":   0,
				"name": "",
			},
		},
	}
	if len(departmentList) > 0 {
		respData["dep"] = map[string]interface{}{
			"id":   departmentList[0].Id,
			"name": departmentList[0].Name,
		}
	}

	return respData, nil
}