mmm-go / partner · 提交

转到一个项目

作者 yangfu
提交 83579f54ea36cd9ce577964c1bd8285c539f17e4 2 个父辈 7140940c 9a041d26

Merge remote-tracking branch 'origin/test'

内嵌 并排对比
正在显示 5 个修改的文件 包含 122 行增加4 行删除
@@ -284,6 +284,9 @@ func UCenterRevoke(header *protocol.RequestHeader, userId int64) (rsp *protocol. @@ -284,6 +284,9 @@ func UCenterRevoke(header *protocol.RequestHeader, userId int64) (rsp *protocol.
284 err = nil 284 err = nil
285 return 285 return
286 } 286 }
  287 + //注销凭证
  288 + userAuth.NewRedisUserCredential(user.Phone).RemoveAuth()
  289 + //注销token
287 id, _ := strconv.Atoi(user.Phone) 290 id, _ := strconv.Atoi(user.Phone)
288 auth := userAuth.NewRedisUserAuth(userAuth.WithUserId(int64(id))) 291 auth := userAuth.NewRedisUserAuth(userAuth.WithUserId(int64(id)))
289 if !auth.Exist() { 292 if !auth.Exist() {
@@ -339,6 +342,12 @@ func CenterCompanys(header *protocol.RequestHeader, request *protocolx.CenterCom @@ -339,6 +342,12 @@ func CenterCompanys(header *protocol.RequestHeader, request *protocolx.CenterCom
339 } 342 }
340 break 343 break
341 case protocol.LoginByCredentials: 344 case protocol.LoginByCredentials:
  345 + //凭证是否存在
  346 + if credential, e := userAuth.NewRedisUserCredential(request.Phone).GetAuth(); e != nil || !strings.EqualFold(credential, request.Credentials) {
  347 + log.Debug("凭证过期或者已失效:", request.Phone)
  348 + err = protocol.NewErrWithMessage(4140, err)
  349 + return
  350 + }
342 if _, err = utils.ParseJWTToken(request.Credentials); err != nil { 351 if _, err = utils.ParseJWTToken(request.Credentials); err != nil {
343 err = protocol.NewErrWithMessage(4140, err) 352 err = protocol.NewErrWithMessage(4140, err)
344 return 353 return
@@ -375,6 +384,9 @@ func CenterCompanys(header *protocol.RequestHeader, request *protocolx.CenterCom @@ -375,6 +384,9 @@ func CenterCompanys(header *protocol.RequestHeader, request *protocolx.CenterCom
375 rsp.Phone = request.Phone 384 rsp.Phone = request.Phone
376 rsp.Credentials, _ = utils.GenerateToken(int64(phoneId), request.Phone, protocol.RefreshTokenExipre*time.Second) 385 rsp.Credentials, _ = utils.GenerateToken(int64(phoneId), request.Phone, protocol.RefreshTokenExipre*time.Second)
377 386
  387 + //添加手机对应的凭证
  388 + userAuth.NewRedisUserCredential(request.Phone).AddAuth(rsp.Credentials)
  389 +
378 err = transactionContext.CommitTransaction() 390 err = transactionContext.CommitTransaction()
379 v = map[string]interface{}{"center": rsp} 391 v = map[string]interface{}{"center": rsp}
380 return 392 return
@@ -398,6 +410,12 @@ func Companys(header *protocol.RequestHeader, request *protocolx.CompanysRequest @@ -398,6 +410,12 @@ func Companys(header *protocol.RequestHeader, request *protocolx.CompanysRequest
398 err = protocol.NewErrWithMessage(4140, err) 410 err = protocol.NewErrWithMessage(4140, err)
399 return 411 return
400 } 412 }
  413 + //凭证是否存在
  414 + if credential, e := userAuth.NewRedisUserCredential(claim.Phone).GetAuth(); e != nil || !strings.EqualFold(credential, request.Credentials) {
  415 + log.Debug("凭证过期或者已失效:", claim.Phone)
  416 + err = protocol.NewErrWithMessage(4140, err)
  417 + return
  418 + }
401 loginSvr.Init(claim.Phone) 419 loginSvr.Init(claim.Phone)
402 rsp.Partner, _ = loginSvr.PartnerStaticInfo() 420 rsp.Partner, _ = loginSvr.PartnerStaticInfo()
