Merge branch 'dev' of http://gitlab.fjmaimaimai.com/mmm-go/oppmg into dev

# Conflicts:
#	models/user_company.go
#	services/auth/auth.go

@@ -2,10 +2,10 @@
 
 
 | 功能           | 完成状态           | 时间            | 接口路径                          | 请求方式 |
 | 功能           | 完成状态           | 时间            | 接口路径                          | 请求方式 |
 | -------------- | ------------------ | --------------- | --------------------------------- | -------- |
 | -------------- | ------------------ | --------------- | --------------------------------- | -------- |
-| 登录获取 token | 进行中             |                 | /auth/login                       | post     |
+| 登录获取 token | 完成               | 2018/12/11      | /auth/login                       | post     |
 | 短信验证码     | 未开始             |                 |                                   |
 | 短信验证码     | 未开始             |                 |                                   |
-| 刷新 token     | 未开始             |                 | /v1/auth/refresh_token            | post     |
-| 切换公司       | 未开始             |                 | /v1/auth/change_company           |
+| 刷新 token     | 完成               | 2018/12/11      | /v1/auth/refresh_token            | get      |
+| 切换公司       | 完成               | 2018/12/11      | /v1/auth/change_company           | post     |
 | 获取角色列表   | 完成               |                 | /v1/rbac/:companyid/role          | get      |
 | 获取角色列表   | 完成               |                 | /v1/rbac/:companyid/role          | get      |
 | 添加角色       | 完成               | 2019.11.26      | /v1/rbac/role                     | post     |
 | 添加角色       | 完成               | 2019.11.26      | /v1/rbac/role                     | post     |
 | 编辑角色       | 完成               | 2019.11.26      | /v1/rbac/role                     | put      |
 | 编辑角色       | 完成               | 2019.11.26      | /v1/rbac/role                     | put      |

@@ -27,9 +27,9 @@ log_level = "${LOG_LEVEL||error}"
 
 
 ##统一用户中心相关配置
 ##统一用户中心相关配置
 ucenter_check_alt = "rsF0pL!6DwjBO735"
 ucenter_check_alt = "rsF0pL!6DwjBO735"
-ucenter_base_url = "suplus-ucenter-dev.fjmaimaimai.com"
-ucenter_secret = "12412213"
-ucenter_app_key = "111222"
+ucenter_base_url = "http://suplus-ucenter-dev.fjmaimaimai.com"
+ucenter_app_key = "39aefef9e22744a3b2d2d3791824ae7b"
+ucenter_secret = "39aefef9e22744a3b2d2d3791824ae7b"
 # 审批流程修改 消息发布
 # 审批流程修改 消息发布
 message_publish = "audit_change"
 message_publish = "audit_change"
 #---自定义配置 结束----
 #---自定义配置 结束----

@@ -20,14 +20,19 @@ func (c *AuthController) URLMapping() {
 // RefreshToken ....
 // RefreshToken ....
 // @router /refresh_token [get]
 // @router /refresh_token [get]
 func (c *AuthController) RefreshToken() {
 func (c *AuthController) RefreshToken() {
-	log.Debug("运行cotrollers")
 	var msg *protocol.ResponseMessage
 	var msg *protocol.ResponseMessage
 	defer func() {
 	defer func() {
 		c.ResposeJson(msg)
 		c.ResposeJson(msg)
 	}()
 	}()
-
-	// data, commErr := auth.GetAccessToken(param)
-	// msg = protocol.NewReturnResponse(data, commErr)
+	companyid := c.GetCompanyId()
+	userid := c.GetUserId()
+	logintoken, err := serveauth.ChangeLoginToken(userid, companyid)
+	if err != nil {
+		msg = protocol.NewReturnResponse(nil, err)
+		return
+	}
+	err = serveauth.ResetLoginTokenRedis(logintoken)
+	msg = protocol.NewReturnResponse(logintoken, err)
 	return
 	return
 }
 }
 
