feat: 实现后台和小程序端登录

1 year ago · 865b824c09
parent fc483bdd60
commit 865b824c09
12 changed files with 298 additions and 4 deletions
--- a/internal/entities/company_auth_ticket.go
+++ b/internal/entities/company_auth_ticket.go
@ -0,0 +1,19 @@
 package entities
 import (
 	"gorm.io/gorm"
 	"time"
 )
 type CompanyAuthTicket struct {
 	ID           uint           `json:"id"            xml:"id"            gorm:"primaryKey;not null;comment:员工编号"`
 	CompanyID    uint           `json:"company_id"    xml:"company_id"    gorm:"comment:所属公司编号"`
 	EmployeeID   uint           `json:"employee_id"   xml:"employee_id"   gorm:"comment:所属员工编号"`
 	WechatOpenid string         `json:"wechat_openid" xml:"wechat_openid" gorm:"size:100;not null;comment:关联微信号"`
 	Ticket       string         `json:"ticket"        xml:"ticket"        gorm:"comment:认证和授权凭证"`
 	CreatedAt    time.Time      `json:"create_time"   xml:"create_time"   gorm:"<-:false;comment:创建时间"`
 	UpdatedAt    time.Time      `json:"update_time"   xml:"update_time"   gorm:"<-:false;comment:更新时间"`
 	DeletedAt    gorm.DeletedAt `json:"-"             xml:"-"             gorm:"comment:删除时间"`
 	Employee *CompanyEmployee `json:"employee" xml:"employee" gorm:"foreignKey:EmployeeID"`
 }
--- a/internal/entities/company_employee.go
+++ b/internal/entities/company_employee.go
@ -22,5 +22,6 @@ type CompanyEmployee struct {
 	UpdatedAt    time.Time      `json:"update_time"   xml:"update_time"   gorm:"<-:false;comment:更新时间"`
 	DeletedAt    gorm.DeletedAt `json:"-"             xml:"-"             gorm:"comment:删除时间"`
 	Company     *Company             `json:"company"     xml:"company"     gorm:"foreignKey:CompanyID"`
 	Departments []*CompanyDepartment `json:"departments" xml:"departments" gorm:"many2many:company_employee_to_department_relations"`
 }
--- a/internal/entities/system_user.go
+++ b/internal/entities/system_user.go
@ -10,7 +10,7 @@ import (
 type SystemUser struct {
 	ID        int64          `json:"id"          xml:"id"          gorm:"primaryKey;not null;comment:系统用户编号"`
 	Username  string         `json:"username"    xml:"username"    gorm:"size:25;not null;uniqueIndex;comment:用户名"`
-	Password  string         `json:"password"    xml:"password"    gorm:"size:25;not null;comment:登录密码"`
+	Password  string         `json:"-"           xml:"-"           gorm:"size:250;not null;comment:登录密码"`
 	Status    bool           `json:"status"      xml:"status"      gorm:"comment:状态"`
 	Version   db.Version     `json:"-"           xml:"-"           gorm:"comment:乐观锁"`
 	CreatedAt time.Time      `json:"create_time" xml:"create_time" gorm:"<-:false;comment:创建时间"`
--- a/internal/repositories/company_auth_ticket.go
+++ b/internal/repositories/company_auth_ticket.go
@ -0,0 +1,92 @@
 package repositories
 import (
 	"context"
 	"errors"
 	"gorm.io/gorm"
 	"sorbet/internal/entities"
 	"sorbet/pkg/db"
 	"sorbet/pkg/ticket"
 )
 type CompanyAuthTicketRepository struct {
 	*db.Repository[entities.CompanyAuthTicket]
 }
 // NewCompanyAuthTicketRepository 创建公司部门仓库
 func NewCompanyAuthTicketRepository(orm *gorm.DB) *CompanyAuthTicketRepository {
 	return &CompanyAuthTicketRepository{
 		db.NewRepositoryWith[entities.CompanyAuthTicket](orm, "id"),
 	}
 }
 // TicketForLastLogin 最后一次登录生成的 ticket 信息
 func (r *CompanyAuthTicketRepository) TicketForLastLogin(ctx context.Context, openid string) (*entities.CompanyAuthTicket, error) {
 	var authTicket entities.CompanyAuthTicket
 	res := r.DB(ctx).
 		Model(&authTicket).
 		Where("wechat_openid=?", openid).
