|
|
|
|
|
package auth
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
|
"context"
|
|
|
|
|
|
"git.noahlan.cn/n-admin/n-admin-server/api/internal/svc"
|
|
|
|
|
|
"git.noahlan.cn/n-admin/n-admin-server/api/internal/types"
|
|
|
|
|
|
"git.noahlan.cn/n-admin/n-admin-server/dal"
|
|
|
|
|
|
"git.noahlan.cn/n-admin/n-admin-server/dal/errx"
|
|
|
|
|
|
"git.noahlan.cn/n-admin/n-admin-server/rpc/core/types/core"
|
|
|
|
|
|
"git.noahlan.cn/noahlan/ntool-biz/core/jwt"
|
|
|
|
|
|
"git.noahlan.cn/noahlan/ntool-biz/core/nstatus"
|
|
|
|
|
|
"git.noahlan.cn/noahlan/ntool/ndef"
|
|
|
|
|
|
"git.noahlan.cn/noahlan/ntool/nlog"
|
|
|
|
|
|
"net/http"
|
|
|
|
|
|
"strings"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
// login 登录
|
|
|
|
|
|
func login(ctx context.Context, svcCtx *svc.ServiceContext, r *http.Request, user *core.UserInfo) (*types.LoginResp, error) {
|
|
|
|
|
|
defer func() {
|
|
|
|
|
|
if err := loginRecord(ctx, svcCtx, r, user.ID); err != nil {
|
|
|
|
|
|
nlog.Errorw("记录登录次数失败", nlog.Field("err", err))
|
|
|
|
|
|
}
|
|
|
|
|
|
}()
|
|
|
|
|
|
|
|
|
|
|
|
rolesBuilder := new(strings.Builder)
|
|
|
|
|
|
for i, v := range user.Roles {
|
|
|
|
|
|
rolesBuilder.WriteString(v.Code)
|
|
|
|
|
|
if i != len(user.Roles)-1 {
|
|
|
|
|
|
rolesBuilder.WriteString(ndef.CommaStr)
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// TODO 检测账号,1是否开启两步验证(已配置) 2是否需要两步验证(异地登录之类)
|
|
|
|
|
|
// 生成 token
|
|
|
|
|
|
token, err := jwt.NewJwtToken(
|
|
|
|
|
|
svcCtx.Config.Auth.AccessSecret,
|
|
|
|
|
|
user.ID,
|
|
|
|
|
|
svcCtx.Config.Auth.AccessExpire,
|
|
|
|
|
|
jwt.WithRandID(),
|
|
|
|
|
|
jwt.WithOption(jwt.KeyRoles, rolesBuilder.String()),
|
|
|
|
|
|
)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, nstatus.NewBizErrWithCode(errx.JwtTokenGenerateErr)
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// TODO 落地Token
|
|
|
|
|
|
return &types.LoginResp{
|
|
|
|
|
|
TwoFactorType: "",
|
|
|
|
|
|
Token: types.LoginTokenInfo{
|
|
|
|
|
|
UID: user.ID,
|
|
|
|
|
|
TokenType: "Bearer",
|
|
|
|
|
|
AccessToken: token.AccessToken,
|
|
|
|
|
|
ExpiresAt: token.ExpiresAt,
|
|
|
|
|
|
Scope: "",
|
|
|
|
|
|
},
|
|
|
|
|
|
}, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// loginRecord 记录登录
|
|
|
|
|
|
func loginRecord(ctx context.Context, svcCtx *svc.ServiceContext, r *http.Request, uid int64) error {
|
|
|
|
|
|
// 记录登录次数
|
|
|
|
|
|
_, err := svcCtx.CoreRpc.Record(ctx, &core.LoginRecordInfo{
|
|
|
|
|
|
UserId: uid,
|
|
|
|
|
|
LastLoginIpv4: r.RemoteAddr,
|
|
|
|
|
|
LastLoginDevice: r.Header.Get(dal.UserDeviceKey),
|
|
|
|
|
|
LastLoginUa: r.UserAgent(),
|
|
|
|
|
|
})
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return err
|
|
|
|
|
|
}
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// register 注册用户
|
|
|
|
|
|
func register(ctx context.Context, svcCtx *svc.ServiceContext, user *core.UserInfo) (*core.UserInfo, error) {
|
|
|
|
|
|
// 自动注册
|
|
|
|
|
|
rpcResp, err := svcCtx.CoreRpc.CreateUser(ctx, user)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, err
|
|
|
|
|
|
}
|
|
|
|
|
|
dbData, err := svcCtx.CoreRpc.GetUser(ctx, &core.UserReq{
|
|
|
|
|
|
ID: rpcResp.ID,
|
|
|
|
|
|
})
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, err
|
|
|
|
|
|
}
|
|
|
|
|
|
return dbData, nil
|
|
|
|
|
|
}
|