 
@@ -49,12 +54,18 @@ func (c *AuthController) Login() {
 		msg = protocol.BadRequestParam("10021")
 		msg = protocol.BadRequestParam("10021")
 		return
 		return
 	}
 	}
-	logintoken, err := serveauth.LoginAuthByPassword(param.Account, param.Password)
+	// logintoken, err := serveauth.LoginAuthByPassword(param.Account, param.Password)
+	// if err != nil {
+	// 	msg = protocol.NewReturnResponse(nil, err)
+	// 	return
+	// }
+	// err = serveauth.ResetLoginToken(logintoken)
+	logintoken, err := serveauth.LoginAuthByUCenter(param.Account, param.Password)
 	if err != nil {
 	if err != nil {
 		msg = protocol.NewReturnResponse(nil, err)
 		msg = protocol.NewReturnResponse(nil, err)
 		return
 		return
 	}
 	}
-	err = serveauth.ResetLoginToken(logintoken)
+	err = serveauth.ResetLoginTokenRedis(logintoken)
 	msg = protocol.NewReturnResponse(logintoken, err)
 	msg = protocol.NewReturnResponse(logintoken, err)
 	return
 	return
 }
 }
@@ -78,13 +89,12 @@ func (c *AuthController) ChangeCompany() {
 		msg = protocol.BadRequestParam("1")
 		msg = protocol.BadRequestParam("1")
 		return
 		return
 	}
 	}
-
 	logintoken, err := serveauth.ChangeLoginToken(userid, param.CompanyId)
 	logintoken, err := serveauth.ChangeLoginToken(userid, param.CompanyId)
 	if err != nil {
 	if err != nil {
 		msg = protocol.NewReturnResponse(nil, err)
 		msg = protocol.NewReturnResponse(nil, err)
 		return
 		return
 	}
 	}
-	err = redisdata.SetLoginToken(logintoken, userid)
+	err = redisdata.SetLoginToken(logintoken, userid, param.CompanyId)
 	if err != nil {
 	if err != nil {
 		log.Error("redisdata.SetLoginToken err:%s", err)
 		log.Error("redisdata.SetLoginToken err:%s", err)
 	}
 	}

@@ -86,6 +86,7 @@ func (c *RbacController) RoleDelete() {
 	}
 	}
 
 
 	err := serverbac.RoleDelete(param)
 	err := serverbac.RoleDelete(param)
+
 	msg = protocol.NewReturnResponse(nil, err)
 	msg = protocol.NewReturnResponse(nil, err)
 	return
 	return
 }
 }
@@ -158,6 +159,7 @@ func (c *RbacController) RoleGroupDelete() {
 		msg = protocol.BadRequestParam("1")
 		msg = protocol.BadRequestParam("1")
 		return
 		return
 	}
 	}
+
 	err := serverbac.RoleGroupDelete(param)
 	err := serverbac.RoleGroupDelete(param)
 	msg = protocol.NewReturnResponse(nil, err)
 	msg = protocol.NewReturnResponse(nil, err)
 	return
 	return

@@ -6,7 +6,6 @@ import (
 
 
 	"oppmg/common/config"
 	"oppmg/common/config"
 	"oppmg/common/log"
 	"oppmg/common/log"
-	"oppmg/middleware"
 
 
 	"github.com/astaxie/beego"
 	"github.com/astaxie/beego"
 	"github.com/astaxie/beego/orm"
 	"github.com/astaxie/beego/orm"
@@ -22,7 +21,6 @@ func main() {
 	// 	beego.BConfig.WebConfig.DirectoryIndex = true
 	// 	beego.BConfig.WebConfig.DirectoryIndex = true
 	// 	beego.BConfig.WebConfig.StaticDir["/swagger"] = "swagger"
 	// 	beego.BConfig.WebConfig.StaticDir["/swagger"] = "swagger"
 	// }
 	// }
-	beego.InsertFilter("*", beego.BeforeExec, middleware.LogRouter)
 	log.Debug("应用启动")
 	log.Debug("应用启动")
 	beego.Run()
 	beego.Run()
 }
 }

@@ -15,10 +15,14 @@ import (
 //LogRequestData Before Router
 //LogRequestData Before Router
 var LogRequestData = func(ctx *context.Context) {
 var LogRequestData = func(ctx *context.Context) {
 	log.Info("====>Recv Request:%s", ctx.Input.URI())
 	log.Info("====>Recv Request:%s", ctx.Input.URI())
+	hmap := map[string]string{
+		protocol.HeaderAccessToken:  ctx.Input.Header(protocol.HeaderAccessToken),
+		protocol.HeaderRefreshToken: ctx.Input.Header(protocol.HeaderRefreshToken),
+	}
 	if ctx.Input.RequestBody != nil {
 	if ctx.Input.RequestBody != nil {
-		log.Info("====>Recv data from client:\nHeadData: %s \nBodyData: %s", ctx.Request.Header, string(ctx.Input.RequestBody))
+		log.Info("====>Recv data from client:\nHeadData: %v \nBodyData: %s", hmap, string(ctx.Input.RequestBody))
 	} else {
 	} else {
-		log.Info("====>Recv data from client:\nHeadData: %s ", ctx.Request.Header)
+		log.Info("====>Recv data from client:\nHeadData: %v ", hmap)
 	}
 	}
 }
 }
 