 		Order("updated_at DESC").
 		Preload("Employee", func(tx *gorm.DB) *gorm.DB {
 			//return tx.
 			//	Preload("Company"). // 当前员工所在公司
 			//	Preload("Departments", func(tx *gorm.DB) *gorm.DB {
 			//		// 只查询当前公司的部门
 			//		return tx.Where("company_id = ?")
 			//	}) // 当前员工所在部门
 			return tx.Preload("Company")
 		}).
 		Last(&authTicket)
 	if err := res.Error; err != nil {
 		return nil, err
 	}
 	return &authTicket, nil
 }
 // EmployeeForLastLogin 使用微信最后一次登录的员工信息
 func (r *CompanyAuthTicketRepository) EmployeeForLastLogin(ctx context.Context, openid string) (*entities.CompanyEmployee, error) {
 	authTicket, err := r.TicketForLastLogin(ctx, openid)
 	if err != nil {
 		return nil, err
 	}
 	return authTicket.Employee, nil
 }
 func (r *CompanyAuthTicketRepository) GenerateForWechat(ctx context.Context, openid string) (employee *entities.CompanyEmployee, ticketString string, err error) {
 	employee, err = r.EmployeeForLastLogin(ctx, openid)
 	if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
 		return
 	}
 	// 通过最后一个 ticket 生成新的
 	if employee == nil {
 		// 随机取一个员工信息
 		var temp entities.CompanyEmployee
 		res := r.DB(ctx).
 			Where("wechat_openid=?", openid).
 			Preload("Departments").
 			Preload("Company").
 			Order("updated_at").
 			First(&temp)
 		if err = res.Error; err != nil {
 			return
 		}
 		employee = &temp
 	}
 	ticketString, err = ticket.Create(&ticket.Claims{
 		UID:  employee.ID,
 		Role: "company:employee",
 	})
 	authTicket := &entities.CompanyAuthTicket{
 		CompanyID:    employee.CompanyID,
 		EmployeeID:   employee.ID,
 		WechatOpenid: employee.WechatOpenid,
 		Ticket:       ticketString,
 	}
 	err = r.Create(ctx, authTicket)
 	return
 }
--- a/internal/services/company/controller/company_employee_controller.go
+++ b/internal/services/company/controller/company_employee_controller.go
@ -1,16 +1,78 @@
 package controller
 import (
 	"errors"
 	"github.com/labstack/echo/v4"
 	"gorm.io/gorm"
 	"sorbet/internal/entities"
 	"sorbet/internal/errs"
 	"sorbet/internal/repositories"
 	"sorbet/internal/services/company/request"
 	"sorbet/pkg/crud"
 	"sorbet/pkg/db"
 	"sorbet/pkg/rsp"
 	"sorbet/pkg/wx"
 )
 type CompanyEmployeeController struct {
 	crud.Controller[entities.CompanyEmployee, request.CompanyEmployeeUpsertRequest]
 }
-func (c *CompanyEmployeeController) InitRoutes(r *echo.Group) {
+func (ctr *CompanyEmployeeController) InitRoutes(r *echo.Group) {
-	c.RegisterRoutes("/company/employees", r)
+	ctr.RegisterRoutes("/company/employees", r)
 }
 func (ctr *CompanyEmployeeController) RegisterRoutes(path string, r *echo.Group) {
 	ctr.Controller.RegisterRoutes(path, r)
 	r.POST(path+"/auth/login", ctr.Login)
 }
 // Login 员工登录
 func (ctr *CompanyEmployeeController) Login(c echo.Context) error {
 	var req struct {
 		Code string `json:"code" xml:"code" form:"code"`
 	}
 	if err := c.Bind(&req); err != nil {
 		return err
 	}
 	login, err := wx.Login(c.Request().Context(), req.Code)
 	if err != nil {
 		return err
 	}
 	if err = login.Err(); err != nil {
 		return err
 	}
 	employee, ticketString, err := repositories.
 		NewCompanyAuthTicketRepository(ctr.MustORM(c)).
 		GenerateForWechat(c.Request().Context(), login.Openid)
 	if err != nil {
 		if !errors.Is(err, gorm.ErrRecordNotFound) {
 			return err
 		}
 		// 微信尚未绑定
 		return errs.ErrWechatNotBound.WithData(echo.Map{
 			"openid": login.Openid,
 		})
 	}
 	var companies []*entities.Company
 	err = ctr.MustORM(c).