403 rsp.Manager, _ = loginSvr.ManagerStaticInfo() 421 rsp.Manager, _ = loginSvr.ManagerStaticInfo()
@@ -406,6 +424,7 @@ func Companys(header *protocol.RequestHeader, request *protocolx.CompanysRequest @@ -406,6 +424,7 @@ func Companys(header *protocol.RequestHeader, request *protocolx.CompanysRequest
406 err = protocol.NewErrWithMessage(4140, err) //账号禁用 424 err = protocol.NewErrWithMessage(4140, err) //账号禁用
407 return 425 return
408 } 426 }
  427 +
409 err = transactionContext.CommitTransaction() 428 err = transactionContext.CommitTransaction()
410 return 429 return
411 } 430 }
@@ -431,6 +450,12 @@ func LoginV2(header *protocol.RequestHeader, request *protocol.LoginRequestV2) ( @@ -431,6 +450,12 @@ func LoginV2(header *protocol.RequestHeader, request *protocol.LoginRequestV2) (
431 err = protocol.NewErrWithMessage(4140, err) 450 err = protocol.NewErrWithMessage(4140, err)
432 return 451 return
433 } 452 }
  453 + //凭证是否存在
  454 + if credential, e := userAuth.NewRedisUserCredential(claim.Phone).GetAuth(); e != nil || !strings.EqualFold(credential, request.Credentials) {
  455 + log.Debug("凭证过期或者已失效:", claim.Phone)
  456 + err = protocol.NewErrWithMessage(4140, err)
  457 + return
  458 + }
434 if company, e := CompanyRepository.FindOne(map[string]interface{}{"id": request.Cid, "enable": 1}); e != nil || company == nil { 459 if company, e := CompanyRepository.FindOne(map[string]interface{}{"id": request.Cid, "enable": 1}); e != nil || company == nil {
435 err = protocol.NewErrWithMessage(10007, err) 460 err = protocol.NewErrWithMessage(10007, err)
436 return 461 return
@@ -444,8 +469,8 @@ func LoginV2(header *protocol.RequestHeader, request *protocol.LoginRequestV2) ( @@ -444,8 +469,8 @@ func LoginV2(header *protocol.RequestHeader, request *protocol.LoginRequestV2) (
444 return 469 return
445 } 470 }
446 } 471 }
447 - //TODO:验证公司模块权限  
448 - if _, adminUsers, e := UsersRepository.Find(map[string]interface{}{"inCompanyIds": []int64{int64(request.Cid)}, "adminType": 2}); e == nil { 472 + //验证公司模块权限
  473 + if _, adminUsers, e := UsersRepository.Find(map[string]interface{}{"inCompanyIds": []int64{int64(request.Cid)}, "adminType": 2, "deleteAtIsNull": true}); e == nil {
449 if len(adminUsers) > 0 { 474 if len(adminUsers) > 0 {
450 au := adminUsers[0] 475 au := adminUsers[0]
451 if code, e := adminApiGateway.UserAuth(au.Id, constant.BUSINESS_ADMIN_PLATFORM_ID); e != nil || code != 0 { 476 if code, e := adminApiGateway.UserAuth(au.Id, constant.BUSINESS_ADMIN_PLATFORM_ID); e != nil || code != 0 {
  1 +package userAuth
  2 +
  3 +import (
  4 + "github.com/tiptok/gocomm/pkg/redis"
  5 + "gitlab.fjmaimaimai.com/mmm-go/partner/pkg/infrastructure/utils"
  6 +)
  7 +
  8 +//Redis用户权限
  9 +type RedisUserCredential struct {
  10 + phone string
  11 + Options *Options
  12 +}
  13 +
  14 +func NewRedisUserCredential(phone string, options ...Option) *RedisUserCredential {
  15 + rua := &RedisUserCredential{
  16 + Options: NewOptions(options...),
  17 + phone: phone,
  18 + }
  19 + return rua
  20 +}
  21 +func (auth RedisUserCredential) AddAuth(credential string) error {
  22 + err := redis.Hset(
  23 + auth.redisKey(),
  24 + auth.field(),
  25 + credential, 0,
  26 + )
  27 + return err