 
@@ -50,7 +54,7 @@ var LogRequestData = func(ctx *context.Context) {
 var AuthToken = func(ctx *context.Context) {
 var AuthToken = func(ctx *context.Context) {
 	log.Debug("执行中间件AuthToken")
 	log.Debug("执行中间件AuthToken")
 	var (
 	var (
-		storetoken protocol.LoginAuthToken
+		storetoken redisdata.RedisLoginToken
 		msg        *protocol.ResponseMessage
 		msg        *protocol.ResponseMessage
 		err        error
 		err        error
 		mtoken     *serveauth.MyToken
 		mtoken     *serveauth.MyToken
@@ -61,7 +65,7 @@ var AuthToken = func(ctx *context.Context) {
 	if err == nil {
 	if err == nil {
 		storetoken, err = redisdata.GetLoginToken(mtoken.UID)
 		storetoken, err = redisdata.GetLoginToken(mtoken.UID)
 		if err != nil {
 		if err != nil {
-			log.Error("err:%s", err)
+			log.Error("redisdata.GetLoginToken err:%s", err)
 			msg = protocol.NewMesage("10024")
 			msg = protocol.NewMesage("10024")
 			ctx.Output.JSON(msg, false, false)
 			ctx.Output.JSON(msg, false, false)
 			return
 			return
@@ -110,3 +114,5 @@ var LogRouter = func(ctx *context.Context) {
 	fmt.Println("====>r:", p)
 	fmt.Println("====>r:", p)
 	return
 	return
 }
 }
+
+//登录失效

@@ -10,7 +10,7 @@ import (
 type Company struct {
 type Company struct {
 	Id       int64     `orm:"column(id);auto"`
 	Id       int64     `orm:"column(id);auto"`
 	Name     string    `orm:"column(name);size(40)"`
 	Name     string    `orm:"column(name);size(40)"`
-	UserId   int64     `orm:"column(user_id)"`
+	Admin_id int64     `orm:"column(admin_id)"`
 	CreateAt time.Time `orm:"column(create_at);type(timestamp);auto_now"`
 	CreateAt time.Time `orm:"column(create_at);type(timestamp);auto_now"`
 	UpdateAt time.Time `orm:"column(update_at);type(timestamp)"`
 	UpdateAt time.Time `orm:"column(update_at);type(timestamp)"`
 	DeleteAt time.Time `orm:"column(delete_at);type(timestamp)"`
 	DeleteAt time.Time `orm:"column(delete_at);type(timestamp)"`

 package models
 package models
 
 
 import (
 import (
+	"errors"
 	"fmt"
 	"fmt"
 	"time"
 	"time"
 
 
@@ -92,6 +93,9 @@ func GetUserByPhone(phone string) (v *User, err error) {
 	if err = o.Read(v, "Phone"); err == nil {
 	if err = o.Read(v, "Phone"); err == nil {
 		return v, nil
 		return v, nil
 	}
 	}
+	if v.DeleteAt.Unix() > 0 {
+		return nil, errors.New("user is deleted")
+	}
 	return nil, err
 	return nil, err
 }
 }
 
 

@@ -67,7 +67,7 @@ func UpdateUserAuthById(m *UserAuth, col []string) (err error) {
 	// ascertain id exists in the database
 	// ascertain id exists in the database
 	var num int64
 	var num int64
 	if num, err = o.Update(m, col...); err == nil {
 	if num, err = o.Update(m, col...); err == nil {
-		log.Info("Number of records updated in database:", num)
+		log.Info("Number of records updated in database:%d", num)
 	}
 	}
 	return
 	return
 }
 }

@@ -2,6 +2,7 @@ package models
 
 
 import (
 import (
 	"fmt"
 	"fmt"
+	"oppmg/common/log"
 	"time"
 	"time"
 
 
 	"github.com/astaxie/beego/orm"
 	"github.com/astaxie/beego/orm"
@@ -40,6 +41,7 @@ func (t *UserCompany) IsEnable() bool {
 }
 }
 
 
 func (t *UserCompany) IsDelete() bool {
 func (t *UserCompany) IsDelete() bool {
+	log.Debug("deleteTime:%d", t.DeleteAt.Unix())
 	if t.DeleteAt.Unix() > 0 {
 	if t.DeleteAt.Unix() > 0 {
 		return true
 		return true
 	}
 	}
@@ -85,8 +87,11 @@ func GetUserCompanyBy(userid int64, companyId int64) (*UserCompany, error) {
 	}
 	}
 	return v, nil
 	return v, nil
 }
 }
+<<<<<<< HEAD
 
 
 func GetUserCompanyByUser(userid int64) ([]UserCompany, error) {
 func GetUserCompanyByUser(userid int64) ([]UserCompany, error) {
 	//datasql := ``
 	//datasql := ``
 	return nil, nil
 	return nil, nil
 }
 }
+=======
+>>>>>>> 626a6b6d8e73bd83579be13a797ab6c1fce8d3d8

