作者 tangxvhui

更新 手机端 登录流程

package command
type AccessTokenCommand struct {
AuthCode string `json:"authCode" valid:"Required"`
}
... ...
package command
type RefreshTokenCommand struct {
RefreshToken string `json:"refreshToken" valid:"Required"`
Uid int64 `json:"-"`
LoginType string `json:"-"`
}
... ...
... ... @@ -229,3 +229,119 @@ func (service *AuthService) MeInfo(param *command.GetMeInfo) (map[string]interfa
"user": info,
}, nil
}
// Authorize 移动端授权登录
func (srv *AuthService) Authorize(param *command.MobileLoginCommand) (map[string]interface{}, error) {
transactionContext, err := factory.CreateTransactionContext(nil)
if err != nil {
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
}
if errStart := transactionContext.StartTransaction(); errStart != nil {
return nil, application.ThrowError(application.TRANSACTION_ERROR, errStart.Error())
}
defer func() {
_ = transactionContext.RollbackTransaction()
}()
// 统一用户中心登录
authCodeReply, err := factory.UCenterApi().AppAuthCode(param.Credentials, param.Cuid, param.Cid)
if err != nil || !authCodeReply.IsOk() {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "统一用户中心认证失败")
}
// 用户权限校验
// 登录平台ID, 29-员工绩效
userAuthReply, err := factory.BusinessAdminApi().GetUserAuth(int64(param.Muid), constant.PLATFORM_FONT_ID)
if err != nil {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "用户鉴权失败")
}
if !userAuthReply.IsOk() {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, userAuthReply.Message())
}
//获取公司数据
companyRepository := factory.CreateCompanyRepository(map[string]interface{}{
"transactionContext": transactionContext,
})
company, err := companyRepository.FindOne(map[string]interface{}{
"id": param.Cid,
})
if err != nil {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取公司数据失败")
}
userRepository := factory.CreateUserRepository(map[string]interface{}{
"transactionContext": transactionContext,
})
user, err := userRepository.FindOne(map[string]interface{}{
"id": param.Muid,
"companyId": company.Id,
})
if err != nil {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取用户数据失败")
}
if user.Status != domain.UserStatusEnable {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "用户被禁用")
}
if err := transactionContext.CommitTransaction(); err != nil {
return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error())
}
userAuth := &domain.UserAuth{
UserId: user.Id,
CompanyId: user.CompanyId,
CompanyName: company.Name,
Phone: user.Account,
PlatformId: constant.PLATFORM_FONT_ID,
Name: user.Name,
AdminType: user.AdminType,
}
accessToken, err := userAuth.CreateAccessToken()
if err != nil {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, err.Error())
}
respData := map[string]interface{}{
"authCode": accessToken,
}
return respData, nil
}
func (srv *AuthService) AccessToken(param *command.AccessTokenCommand) (map[string]interface{}, error) {
userAuth := domain.UserAuth{}
_, err := userAuth.ParseAccessToken(param.AuthCode)
if err != nil {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "authcode 失效")
}
accessToken, err := userAuth.CreateAccessToken()
if err != nil {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 accessToken 失败")
}
refreshToken, err := userAuth.CreateRefreshToken()
if err != nil {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 refreshToken 解析失败")
}
respData := map[string]interface{}{
"refreshToken": refreshToken,
"accessToken": accessToken,
"expiresIn": domain.JWTExpiresSecond,
}
return respData, nil
}
func (srv *AuthService) RefreshToken(param *command.RefreshTokenCommand) (map[string]interface{}, error) {
userAuth := domain.UserAuth{}
_, err := userAuth.ParseAccessToken(param.RefreshToken)
if err != nil {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "refresh_token 失效")
}
accessToken, err := userAuth.CreateAccessToken()
if err != nil {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 accessToken 失败")
}
refreshToken, err := userAuth.CreateRefreshToken()
if err != nil {
return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 refreshToken 解析失败")
}
respData := map[string]interface{}{
"refreshToken": refreshToken,
"accessToken": accessToken,
"expiresIn": domain.JWTExpiresSecond,
}
return respData, nil
}
... ...
... ... @@ -55,3 +55,13 @@ func (userAuth *UserAuth) ParseAccessToken(token string) (*UserAuth, error) {
}
return user, errors.New("解析token失败")
}
func (userAuth *UserAuth) CreateRefreshToken() (string, error) {
expiresAt := time.Now().Add(time.Duration(JWTExpiresSecond*2) * time.Second).Unix()
userAuth.StandardClaims = jwt.StandardClaims{
ExpiresAt: expiresAt,
Issuer: issuer,
}
token := jwt.NewWithClaims(jwt.SigningMethodHS256, userAuth)
return token.SignedString([]byte(secretKey))
}
... ...
... ... @@ -40,3 +40,30 @@ func (controller *AuthController) MobileLogin() {
resp, err := authService.MobileLogin(loginCommand)
controller.Response(resp, err)
}
// Login 手机端登录 获取authCode
func (controller *AuthController) Authorize() {
authService := &service.AuthService{}
loginCommand := &command.MobileLoginCommand{}
_ = controller.Unmarshal(loginCommand)
resp, err := authService.Authorize(loginCommand)
controller.Response(resp, err)
}
// Login 获取token
func (controller *AuthController) AccessToken() {
authService := &service.AuthService{}
loginCommand := &command.AccessTokenCommand{}
_ = controller.Unmarshal(loginCommand)
resp, err := authService.AccessToken(loginCommand)
controller.Response(resp, err)
}
// Login 手机端 获取刷新token
func (controller *AuthController) RefreshToken() {
authService := &service.AuthService{}
loginCommand := &command.RefreshTokenCommand{}
_ = controller.Unmarshal(loginCommand)
resp, err := authService.RefreshToken(loginCommand)
controller.Response(resp, err)
}
... ...
... ... @@ -10,12 +10,18 @@ func init() {
web.Router("/login", &controllers.AuthController{}, "Post:Login")
//手机模块登录-旧
web.Router("/login/mobile", &controllers.AuthController{}, "Post:MobileLogin")
////手机模块登录-新
web.Router("/v1/auth/authorize", &controllers.AuthController{}, "Post:MobileLogin")
//
web.InsertFilter("/auth/admin/*", web.BeforeExec, middlewares.CheckAdminToken())
web.Router("/auth/admin/user", &controllers.AuthController{}, "Get:User")
web.InsertFilter("/auth/font/*", web.BeforeExec, middlewares.CheckFontToken())
web.Router("/auth/font/user", &controllers.AuthController{}, "Get:User")
{
//手机模块登录-新
web.CtrlPost("/v1/auth/authorize", (*controllers.AuthController).Authorize)
web.CtrlPost("/v1/auth/accessToken", (*controllers.AuthController).AccessToken)
web.CtrlPost("/v1/auth/refreshToken", (*controllers.AuthController).RefreshToken)
}
}
... ...