projectx/internal/router/manage/oauth/oauth.go

package oauth

import (
	"encoding/json"
	"net/http"
	"strings"
	"time"

	"management/internal/db/model/dto"
	db "management/internal/db/sqlc"
	"management/internal/pkg/crypto"
	captchaservice "management/internal/service/captcha"
	systemservice "management/internal/service/system"
	"management/internal/tpl"

	"github.com/zhang2092/browser"
)

func Login(w http.ResponseWriter, r *http.Request) {
	// ctx := r.Context()
	// var user dto.AuthorizeUser
	// u := session.GetBytes(ctx, authglobal.StoreName)
	// if err := json.Unmarshal(u, &user); err == nil {
	// 	// 判断租户是否一致, 一致则刷新令牌，跳转到首页
	// 	if err := session.RenewToken(ctx); err == nil {
	// 		session.Put(ctx, authglobal.StoreName, u)
	// 		http.Redirect(w, r, "/home.html", http.StatusFound)
	// 		return
	// 	}
	// }

	// session.Destroy(ctx)
	tpl.HTML(w, r, "oauth/login.tmpl", nil)
}

func PostLogin(w http.ResponseWriter, r *http.Request) {
	email := strings.TrimSpace(r.PostFormValue("email"))
	password := strings.TrimSpace(r.PostFormValue("password"))
	captchaID := strings.TrimSpace(r.PostFormValue("captcha_id"))
	captcha := strings.TrimSpace(r.PostFormValue("captcha"))
	if len(email) == 0 {
		tpl.JSON(w, tpl.Response{Success: false, Message: "请填写邮箱"})
		return
	}
	if len(password) == 0 {
		tpl.JSON(w, tpl.Response{Success: false, Message: "请填写密码"})
		return
	}
	if len(captcha) == 0 {
		tpl.JSON(w, tpl.Response{Success: false, Message: "请填写验证码"})
		return
	}
	if !captchaservice.Verify(captchaID, captcha, true) {
		tpl.JSON(w, tpl.Response{Success: false, Message: "验证码错误"})
		return
	}

	br, err := browser.NewBrowser(r.Header.Get("User-Agent"))
	if err != nil {
		tpl.JSON(w, tpl.Response{Success: false, Message: "平台信息获取错误"})
		return
	}

	ctx := r.Context()
	log := &db.CreateSysUserLoginLogParams{
		CreatedAt:  time.Now(),
		Email:      email,
		IsSuccess:  false,
		RefererUrl: r.Header.Get("Referer"),
		Url:        r.URL.RequestURI(),
		Os:         br.Platform().Name(),
		Ip:         r.RemoteAddr,
		Browser:    br.Name(),
	}

	user, err := systemservice.GetSysUserByEmail(ctx, email)
	if err != nil {
		log.Message = err.Error()
		_ = systemservice.CreateSysUserLoginLog(ctx, log)
		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
		return
	}
	log.UserUuid = user.Uuid
	log.Username = user.Username

	err = crypto.BcryptComparePassword(user.HashedPassword, password+user.Salt)
	if err != nil {
		log.Message = "compare password failed"
		_ = systemservice.CreateSysUserLoginLog(ctx, log)
		tpl.JSON(w, tpl.Response{Success: false, Message: "compare password failed"})
		return
	}

	// 登陆成功

	if user.RoleID == 0 {
		log.Message = "账号没有配置角色, 请联系管理员"
		_ = systemservice.CreateSysUserLoginLog(ctx, log)
		tpl.JSON(w, tpl.Response{Success: false, Message: "账号没有配置角色, 请联系管理员"})
		return
	}

	sysRole, err := systemservice.GetSysRole(ctx, user.RoleID)
	if err != nil {
		log.Message = "账号配置的角色错误, 请联系管理员"
		_ = systemservice.CreateSysUserLoginLog(ctx, log)
		tpl.JSON(w, tpl.Response{Success: false, Message: "账号配置的角色错误, 请联系管理员"})
		return
	}

	auth := dto.AuthorizeUser{
		ID:       user.ID,
		Uuid:     user.Uuid,
		Email:    user.Email,
		Username: user.Username,
		RoleID:   sysRole.ID,
		RoleName: sysRole.Name,
		OS:       log.Os,
		IP:       log.Ip,
		Browser:  log.Browser,
	}

	_, err = json.Marshal(auth)
	if err != nil {
		log.Message = err.Error()
		_ = systemservice.CreateSysUserLoginLog(ctx, log)
		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
		return
	}

	// session.Put(ctx, authglobal.StoreName, b)

	log.IsSuccess = true
	log.Message = "登陆成功"
	_ = systemservice.CreateSysUserLoginLog(ctx, log)
	tpl.JSONOK(w, "login successful")
}

func Logout(w http.ResponseWriter, r *http.Request) {
	// session.Destroy(r.Context())
	http.Redirect(w, r, "/", http.StatusFound)
}