@@ -12,6 +12,7 @@ func init() {
 	nsV1 := beego.NewNamespace("v1",
 	nsV1 := beego.NewNamespace("v1",
 		beego.NSBefore(middleware.AllowOption),
 		beego.NSBefore(middleware.AllowOption),
 		beego.NSBefore(middleware.LogRequestData),
 		beego.NSBefore(middleware.LogRequestData),
+		beego.NSBefore(middleware.AuthToken),
 		beego.NSNamespace("/company",
 		beego.NSNamespace("/company",
 			beego.NSRouter("/:companyid([0-9]+)/department", &controllers.CompanyController{}, "get:DepartmentList"),
 			beego.NSRouter("/:companyid([0-9]+)/department", &controllers.CompanyController{}, "get:DepartmentList"),
 			beego.NSRouter("/department/:id([0-9]+)", &controllers.CompanyController{}, "get:DepartmentOne"),
 			beego.NSRouter("/department/:id([0-9]+)", &controllers.CompanyController{}, "get:DepartmentOne"),
@@ -34,7 +35,7 @@ func init() {
 		),
 		),
 		beego.NSNamespace("/auth",
 		beego.NSNamespace("/auth",
 			beego.NSRouter("/change_company", &controllers.AuthController{}, "post:ChangeCompany"),
 			beego.NSRouter("/change_company", &controllers.AuthController{}, "post:ChangeCompany"),
-			beego.NSRouter("/refresh_token", &controllers.AuthController{}, "post:RefreshToken"),
+			beego.NSRouter("/refresh_token", &controllers.AuthController{}, "get:RefreshToken"),
 		),
 		),
 		beego.NSNamespace("/bulletin",
 		beego.NSNamespace("/bulletin",
 			beego.NSRouter("/release", &controllers.BulletinController{}, "post:BulletinRelease"),
 			beego.NSRouter("/release", &controllers.BulletinController{}, "post:BulletinRelease"),

@@ -12,6 +12,7 @@ import (
 	"oppmg/protocol"
 	"oppmg/protocol"
 	"oppmg/services/ucenter"
 	"oppmg/services/ucenter"
 	"oppmg/storage/redisdata"
 	"oppmg/storage/redisdata"
+	"oppmg/utils"
 	"strings"
 	"strings"
 	"time"
 	"time"
 
 
@@ -41,6 +42,7 @@ func validatePassword(from, to string) bool {
 }
 }
 
 
 //LoginAuth 登录认证
 //LoginAuth 登录认证
+//TODO 登录校验逻辑修改
 func LoginAuthByPassword(account, password string) (protocol.LoginAuthToken, error) {
 func LoginAuthByPassword(account, password string) (protocol.LoginAuthToken, error) {
 	var (
 	var (
 		user       *models.User
 		user       *models.User
@@ -139,7 +141,7 @@ func ResetLoginToken(loginToken protocol.LoginAuthToken) error {
 	return nil
 	return nil
 }
 }
 
 
-// token 存redis
+//ResetLoginTokenRedis token存redis
 func ResetLoginTokenRedis(loginToken protocol.LoginAuthToken) error {
 func ResetLoginTokenRedis(loginToken protocol.LoginAuthToken) error {
 	var (
 	var (
 		mtoken *MyToken
 		mtoken *MyToken
@@ -150,7 +152,7 @@ func ResetLoginTokenRedis(loginToken protocol.LoginAuthToken) error {
 		log.Error("jwt err:%s", err)
 		log.Error("jwt err:%s", err)
 		return protocol.NewErrWithMessage("1")
 		return protocol.NewErrWithMessage("1")
 	}
 	}
-	err = redisdata.SetLoginToken(loginToken, mtoken.UID)
+	err = redisdata.SetLoginToken(loginToken, mtoken.UID, mtoken.CompanyID)
 	if err != nil {
 	if err != nil {
 		log.Error(" redisdata.SetLoginToken err:%s", err)
 		log.Error(" redisdata.SetLoginToken err:%s", err)
 	}
 	}
@@ -168,14 +170,14 @@ func ChangeLoginToken(userid, companyid int64) (protocol.LoginAuthToken, error)
 
