正在显示
6 个修改的文件
包含
174 行增加
和
3 行删除
pkg/application/auth/command/access_token.go
0 → 100644
@@ -229,3 +229,119 @@ func (service *AuthService) MeInfo(param *command.GetMeInfo) (map[string]interfa | @@ -229,3 +229,119 @@ func (service *AuthService) MeInfo(param *command.GetMeInfo) (map[string]interfa | ||
229 | "user": info, | 229 | "user": info, |
230 | }, nil | 230 | }, nil |
231 | } | 231 | } |
232 | + | ||
233 | +// Authorize 移动端授权登录 | ||
234 | +func (srv *AuthService) Authorize(param *command.MobileLoginCommand) (map[string]interface{}, error) { | ||
235 | + transactionContext, err := factory.CreateTransactionContext(nil) | ||
236 | + if err != nil { | ||
237 | + return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error()) | ||
238 | + } | ||
239 | + if errStart := transactionContext.StartTransaction(); errStart != nil { | ||
240 | + return nil, application.ThrowError(application.TRANSACTION_ERROR, errStart.Error()) | ||
241 | + } | ||
242 | + defer func() { | ||
243 | + _ = transactionContext.RollbackTransaction() | ||
244 | + }() | ||
245 | + // 统一用户中心登录 | ||
246 | + authCodeReply, err := factory.UCenterApi().AppAuthCode(param.Credentials, param.Cuid, param.Cid) | ||
247 | + if err != nil || !authCodeReply.IsOk() { | ||
248 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "统一用户中心认证失败") | ||
249 | + } | ||
250 | + // 用户权限校验 | ||
251 | + // 登录平台ID, 29-员工绩效 | ||
252 | + userAuthReply, err := factory.BusinessAdminApi().GetUserAuth(int64(param.Muid), constant.PLATFORM_FONT_ID) | ||
253 | + if err != nil { | ||
254 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "用户鉴权失败") | ||
255 | + } | ||
256 | + if !userAuthReply.IsOk() { | ||
257 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, userAuthReply.Message()) | ||
258 | + } | ||
259 | + //获取公司数据 | ||
260 | + companyRepository := factory.CreateCompanyRepository(map[string]interface{}{ | ||
261 | + "transactionContext": transactionContext, | ||
262 | + }) | ||
263 | + company, err := companyRepository.FindOne(map[string]interface{}{ | ||
264 | + "id": param.Cid, | ||
265 | + }) | ||
266 | + if err != nil { | ||
267 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取公司数据失败") | ||
268 | + } | ||
269 | + userRepository := factory.CreateUserRepository(map[string]interface{}{ | ||
270 | + "transactionContext": transactionContext, | ||
271 | + }) | ||
272 | + user, err := userRepository.FindOne(map[string]interface{}{ | ||
273 | + "id": param.Muid, | ||
274 | + "companyId": company.Id, | ||
275 | + }) | ||
276 | + if err != nil { | ||
277 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "获取用户数据失败") | ||
278 | + } | ||
279 | + if user.Status != domain.UserStatusEnable { | ||
280 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "用户被禁用") | ||
281 | + } | ||
282 | + if err := transactionContext.CommitTransaction(); err != nil { | ||
283 | + return nil, application.ThrowError(application.TRANSACTION_ERROR, err.Error()) | ||
284 | + } | ||
285 | + userAuth := &domain.UserAuth{ | ||
286 | + UserId: user.Id, | ||
287 | + CompanyId: user.CompanyId, | ||
288 | + CompanyName: company.Name, | ||
289 | + Phone: user.Account, | ||
290 | + PlatformId: constant.PLATFORM_FONT_ID, | ||
291 | + Name: user.Name, | ||
292 | + AdminType: user.AdminType, | ||
293 | + } | ||
294 | + accessToken, err := userAuth.CreateAccessToken() | ||
295 | + if err != nil { | ||
296 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, err.Error()) | ||
297 | + } | ||
298 | + respData := map[string]interface{}{ | ||
299 | + "authCode": accessToken, | ||
300 | + } | ||
301 | + return respData, nil | ||
302 | +} | ||
303 | + | ||
304 | +func (srv *AuthService) AccessToken(param *command.AccessTokenCommand) (map[string]interface{}, error) { | ||
305 | + userAuth := domain.UserAuth{} | ||
306 | + _, err := userAuth.ParseAccessToken(param.AuthCode) | ||
307 | + if err != nil { | ||
308 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "authcode 失效") | ||
309 | + } | ||
310 | + | ||
311 | + accessToken, err := userAuth.CreateAccessToken() | ||
312 | + if err != nil { | ||
313 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 accessToken 失败") | ||
314 | + } | ||
315 | + refreshToken, err := userAuth.CreateRefreshToken() | ||
316 | + if err != nil { | ||
317 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 refreshToken 解析失败") | ||
318 | + } | ||
319 | + respData := map[string]interface{}{ | ||
320 | + "refreshToken": refreshToken, | ||
321 | + "accessToken": accessToken, | ||
322 | + "expiresIn": domain.JWTExpiresSecond, | ||
323 | + } | ||
324 | + return respData, nil | ||
325 | +} | ||
326 | + | ||
327 | +func (srv *AuthService) RefreshToken(param *command.RefreshTokenCommand) (map[string]interface{}, error) { | ||
328 | + userAuth := domain.UserAuth{} | ||
