Merge branch 'dev-tangxvhui' into test

+package command
+
+type AccessTokenCommand struct {
+	AuthCode string `json:"authCode" valid:"Required"`
+}

+package command
+
+type RefreshTokenCommand struct {
+	RefreshToken string `json:"refreshToken" valid:"Required"`
+	Uid          int64  `json:"-"`
+	LoginType    string `json:"-"`
+}

@@ -229,3 +229,119 @@ func (service *AuthService) MeInfo(param *command.GetMeInfo) (map[string]interfa
 		"user": info,
 	}, nil
 }
+
+// Authorize 移动端授权登录
+func (srv *AuthService) Authorize(param *command.MobileLoginCommand) (map[string]interface{}, error) {
+	transactionContext, err := factory.CreateTransactionContext(nil)
+	if err != nil {
+		return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
+	}
+	if errStart := transactionContext.StartTransaction(); errStart != nil {
+		return nil, application.ThrowError(application.TRANSACTION_ERROR, errStart.Error())
+	}
+	defer func() {
+		_ = transactionContext.RollbackTransaction()
+	}()
+	// 统一用户中心登录
+	authCodeReply, err := factory.UCenterApi().AppAuthCode(param.Credentials, param.Cuid, param.Cid)
+	if err != nil || !authCodeReply.IsOk() {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "统一用户中心认证失败")
+	}
+	// 用户权限校验
+	// 登录平台ID， 29-员工绩效
+	userAuthReply, err := factory.BusinessAdminApi().GetUserAuth(int64(param.Muid), constant.PLATFORM_FONT_ID)
+	if err != nil {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "用户鉴权失败")
+	}
+	if !userAuthReply.IsOk() {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, userAuthReply.Message())
+	}
+	//获取公司数据
+	companyRepository := factory.CreateCompanyRepository(map[string]interface{}{
+		"transactionContext": transactionContext,
+	})
+	company, err := companyRepository.FindOne(map[string]interface{}{
+		"id": param.Cid,
+	})
+	if err != nil {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取公司数据失败")
+	}
+	userRepository := factory.CreateUserRepository(map[string]interface{}{
+		"transactionContext": transactionContext,
+	})
+	user, err := userRepository.FindOne(map[string]interface{}{
+		"id":        param.Muid,
+		"companyId": company.Id,
+	})
+	if err != nil {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取用户数据失败")
+	}
+	if user.Status != domain.UserStatusEnable {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "用户被禁用")
+	}
+	if err := transactionContext.CommitTransaction(); err != nil {
+		return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
+	}
+	userAuth := &domain.UserAuth{
+		UserId:      user.Id,
+		CompanyId:   user.CompanyId,
+		CompanyName: company.Name,
+		Phone:       user.Account,
+		PlatformId:  constant.PLATFORM_FONT_ID,
+		Name:        user.Name,
+		AdminType:   user.AdminType,
+	}
+	accessToken, err := userAuth.CreateAccessToken()
+	if err != nil {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, err.Error())
+	}
+	respData := map[string]interface{}{
+		"authCode": accessToken,
+	}
+	return respData, nil
+}
+
+func (srv *AuthService) AccessToken(param *command.AccessTokenCommand) (map[string]interface{}, error) {
+	userAuth := domain.UserAuth{}
+	_, err := userAuth.ParseAccessToken(param.AuthCode)
+	if err != nil {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "authcode 失效")
+	}
+
+	accessToken, err := userAuth.CreateAccessToken()
+	if err != nil {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 accessToken 失败")
+	}
+	refreshToken, err := userAuth.CreateRefreshToken()
+	if err != nil {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 refreshToken 解析失败")
+	}
+	respData := map[string]interface{}{
+		"refreshToken": refreshToken,
+		"accessToken":  accessToken,
+		"expiresIn":    domain.JWTExpiresSecond,
+	}
+	return respData, nil
+}
+
+func (srv *AuthService) RefreshToken(param *command.RefreshTokenCommand) (map[string]interface{}, error) {
+	userAuth := domain.UserAuth{}
+	_, err := userAuth.ParseAccessToken(param.RefreshToken)
+	if err != nil {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "refresh_token 失效")
+	}
+	accessToken, err := userAuth.CreateAccessToken()
+	if err != nil {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 accessToken 失败")
+	}
+	refreshToken, err := userAuth.CreateRefreshToken()
+	if err != nil {
+		return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 refreshToken 解析失败")
+	}
+	respData := map[string]interface{}{
+		"refreshToken": refreshToken,
+		"accessToken":  accessToken,
+		"expiresIn":    domain.JWTExpiresSecond,
+	}
+	return respData, nil
+}

@@ -55,3 +55,13 @@ func (userAuth *UserAuth) ParseAccessToken(token string) (*UserAuth, error) {
 	}
 	return user, errors.New("解析token失败")
 }
+
+func (userAuth *UserAuth) CreateRefreshToken() (string, error) {
+	expiresAt := time.Now().Add(time.Duration(JWTExpiresSecond*2) * time.Second).Unix()
+	userAuth.StandardClaims = jwt.StandardClaims{
+		ExpiresAt: expiresAt,
+		Issuer:    issuer,
+	}
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, userAuth)
+	return token.SignedString([]byte(secretKey))
+}

@@ -40,3 +40,30 @@ func (controller *AuthController) MobileLogin() {
 	resp, err := authService.MobileLogin(loginCommand)
 	controller.Response(resp, err)
 }
+
+// Login 手机端登录 获取authCode
+func (controller *AuthController) Authorize() {
+	authService := &service.AuthService{}
+	loginCommand := &command.MobileLoginCommand{}
+	_ = controller.Unmarshal(loginCommand)
+	resp, err := authService.Authorize(loginCommand)
+	controller.Response(resp, err)
+}
+
+// Login 获取token
+func (controller *AuthController) AccessToken() {
+	authService := &service.AuthService{}
+	loginCommand := &command.AccessTokenCommand{}
+	_ = controller.Unmarshal(loginCommand)
+	resp, err := authService.AccessToken(loginCommand)
+	controller.Response(resp, err)
+}
+
+// Login 手机端 获取刷新token
+func (controller *AuthController) RefreshToken() {
+	authService := &service.AuthService{}
+	loginCommand := &command.RefreshTokenCommand{}
+	_ = controller.Unmarshal(loginCommand)
+	resp, err := authService.RefreshToken(loginCommand)
+	controller.Response(resp, err)
+}

@@ -10,12 +10,18 @@ func init() {
 	web.Router("/login", &controllers.AuthController{}, "Post:Login")
 	//手机模块登录-旧
 	web.Router("/login/mobile", &controllers.AuthController{}, "Post:MobileLogin")
-	////手机模块登录-新
-	web.Router("/v1/auth/authorize", &controllers.AuthController{}, "Post:MobileLogin")
-	//
+
 	web.InsertFilter("/auth/admin/*", web.BeforeExec, middlewares.CheckAdminToken())
 	web.Router("/auth/admin/user", &controllers.AuthController{}, "Get:User")
 
 	web.InsertFilter("/auth/font/*", web.BeforeExec, middlewares.CheckFontToken())
 	web.Router("/auth/font/user", &controllers.AuthController{}, "Get:User")
+
+	{
+		//手机模块登录-新
+		web.CtrlPost("/v1/auth/authorize", (*controllers.AuthController).Authorize)
+		web.CtrlPost("/v1/auth/accessToken", (*controllers.AuthController).AccessToken)
+		web.CtrlPost("/v1/auth/refreshToken", (*controllers.AuthController).RefreshToken)
+	}
+
 }