 
 	usercompany, err = models.GetUserCompanyBy(userid, companyid)
 	usercompany, err = models.GetUserCompanyBy(userid, companyid)
 	if err != nil {
 	if err != nil {
-		log.Error("GetUserCompanyBy(userid, companyid) err:%s", err)
+		log.Error("GetUserCompanyBy(userid, companyid)[%d,%d] err:%s", userid, companyid, err)
 		return logintoken, protocol.NewErrWithMessage("1")
 		return logintoken, protocol.NewErrWithMessage("1")
 	}
 	}
 	if ok := usercompany.IsEnable(); !ok {
 	if ok := usercompany.IsEnable(); !ok {
 		log.Debug("公司禁用此用户")
 		log.Debug("公司禁用此用户")
 		return logintoken, protocol.NewErrWithMessage("10027")
 		return logintoken, protocol.NewErrWithMessage("10027")
 	}
 	}
-	if ok := usercompany.IsDelete(); !ok {
+	if ok := usercompany.IsDelete(); ok {
 		log.Debug("公司删除此用户")
 		log.Debug("公司删除此用户")
 		return logintoken, protocol.NewErrWithMessage("10027")
 		return logintoken, protocol.NewErrWithMessage("10027")
 	}
 	}
@@ -201,7 +203,7 @@ func RefreshLoginToken(refreshtoken string) (protocol.LoginAuthToken, error) {
 		logintoken protocol.LoginAuthToken
 		logintoken protocol.LoginAuthToken
 		mtoken     *MyToken
 		mtoken     *MyToken
 		err        error
 		err        error
-		storetoken protocol.LoginAuthToken
+		storetoken redisdata.RedisLoginToken
 	)
 	)
 	mtoken, err = ValidJWTToken(refreshtoken)
 	mtoken, err = ValidJWTToken(refreshtoken)
 	if err != nil {
 	if err != nil {
@@ -217,7 +219,6 @@ func RefreshLoginToken(refreshtoken string) (protocol.LoginAuthToken, error) {
 		return logintoken, protocol.NewErrWithMessage("10024")
 		return logintoken, protocol.NewErrWithMessage("10024")
 	}
 	}
 	logintoken, _ = GenerateAuthToken(mtoken.UID, mtoken.CompanyID)
 	logintoken, _ = GenerateAuthToken(mtoken.UID, mtoken.CompanyID)
-	ResetLoginTokenRedis(logintoken)
 	return logintoken, nil
 	return logintoken, nil
 }
 }
 
 
@@ -226,14 +227,33 @@ func LoginAuthByUCenter(account, password string) (protocol.LoginAuthToken, erro
 		err           error
 		err           error
 		logintoken    protocol.LoginAuthToken
 		logintoken    protocol.LoginAuthToken
 		uclientReturn ucenter.ResponseLogin
 		uclientReturn ucenter.ResponseLogin
+		companyids    []int64
+		companyid     int64
+		userdata      *models.User
 	)
 	)
+<<<<<<< HEAD
 
 
 	_, err = models.GetUserByPhone(account)
 	_, err = models.GetUserByPhone(account)
+=======
+	userdata, err = models.GetUserByPhone(account)
+>>>>>>> 626a6b6d8e73bd83579be13a797ab6c1fce8d3d8
 	if err != nil {
 	if err != nil {
 		log.Debug("GetUserByPhone(%s) err:%s", account, err)
 		log.Debug("GetUserByPhone(%s) err:%s", account, err)
 		return logintoken, protocol.NewErrWithMessage("10021")
 		return logintoken, protocol.NewErrWithMessage("10021")
 	}
 	}
-
+	if ok := userdata.IsEnable(); !ok {
+		log.Debug("userdata.IsEnable()==false")
+		return logintoken, protocol.NewErrWithMessage("10021")
+	}
+	if companyids, err = getUserCompanyReal(userdata.Id); err != nil {
+		log.Error("getUserCompanyReal err:%s", err)
+		return logintoken, protocol.NewErrWithMessage("10021")
+	}
+	if len(companyids) == 0 {
+		log.Debug("no company")
+		return logintoken, protocol.NewErrWithMessage("10021")
+	}
+	companyid = companyids[0]
 	param := ucenter.RequesLogin{
 	param := ucenter.RequesLogin{
 		Phone:    account,
 		Phone:    account,
 		Password: password,
 		Password: password,
@@ -253,6 +273,34 @@ func LoginAuthByUCenter(account, password string) (protocol.LoginAuthToken, erro
 		uclientReturn.Msg == ucenter.ResponseMsgOk) {
 		uclientReturn.Msg == ucenter.ResponseMsgOk) {
 		return logintoken, protocol.NewErrWithMessage("10021")
 		return logintoken, protocol.NewErrWithMessage("10021")
 	}
 	}
-
+	logintoken, _ = GenerateAuthToken(userdata.Id, companyid)
 	return logintoken, err
 	return logintoken, err
 }
 }
+
+//getUserCompanyReal 获取用户有效的公司id
+func getUserCompanyReal(userid int64) (companyids []int64, err error) {
+	const (
+		datasql0 string = `SELECT b.company_id FROM user_company AS b 
+				WHERE b.delete_at=0 AND b.enable = 1 AND b.user_id=?`
+		datasql2 string = `SELECT b.id FROM company AS b 
+				WHERE b.delete_at=0 AND b.enable = 1 AND b.id in (%s) `
+	)
+	var (
+		ids []string
+	)
+	err = utils.ExecuteQueryAll(&ids, datasql0, userid)
+	if err != nil {
+		log.Error("EXECUTE SQL err:%s", err)
+		return nil, err
+	}
+	if len(ids) == 0 {
+		return nil, nil
+	}
+	datasql3 := fmt.Sprintf(datasql2, strings.Join(ids, ","))
+	err = utils.ExecuteQueryAll(&companyids, datasql3)
+	if err != nil {
+		log.Error("EXECUTE SQL err:%s", err)
+		return nil, err
+	}
+	return companyids, nil
+}