329 | + _, err := userAuth.ParseAccessToken(param.RefreshToken) | ||
330 | + if err != nil { | ||
331 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "refresh_token 失效") | ||
332 | + } | ||
333 | + accessToken, err := userAuth.CreateAccessToken() | ||
334 | + if err != nil { | ||
335 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 accessToken 失败") | ||
336 | + } | ||
337 | + refreshToken, err := userAuth.CreateRefreshToken() | ||
338 | + if err != nil { | ||
339 | + return nil, application.ThrowError(application.INTERNAL_SERVER_ERROR, "生成 refreshToken 解析失败") | ||
340 | + } | ||
341 | + respData := map[string]interface{}{ | ||
342 | + "refreshToken": refreshToken, | ||
343 | + "accessToken": accessToken, | ||
344 | + "expiresIn": domain.JWTExpiresSecond, | ||
345 | + } | ||
346 | + return respData, nil | ||
347 | +} |
@@ -55,3 +55,13 @@ func (userAuth *UserAuth) ParseAccessToken(token string) (*UserAuth, error) { | @@ -55,3 +55,13 @@ func (userAuth *UserAuth) ParseAccessToken(token string) (*UserAuth, error) { | ||
55 | } | 55 | } |
56 | return user, errors.New("解析token失败") | 56 | return user, errors.New("解析token失败") |
57 | } | 57 | } |
58 | + | ||
59 | +func (userAuth *UserAuth) CreateRefreshToken() (string, error) { | ||
60 | + expiresAt := time.Now().Add(time.Duration(JWTExpiresSecond*2) * time.Second).Unix() | ||
61 | + userAuth.StandardClaims = jwt.StandardClaims{ | ||
62 | + ExpiresAt: expiresAt, | ||
63 | + Issuer: issuer, | ||
64 | + } | ||
65 | + token := jwt.NewWithClaims(jwt.SigningMethodHS256, userAuth) | ||
66 | + return token.SignedString([]byte(secretKey)) | ||
67 | +} |
@@ -40,3 +40,30 @@ func (controller *AuthController) MobileLogin() { | @@ -40,3 +40,30 @@ func (controller *AuthController) MobileLogin() { | ||
40 | resp, err := authService.MobileLogin(loginCommand) | 40 | resp, err := authService.MobileLogin(loginCommand) |
41 | controller.Response(resp, err) | 41 | controller.Response(resp, err) |
42 | } | 42 | } |
43 | + | ||
44 | +// Login 手机端登录 获取authCode | ||
45 | +func (controller *AuthController) Authorize() { | ||
46 | + authService := &service.AuthService{} | ||
47 | + loginCommand := &command.MobileLoginCommand{} | ||
48 | + _ = controller.Unmarshal(loginCommand) | ||
49 | + resp, err := authService.Authorize(loginCommand) | ||
50 | + controller.Response(resp, err) | ||
51 | +} | ||
52 | + | ||
53 | +// Login 获取token | ||
54 | +func (controller *AuthController) AccessToken() { | ||
55 | + authService := &service.AuthService{} | ||
56 | + loginCommand := &command.AccessTokenCommand{} | ||
57 | + _ = controller.Unmarshal(loginCommand) | ||
58 | + resp, err := authService.AccessToken(loginCommand) | ||
59 | + controller.Response(resp, err) | ||
60 | +} | ||
61 | + | ||
62 | +// Login 手机端 获取刷新token | ||
63 | +func (controller *AuthController) RefreshToken() { | ||
64 | + authService := &service.AuthService{} | ||
65 | + loginCommand := &command.RefreshTokenCommand{} | ||
66 | + _ = controller.Unmarshal(loginCommand) | ||
67 | + resp, err := authService.RefreshToken(loginCommand) | ||
68 | + controller.Response(resp, err) | ||
69 | +} |
@@ -10,12 +10,18 @@ func init() { | @@ -10,12 +10,18 @@ func init() { | ||
10 | web.Router("/login", &controllers.AuthController{}, "Post:Login") | 10 | web.Router("/login", &controllers.AuthController{}, "Post:Login") |
11 | //手机模块登录-旧 | 11 | //手机模块登录-旧 |
12 | web.Router("/login/mobile", &controllers.AuthController{}, "Post:MobileLogin") | 12 | web.Router("/login/mobile", &controllers.AuthController{}, "Post:MobileLogin") |
13 | - ////手机模块登录-新 | ||
14 | - web.Router("/v1/auth/authorize", &controllers.AuthController{}, "Post:MobileLogin") | ||
15 | - // | 13 | + |
16 | web.InsertFilter("/auth/admin/*", web.BeforeExec, middlewares.CheckAdminToken()) | 14 | web.InsertFilter("/auth/admin/*", web.BeforeExec, middlewares.CheckAdminToken()) |
17 | web.Router("/auth/admin/user", &controllers.AuthController{}, "Get:User") | 15 | web.Router("/auth/admin/user", &controllers.AuthController{}, "Get:User") |
18 | 16 | ||
19 | web.InsertFilter("/auth/font/*", web.BeforeExec, middlewares.CheckFontToken()) | 17 | web.InsertFilter("/auth/font/*", web.BeforeExec, middlewares.CheckFontToken()) |
20 | web.Router("/auth/font/user", &controllers.AuthController{}, "Get:User") | 18 | web.Router("/auth/font/user", &controllers.AuthController{}, "Get:User") |
19 | + | ||
20 | + { | ||
21 | + //手机模块登录-新 | ||
22 | + web.CtrlPost("/v1/auth/authorize", (*controllers.AuthController).Authorize) | ||
23 | + web.CtrlPost("/v1/auth/accessToken", (*controllers.AuthController).AccessToken) | ||
24 | + web.CtrlPost("/v1/auth/refreshToken", (*controllers.AuthController).RefreshToken) | ||
25 | + } | ||
26 | + | ||
21 | } | 27 | } |
-
请 注册 或 登录 后发表评论