  28 +}
  29 +func (auth RedisUserCredential) RemoveAuth() error {
  30 + if !auth.Exist() {
  31 + return nil
  32 + }
  33 + return redis.Hdel(auth.redisKey(), auth.field())
  34 +}
  35 +func (auth RedisUserCredential) GetAuth() (string, error) {
  36 + if !auth.Exist() {
  37 + return "", errNotFound(auth.field())
  38 + }
  39 + data, err := redis.Hget(auth.redisKey(), auth.field())
  40 + if err != nil {
  41 + return "", err
  42 + }
  43 + return string(data), nil
  44 +}
  45 +func (auth RedisUserCredential) Exist() bool {
  46 + return redis.Hexists(auth.redisKey(), auth.field())
  47 +}
  48 +func (auth RedisUserCredential) redisKey() string {
  49 + if len(auth.phone) == 0 {
  50 + return ""
  51 + }
  52 + return utils.RedisKey("user_credential")
  53 +}
  54 +func (auth RedisUserCredential) field() string {
  55 + return auth.phone
  56 +}
  1 +package userAuth
  2 +
  3 +import (
  4 + "strings"
  5 + "testing"
  6 +)
  7 +
  8 +func TestRedisUserCredential(t *testing.T) {
  9 + initRedis()
  10 + key := "18860183050"
  11 + userAuth := NewRedisUserCredential(key)
  12 + saveCredential := "123456789"
  13 + var credential string
  14 + err := userAuth.AddAuth(saveCredential)
  15 + if err != nil {
  16 + t.Fatal(err)
  17 + }
  18 + credential, err = userAuth.GetAuth()
  19 + if err != nil {
  20 + t.Fatal("get auth", err)
  21 + }
  22 + if !userAuth.Exist() {
  23 + t.Fatal("except:true")
  24 + }
  25 + if !strings.EqualFold(credential, saveCredential) {
  26 + t.Fatal("check credential:", err)
  27 + }
  28 + if err = userAuth.RemoveAuth(); err != nil {
  29 + t.Fatal("remove:", err)
  30 + }
  31 + if v := userAuth.field(); v != "18860183050" {
  32 + t.Fatal("except:18860183050 get:", v)
  33 + }
  34 + if userAuth.Exist() {
  35 + t.Fatal(key)
  36 + }
  37 +}
@@ -121,7 +121,7 @@ func (svr *PgLoginService) PartnerStaticInfo() (interface{}, error) { @@ -121,7 +121,7 @@ func (svr *PgLoginService) PartnerStaticInfo() (interface{}, error) {
121 return response, e 121 return response, e
122 } 122 }
123 var mapCompanyAdminUsers map[int64]*domain.Users = make(map[int64]*domain.Users) //key:company_id value:domain.users 123 var mapCompanyAdminUsers map[int64]*domain.Users = make(map[int64]*domain.Users) //key:company_id value:domain.users
124 - if _, adminUsers, e := UsersRepository.Find(map[string]interface{}{"inCompanyIds": doGetCompanyIds(), "adminType": 2}); e == nil { 124 + if _, adminUsers, e := UsersRepository.Find(map[string]interface{}{"inCompanyIds": doGetCompanyIds(), "adminType": 2, "deleteAtIsNull": true}); e == nil {
125 for i := range adminUsers { 125 for i := range adminUsers {
126 mapCompanyAdminUsers[adminUsers[i].CompanyId] = adminUsers[i] 126 mapCompanyAdminUsers[adminUsers[i].CompanyId] = adminUsers[i]
127 } 127 }
@@ -71,6 +71,6 @@ func (s *PgManagerAuthService) ResetUserPassword(userId int64, phone, password s @@ -71,6 +71,6 @@ func (s *PgManagerAuthService) ResetUserPassword(userId int64, phone, password s
71 err = fmt.Errorf("用户不存在") 71 err = fmt.Errorf("用户不存在")
72 return 72 return
73 } 73 }
74 - _, err = ucenterApiGateway.UpdateUser(user.OpenId, phone, password) 74 + _, err = ucenterApiGateway.UpdateUser(user.OpenId, "", password)
75 return 75 return
76 } 76 }