@@ -74,11 +74,11 @@ func GenerateAuthToken(uid int64, companyid int64) (protocol.LoginAuthToken, err
 		err            error
 		err            error
 		nowtime        = time.Now()
 		nowtime        = time.Now()
 	)
 	)
-	accesstoken, err = CreateJWTToken(uid, companyid, expiresIn+2)
+	accesstoken, err = CreateJWTToken(uid, companyid, nowtime.Unix()+expiresIn+2)
 	if err != nil {
 	if err != nil {
 		return authToken, err
 		return authToken, err
 	}
 	}
-	refreshtoken, err = CreateJWTToken(uid, companyid, refreshExpires+2)
+	refreshtoken, err = CreateJWTToken(uid, companyid, nowtime.Unix()+refreshExpires+2)
 	if err != nil {
 	if err != nil {
 		return authToken, err
 		return authToken, err
 	}
 	}

@@ -33,7 +33,7 @@ func DepartmentAdd(param protocol.RequestDepartmentAdd) error {
 	for _, v := range param.Managers {
 	for _, v := range param.Managers {
 		_, err = models.GetUserCompanyBy(v, param.CompanyID)
 		_, err = models.GetUserCompanyBy(v, param.CompanyID)
 		if err != nil {
 		if err != nil {
-			e := fmt.Errorf("GetUserCompanyBy(%d, %d)", v, param.CompanyID)
+			e := fmt.Errorf("GetUserCompanyBy(userid,companyid)[%d, %d] err:%s", v, param.CompanyID, err)
 			log.Error(e.Error())
 			log.Error(e.Error())
 			return protocol.NewErrWithMessage("1", e)
 			return protocol.NewErrWithMessage("1", e)
 		}
 		}
@@ -101,7 +101,7 @@ func DepartmentEdit(param protocol.RequestDepartmentEdit) error {
 	for i := range diffmanage {
 	for i := range diffmanage {
 		_, err = models.GetUserCompanyBy(diffmanage[i], param.CompanyID)
 		_, err = models.GetUserCompanyBy(diffmanage[i], param.CompanyID)
 		if err != nil {
 		if err != nil {
-			e := fmt.Errorf("GetUserCompanyBy(%d,%d) err:%s", diffmanage[i], param.CompanyID, err)
+			e := fmt.Errorf("GetUserCompanyBy(userid,companyid)[%d,%d] err:%s", diffmanage[i], param.CompanyID, err)
 			log.Error(e.Error())
 			log.Error(e.Error())
 			return protocol.NewErrWithMessage("1", e)
 			return protocol.NewErrWithMessage("1", e)
 		}
 		}

@@ -64,6 +64,7 @@ func (client UCenterClient) httpDo(path string, mathod string, posts []byte) ([]
 	}
 	}
 	req.Header = client.buildHeader()
 	req.Header = client.buildHeader()
 	resp, err := httpclient.Do(req)
 	resp, err := httpclient.Do(req)
+	log.Info("====>Send To UCenter:%s", string(posts))
 	if err != nil {
 	if err != nil {
 		return nil, err
 		return nil, err
 	}
 	}
@@ -72,7 +73,7 @@ func (client UCenterClient) httpDo(path string, mathod string, posts []byte) ([]
 	if err != nil {
 	if err != nil {
 		return nil, err
 		return nil, err
 	}
 	}
-	log.Info("====>Send To UCenter:%s", string(posts))
+
 	log.Info("<====UCenter Return:%s", string(body))
 	log.Info("<====UCenter Return:%s", string(body))
 	return body, nil
 	return body, nil
 }
 }

 package redisdata
 package redisdata
 
 
 const (
 const (
-	KEY_PREFIX     string = "oppmg_"
-	KEY_USER_TOKEN string = "token"
+	KEY_PREFIX     string = "oppmg_" //统一前缀
+	KEY_USER_TOKEN string = "token"  //登录token存储
 )
 )
+
+type RedisLoginToken struct {
+	AccessToken    string `json:"access_token"`
+	RefreshToken   string `json:"refresh_token"`
+	CurrentCompany int64  `json:"current_company"`
+	IsOk           bool   `json:"-"`
+}

