改造成api

2025-07-02 14:51:23 +08:00
parent c8a81d0f49
commit 39e91e85ba
27 changed files with 665 additions and 519 deletions
--- a/internal/erpserver/service/v1/auth/auth.go
+++ b/internal/erpserver/service/v1/auth/auth.go
@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"log"
 	"net"
 	"net/http"
 	"strings"
@@ -13,9 +14,9 @@ import (
 	"management/internal/erpserver/model/system"
 	"management/internal/erpserver/model/system/request"
 	v1 "management/internal/erpserver/service/v1"
+	"management/internal/pkg/config"
 	"management/internal/pkg/crypto"
-	"management/internal/pkg/know"
-	"management/internal/pkg/session"
+	"management/internal/pkg/token"

 	"github.com/drhin/logger"
 	"github.com/google/uuid"
@@ -70,9 +71,10 @@ type LoginEnvironment struct {

 // Auth 安全管理器
 type Auth struct {
+	conf  *config.Config
 	log   *logger.Logger
 	redis *redis.Client
-	sm    session.Manager
+	token token.Maker

 	userService     v1.UserService
 	roleService     v1.RoleService
@@ -81,24 +83,32 @@ type Auth struct {

 // NewAuth 创建安全管理器
 func NewAuth(
+	conf *config.Config,
 	log *logger.Logger,
 	redis *redis.Client,
-	sm session.Manager,
+	token token.Maker,
 	userService v1.UserService,
 	roleService v1.RoleService,
 	loginLogService v1.LoginLogService,
 ) *Auth {
 	return &Auth{
+		conf:            conf,
 		log:             log,
 		redis:           redis,
-		sm:              sm,
+		token:           token,
 		userService:     userService,
 		roleService:     roleService,
 		loginLogService: loginLogService,
 	}
 }

-func (a *Auth) Authenticate(ctx context.Context, req request.Login) (*RiskCheckResult, error) {
+type AuthenticateResponse struct {
+	AccessToken          string           `json:"access_token"`
+	AccessTokenExpiresAt time.Time        `json:"access_token_expires_at"`
+	Risk                 *RiskCheckResult `json:"risk"`
+}
+
+func (a *Auth) Authenticate(ctx context.Context, req request.Login) (*AuthenticateResponse, error) {
 	l := system.NewLoginLog(req.Email, req.Os, req.Ip, req.Browser, req.Url, req.Referrer)

 	locked, duration, err := a.isAccountLocked(ctx, req.Email)
@@ -146,13 +156,17 @@ func (a *Auth) Authenticate(ctx context.Context, req request.Login) (*RiskCheckR
 		}
 	}

-	// 设置会话Cookie
-	au := system.NewAuthorizeUser(user, req.Os, req.Ip, req.Browser)
-	if err := a.sm.PutUser(ctx, know.StoreName, au); err != nil {
+	// 生成token
+	accessToken, payload, err := a.token.CreateToken(user.Uuid, user.Username, a.conf.JWT.ExpiresTime, token.TypeAccessToken)
+	if err != nil {
 		return nil, err
 	}

-	return risk, nil
+	return &AuthenticateResponse{
+		AccessToken:          accessToken,
+		AccessTokenExpiresAt: payload.ExpiredAt,
+		Risk:                 risk,
+	}, nil
 }

 func (a *Auth) validateUser(ctx context.Context, email, password string) (*system.User, error) {
@@ -469,6 +483,7 @@ func (a *Auth) recordLoginLog(ctx context.Context, log *system.LoginLog) error {
 func (a *Auth) getHistoricalLoginEnvironments(ctx context.Context, email string) ([]LoginEnvironment, error) {
 	rows, err := a.loginLogService.HistoricalLogin(ctx, email, time.Now().Add(-RiskCheckWindow))
 	if err != nil {
+		log.Println("获取历史登录环境失败111111:", err)
 		return nil, err
 	}