作者 yangfu

Merge remote-tracking branch 'origin/test'

... ... @@ -284,6 +284,9 @@ func UCenterRevoke(header *protocol.RequestHeader, userId int64) (rsp *protocol.
err = nil
return
}
//注销凭证
userAuth.NewRedisUserCredential(user.Phone).RemoveAuth()
//注销token
id, _ := strconv.Atoi(user.Phone)
auth := userAuth.NewRedisUserAuth(userAuth.WithUserId(int64(id)))
if !auth.Exist() {
... ... @@ -339,6 +342,12 @@ func CenterCompanys(header *protocol.RequestHeader, request *protocolx.CenterCom
}
break
case protocol.LoginByCredentials:
//凭证是否存在
if credential, e := userAuth.NewRedisUserCredential(request.Phone).GetAuth(); e != nil || !strings.EqualFold(credential, request.Credentials) {
log.Debug("凭证过期或者已失效:", request.Phone)
err = protocol.NewErrWithMessage(4140, err)
return
}
if _, err = utils.ParseJWTToken(request.Credentials); err != nil {
err = protocol.NewErrWithMessage(4140, err)
return
... ... @@ -375,6 +384,9 @@ func CenterCompanys(header *protocol.RequestHeader, request *protocolx.CenterCom
rsp.Phone = request.Phone
rsp.Credentials, _ = utils.GenerateToken(int64(phoneId), request.Phone, protocol.RefreshTokenExipre*time.Second)
//添加手机对应的凭证
userAuth.NewRedisUserCredential(request.Phone).AddAuth(rsp.Credentials)
err = transactionContext.CommitTransaction()
v = map[string]interface{}{"center": rsp}
return
... ... @@ -398,6 +410,12 @@ func Companys(header *protocol.RequestHeader, request *protocolx.CompanysRequest
err = protocol.NewErrWithMessage(4140, err)
return
}
//凭证是否存在
if credential, e := userAuth.NewRedisUserCredential(claim.Phone).GetAuth(); e != nil || !strings.EqualFold(credential, request.Credentials) {
log.Debug("凭证过期或者已失效:", claim.Phone)
err = protocol.NewErrWithMessage(4140, err)
return
}
loginSvr.Init(claim.Phone)
rsp.Partner, _ = loginSvr.PartnerStaticInfo()
rsp.Manager, _ = loginSvr.ManagerStaticInfo()
... ... @@ -406,6 +424,7 @@ func Companys(header *protocol.RequestHeader, request *protocolx.CompanysRequest
err = protocol.NewErrWithMessage(4140, err) //账号禁用
return
}
err = transactionContext.CommitTransaction()
return
}
... ... @@ -431,6 +450,12 @@ func LoginV2(header *protocol.RequestHeader, request *protocol.LoginRequestV2) (
err = protocol.NewErrWithMessage(4140, err)
return
}
//凭证是否存在
if credential, e := userAuth.NewRedisUserCredential(claim.Phone).GetAuth(); e != nil || !strings.EqualFold(credential, request.Credentials) {
log.Debug("凭证过期或者已失效:", claim.Phone)
err = protocol.NewErrWithMessage(4140, err)
return
}
if company, e := CompanyRepository.FindOne(map[string]interface{}{"id": request.Cid, "enable": 1}); e != nil || company == nil {
err = protocol.NewErrWithMessage(10007, err)
return
... ... @@ -444,8 +469,8 @@ func LoginV2(header *protocol.RequestHeader, request *protocol.LoginRequestV2) (
return
}
}
//TODO:验证公司模块权限
if _, adminUsers, e := UsersRepository.Find(map[string]interface{}{"inCompanyIds": []int64{int64(request.Cid)}, "adminType": 2}); e == nil {
//验证公司模块权限
if _, adminUsers, e := UsersRepository.Find(map[string]interface{}{"inCompanyIds": []int64{int64(request.Cid)}, "adminType": 2, "deleteAtIsNull": true}); e == nil {
if len(adminUsers) > 0 {
au := adminUsers[0]
if code, e := adminApiGateway.UserAuth(au.Id, constant.BUSINESS_ADMIN_PLATFORM_ID); e != nil || code != 0 {
... ...
package userAuth
import (
"github.com/tiptok/gocomm/pkg/redis"
"gitlab.fjmaimaimai.com/mmm-go/partner/pkg/infrastructure/utils"
)
//Redis用户权限
type RedisUserCredential struct {
phone string
Options *Options
}
func NewRedisUserCredential(phone string, options ...Option) *RedisUserCredential {
rua := &RedisUserCredential{
Options: NewOptions(options...),
phone: phone,
}
return rua
}
func (auth RedisUserCredential) AddAuth(credential string) error {
err := redis.Hset(
auth.redisKey(),
auth.field(),
credential, 0,
)
return err
}
func (auth RedisUserCredential) RemoveAuth() error {
if !auth.Exist() {
return nil
}
return redis.Hdel(auth.redisKey(), auth.field())
}
func (auth RedisUserCredential) GetAuth() (string, error) {
if !auth.Exist() {
return "", errNotFound(auth.field())
}
data, err := redis.Hget(auth.redisKey(), auth.field())
if err != nil {
return "", err
}
return string(data), nil
}
func (auth RedisUserCredential) Exist() bool {
return redis.Hexists(auth.redisKey(), auth.field())
}
func (auth RedisUserCredential) redisKey() string {
if len(auth.phone) == 0 {
return ""
}
return utils.RedisKey("user_credential")
}
func (auth RedisUserCredential) field() string {
return auth.phone
}
... ...
package userAuth
import (
"strings"
"testing"
)
func TestRedisUserCredential(t *testing.T) {
initRedis()
key := "18860183050"
userAuth := NewRedisUserCredential(key)
saveCredential := "123456789"
var credential string
err := userAuth.AddAuth(saveCredential)
if err != nil {
t.Fatal(err)
}
credential, err = userAuth.GetAuth()
if err != nil {
t.Fatal("get auth", err)
}
if !userAuth.Exist() {
t.Fatal("except:true")
}
if !strings.EqualFold(credential, saveCredential) {
t.Fatal("check credential:", err)
}
if err = userAuth.RemoveAuth(); err != nil {
t.Fatal("remove:", err)
}
if v := userAuth.field(); v != "18860183050" {
t.Fatal("except:18860183050 get:", v)
}
if userAuth.Exist() {
t.Fatal(key)
}
}
... ...
... ... @@ -121,7 +121,7 @@ func (svr *PgLoginService) PartnerStaticInfo() (interface{}, error) {
return response, e
}
var mapCompanyAdminUsers map[int64]*domain.Users = make(map[int64]*domain.Users) //key:company_id value:domain.users
if _, adminUsers, e := UsersRepository.Find(map[string]interface{}{"inCompanyIds": doGetCompanyIds(), "adminType": 2}); e == nil {
if _, adminUsers, e := UsersRepository.Find(map[string]interface{}{"inCompanyIds": doGetCompanyIds(), "adminType": 2, "deleteAtIsNull": true}); e == nil {
for i := range adminUsers {
mapCompanyAdminUsers[adminUsers[i].CompanyId] = adminUsers[i]
}
... ...
... ... @@ -71,6 +71,6 @@ func (s *PgManagerAuthService) ResetUserPassword(userId int64, phone, password s
err = fmt.Errorf("用户不存在")
return
}
_, err = ucenterApiGateway.UpdateUser(user.OpenId, phone, password)
_, err = ucenterApiGateway.UpdateUser(user.OpenId, "", password)
return
}
... ...