@@ -2,15 +2,15 @@ package redisdata
 
 
 import (
 import (
 	"encoding/json"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"fmt"
 	"oppmg/common/log"
 	"oppmg/common/log"
 	"oppmg/common/redis"
 	"oppmg/common/redis"
 	"oppmg/protocol"
 	"oppmg/protocol"
+	"strings"
 	"time"
 	"time"
 )
 )
 
 
-func SetLoginToken(param protocol.LoginAuthToken, userid int64) error {
+func SetLoginToken(param protocol.LoginAuthToken, userid int64, companyid int64) error {
 	client := redis.GetRedis()
 	client := redis.GetRedis()
 	var (
 	var (
 		key     string
 		key     string
@@ -19,26 +19,33 @@ func SetLoginToken(param protocol.LoginAuthToken, userid int64) error {
 		exp     int64
 		exp     int64
 		nowTime = time.Now().Unix()
 		nowTime = time.Now().Unix()
 	)
 	)
+	data := RedisLoginToken{
+		AccessToken:    param.AccessToken,
+		RefreshToken:   param.RefreshToken,
+		CurrentCompany: companyid,
+		IsOk:           true,
+	}
+	value, _ = json.Marshal(data)
 	exp = param.RefreshExpires - nowTime
 	exp = param.RefreshExpires - nowTime
 	key = fmt.Sprintf("%s%s:%d", KEY_PREFIX, KEY_USER_TOKEN, userid)
 	key = fmt.Sprintf("%s%s:%d", KEY_PREFIX, KEY_USER_TOKEN, userid)
-	value, _ = json.Marshal(param)
 	err = client.Set(key, string(value), time.Duration(exp)*time.Second).Err()
 	err = client.Set(key, string(value), time.Duration(exp)*time.Second).Err()
 	return err
 	return err
 }
 }
 
 
-func GetLoginToken(userid int64) (protocol.LoginAuthToken, error) {
+func GetLoginToken(userid int64) (RedisLoginToken, error) {
 	client := redis.GetRedis()
 	client := redis.GetRedis()
 	var (
 	var (
 		key    string
 		key    string
 		value  string
 		value  string
 		err    error
 		err    error
-		result protocol.LoginAuthToken
+		result RedisLoginToken
 	)
 	)
 	key = fmt.Sprintf("%s%s:%d", KEY_PREFIX, KEY_USER_TOKEN, userid)
 	key = fmt.Sprintf("%s%s:%d", KEY_PREFIX, KEY_USER_TOKEN, userid)
-	value = client.Get(key).String()
-	if len(value) == 0 {
-		return result, errors.New("Token not found")
+	value, err = client.Get(key).Result()
+	if err != nil {
+		return result, err
 	}
 	}
+	value = strings.TrimSpace(value)
 	err = json.Unmarshal([]byte(value), &result)
 	err = json.Unmarshal([]byte(value), &result)
 	if err != nil {
 	if err != nil {
 		log.Error("Unmarshal redis value:%s err:%s", value, err)
 		log.Error("Unmarshal redis value:%s err:%s", value, err)

@@ -22,7 +22,7 @@ func PrintLogSql(sql string, param ...interface{}) {
 
 
 //ExecuteQueryOne 执行原生sql查询单条记录;结果用结构体接收
 //ExecuteQueryOne 执行原生sql查询单条记录;结果用结构体接收
 func ExecuteQueryOne(result interface{}, sqlstr string, param ...interface{}) error {
 func ExecuteQueryOne(result interface{}, sqlstr string, param ...interface{}) error {
-	PrintLogSql(sqlstr, param...)
+
 	var err error
 	var err error
 	o := orm.NewOrm()
 	o := orm.NewOrm()
 	err = ExecuteQueryOneWithOrmer(o, result, sqlstr, param)
 	err = ExecuteQueryOneWithOrmer(o, result, sqlstr, param)
@@ -42,7 +42,7 @@ func ExecuteQueryOneWithOrmer(o orm.Ormer, result interface{}, sqlstr string, pa
 
 
 //ExecuteQuerySql 执行原生sql查询多条记录
 //ExecuteQuerySql 执行原生sql查询多条记录
 func ExecuteQueryAll(result interface{}, sqlstr string, param ...interface{}) error {
 func ExecuteQueryAll(result interface{}, sqlstr string, param ...interface{}) error {
-	PrintLogSql(sqlstr, param...)
+
 	var err error
 	var err error
 	o := orm.NewOrm()
 	o := orm.NewOrm()
 	err = ExecuteQueryAllWithOrmer(o, result, sqlstr, param)
 	err = ExecuteQueryAllWithOrmer(o, result, sqlstr, param)

