package oauth import ( "encoding/json" "net/http" "strings" "time" "management/internal/db/model/dto" db "management/internal/db/sqlc" authglobal "management/internal/global/auth" "management/internal/pkg/crypto" "management/internal/pkg/session" captchaservice "management/internal/service/captcha" systemservice "management/internal/service/system" "management/internal/tpl" "github.com/zhang2092/browser" ) func Login(w http.ResponseWriter, r *http.Request) { ctx := r.Context() var user dto.AuthorizeUser u := session.GetBytes(ctx, authglobal.StoreName) if err := json.Unmarshal(u, &user); err == nil { // 判断租户是否一致, 一致则刷新令牌,跳转到首页 if err := session.RenewToken(ctx); err == nil { session.Put(ctx, authglobal.StoreName, u) http.Redirect(w, r, "/home.html", http.StatusFound) return } } session.Destroy(ctx) tpl.HTML(w, r, "oauth/login.tmpl", nil) } func PostLogin(w http.ResponseWriter, r *http.Request) { email := strings.TrimSpace(r.PostFormValue("email")) password := strings.TrimSpace(r.PostFormValue("password")) captchaID := strings.TrimSpace(r.PostFormValue("captcha_id")) captcha := strings.TrimSpace(r.PostFormValue("captcha")) if len(email) == 0 { tpl.JSON(w, tpl.Response{Success: false, Message: "请填写邮箱"}) return } if len(password) == 0 { tpl.JSON(w, tpl.Response{Success: false, Message: "请填写密码"}) return } if len(captcha) == 0 { tpl.JSON(w, tpl.Response{Success: false, Message: "请填写验证码"}) return } if !captchaservice.Verify(captchaID, captcha, true) { tpl.JSON(w, tpl.Response{Success: false, Message: "验证码错误"}) return } br, err := browser.NewBrowser(r.Header.Get("User-Agent")) if err != nil { tpl.JSON(w, tpl.Response{Success: false, Message: "平台信息获取错误"}) return } ctx := r.Context() log := &db.CreateSysUserLoginLogParams{ CreatedAt: time.Now(), Email: email, IsSuccess: false, RefererUrl: r.Header.Get("Referer"), Url: r.URL.RequestURI(), Os: br.Platform().Name(), Ip: r.RemoteAddr, Browser: br.Name(), } user, err := systemservice.GetSysUserByEmail(ctx, email) if err != nil { log.Message = err.Error() _ = systemservice.CreateSysUserLoginLog(ctx, log) tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()}) return } log.UserUuid = user.Uuid log.Username = user.Username err = crypto.BcryptComparePassword(user.HashedPassword, password+user.Salt) if err != nil { log.Message = "compare password failed" _ = systemservice.CreateSysUserLoginLog(ctx, log) tpl.JSON(w, tpl.Response{Success: false, Message: "compare password failed"}) return } // 登陆成功 if user.RoleID == 0 { log.Message = "账号没有配置角色, 请联系管理员" _ = systemservice.CreateSysUserLoginLog(ctx, log) tpl.JSON(w, tpl.Response{Success: false, Message: "账号没有配置角色, 请联系管理员"}) return } sysRole, err := systemservice.GetSysRole(ctx, user.RoleID) if err != nil { log.Message = "账号配置的角色错误, 请联系管理员" _ = systemservice.CreateSysUserLoginLog(ctx, log) tpl.JSON(w, tpl.Response{Success: false, Message: "账号配置的角色错误, 请联系管理员"}) return } auth := dto.AuthorizeUser{ ID: user.ID, Uuid: user.Uuid, Email: user.Email, Username: user.Username, RoleID: sysRole.ID, RoleName: sysRole.Name, OS: log.Os, IP: log.Ip, Browser: log.Browser, } b, err := json.Marshal(auth) if err != nil { log.Message = err.Error() _ = systemservice.CreateSysUserLoginLog(ctx, log) tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()}) return } session.Put(ctx, authglobal.StoreName, b) log.IsSuccess = true log.Message = "登陆成功" _ = systemservice.CreateSysUserLoginLog(ctx, log) tpl.JSON(w, tpl.Response{Success: true, Message: "login successful"}) } func Logout(w http.ResponseWriter, r *http.Request) { session.Destroy(r.Context()) http.Redirect(w, r, "/", http.StatusFound) }