+# 机会导向管理后台接口
+
+## 全局统一设定
+
+### 请求头指定要求的字段
+
+| 字段               | 说明                         |
+| ------------------ | ---------------------------- |
+| x-mmm-accesstoken  | 发起请求时使用时校验用 token |
+| x-mmm-refreshtoken | 刷新 token 时使用的 token    |
+
+- 备注 :token 使用 jwt 进行处理.其中包含有 user_id、company_id 的数据，登录时获取
+
+---
+
+### 通用响应结构
+
+```json
+{
+  "code": "错误码字符串",
+  "msg": "错误描述字符串",
+  "data": {
+    "xxx": "any"
+  }
+}
+```
+
+- 备注：data 中的内容根据各接口实际情况确定
+
+---
+
+## 认证相关
+
+### 登录
+
+- 请求路径 ：/auth/login
+- 请求方式 ：POST
+- 请求 json：
+
+```json
+{
+  "account": "账号",
+  "password": "密码"
+}
+```
+
+- 响应 json
+
+```json
+{
+  "code": "00000",
+  "msg": "成功",
+  "data": {
+    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NzYwNTM2OTAsImlhdCI6MTU3NjA1MTg4OCwiaXNzIjoibW1tX29wcG1nIiwibmJmIjoxNTc2MDUxODg4LCJ1aWQiOjEwLCJjb21wYW55X2lkIjoyfQ.R056B306_vO4UKfMRalncFULE5Z0phN4WOhS9PMwydc",
+    "expires_in": 1576053688,
+    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NzYwNTU0OTAsImlhdCI6MTU3NjA1MTg4OCwiaXNzIjoibW1tX29wcG1nIiwibmJmIjoxNTc2MDUxODg4LCJ1aWQiOjEwLCJjb21wYW55X2lkIjoyfQ.OY54QdDwAq2B1NPnAmHkSxy_KvhktmZA2boSlcSSfoU",
+    "refresh_expires": 1576055488
+  }
+}
+```
+
+- 备注：该请求无需指定请求头
+
+---
+
+### 刷新 token
+
+- 请求路径 ：/v1/auth/refresh_token
+- 请求方式 ：get
+- 请求 json：
+
+```json
+
+```
+
+- 响应 json
+
+```json
+{
+  "code": "00000",
+  "msg": "成功",
+  "data": {
+    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NzYwNTM2OTAsImlhdCI6MTU3NjA1MTg4OCwiaXNzIjoibW1tX29wcG1nIiwibmJmIjoxNTc2MDUxODg4LCJ1aWQiOjEwLCJjb21wYW55X2lkIjoyfQ.R056B306_vO4UKfMRalncFULE5Z0phN4WOhS9PMwydc",
+    "expires_in": 1576053688,
+    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NzYwNTU0OTAsImlhdCI6MTU3NjA1MTg4OCwiaXNzIjoibW1tX29wcG1nIiwibmJmIjoxNTc2MDUxODg4LCJ1aWQiOjEwLCJjb21wYW55X2lkIjoyfQ.OY54QdDwAq2B1NPnAmHkSxy_KvhktmZA2boSlcSSfoU",
+    "refresh_expires": 1576055488
+  }
+}
+```
+
+- 备注：无
+
+---
+
+### 切换公司
+
+- 请求路径 ：/v1/auth/change_company
+- 请求方式 ：post
+- 请求 json：
+
+```json
+{
+  "company_id": 2
+}
+```
+
+- 响应 json
+
+```json
+{
+  "code": "00000",
+  "msg": "成功",
+  "data": {
+    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NzYwNTM2OTAsImlhdCI6MTU3NjA1MTg4OCwiaXNzIjoibW1tX29wcG1nIiwibmJmIjoxNTc2MDUxODg4LCJ1aWQiOjEwLCJjb21wYW55X2lkIjoyfQ.R056B306_vO4UKfMRalncFULE5Z0phN4WOhS9PMwydc",
+    "expires_in": 1576053688,
+    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NzYwNTU0OTAsImlhdCI6MTU3NjA1MTg4OCwiaXNzIjoibW1tX29wcG1nIiwibmJmIjoxNTc2MDUxODg4LCJ1aWQiOjEwLCJjb21wYW55X2lkIjoyfQ.OY54QdDwAq2B1NPnAmHkSxy_KvhktmZA2boSlcSSfoU",
+    "refresh_expires": 1576055488
+  }
+}
+```
+
+- 备注：切换公司实际是变更 token 信息
+
+---