 		Model(&entities.Company{}).
 		Where(
 			"EXISTS(?)",
 			db.Model(&entities.CompanyEmployee{}).Where("wechat_openid=?", employee.WechatOpenid),
 		).
 		Find(&companies).
 		Error
 	if err != nil {
 		return err
 	}
 	return rsp.Ok(c, echo.Map{
 		"ticket":    ticketString,
 		"openid":    login.Openid,
 		"companies": companies,
 		"employee":  employee,
 	})
 }
--- a/internal/services/system/controller/system_auth_controller.go
+++ b/internal/services/system/controller/system_auth_controller.go
@ -0,0 +1,67 @@
 package controller
 import (
 	"errors"
 	"github.com/labstack/echo/v4"
 	"github.com/rs/xid"
 	"gorm.io/gorm"
 	"sorbet/internal/entities"
 	"sorbet/internal/errs"
 	"sorbet/internal/services/system/request"
 	"sorbet/internal/util"
 	"sorbet/pkg/crud"
 	"sorbet/pkg/db"
 	"sorbet/pkg/rsp"
 	"sync"
 )
 // 简单的使用内存实现，也就是重启的话必须重新登录
 var logins sync.Map
 type SystemAuthController struct{}
 func (s *SystemAuthController) InitRoutes(r *echo.Group) {
 	r.POST("/system/auth/login", s.Login)
 }
 func (s *SystemAuthController) Login(c echo.Context) error {
 	req, err := crud.Bind[request.SystemAuthLoginRequest](c)
 	if err != nil {
 		return err
 	}
 	var user entities.SystemUser
 	err = db.
 		WithContext(c.Request().Context()).
 		Model(&user).
 		Where("username=?", req.Username).
 		First(&user).
 		Error
 	if err != nil {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return errs.ErrLoginWithUserpwd
 		}
 		return err
 	}
 	if !util.PasswordVerify(req.Password, user.Password) {
 		return errs.ErrLoginWithUserpwd
 	}
 	var ticket string
 	logins.Range(func(key, value any) bool {
 		x := value.(*entities.SystemUser)
 		if x.ID == user.ID {
 			ticket = key.(string)
 			return false
 		}
 		return true
 	})
 	if ticket == "" {
 		ticket = xid.New().String()
 		logins.Store(ticket, &user)
 	}
 	// todo 用户状态
 	return rsp.Ok(c, echo.Map{
 		"user":   user,
 		"ticket": ticket,
 	})
 }
--- a/internal/services/system/request/system_auth_login_request.go
+++ b/internal/services/system/request/system_auth_login_request.go
@ -0,0 +1,15 @@
 package request
 import "sorbet/pkg/v"
 type SystemAuthLoginRequest struct {
 	Username string `json:"username" xml:"username" form:"username"`
 	Password string `json:"password" xml:"password" form:"password"`
 }
 func (r *SystemAuthLoginRequest) Validate() error {
 	return v.Validate(
 		v.Value(r.Username, "username", "用户名").Required().MinLength(2),
 		v.Value(r.Password, "password", "登录密码").Required().MinLength(6),
 	)
 }
--- a/internal/services/system/service.go
+++ b/internal/services/system/service.go
@ -22,6 +22,7 @@ func (s *Service) Init(context.Context) error {
 func (s *Service) Routes() []runtime.Routable {
 	return []runtime.Routable{
 		&controller.SystemAuthController{},
 		&controller.SystemLogController{},
 		&controller.SystemMenuController{},
 		&controller.SystemPermissionController{},
--- a/internal/util/password.go
+++ b/internal/util/password.go
@ -0,0 +1,13 @@
 package util
 import "golang.org/x/crypto/bcrypt"
 func PasswordHash(password string) (string, error) {
 	bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
 	return string(bytes), err
 }
 func PasswordVerify(password, hash string) bool {
 	err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
 	return err == nil
 }
--- a/internal/util/redis.go
+++ b/internal/util/redis.go
@ -0,0 +1 @@
 package util
--- a/pkg/crud/controller.go
+++ b/pkg/crud/controller.go
@ -77,6 +77,14 @@ func (ctr *Controller[Entity, Upsert]) ORM(c echo.Context) (*gorm.DB, error) {
 	return db.DB().WithContext(c.Request().Context()), nil
 }
 func (ctr *Controller[Entity, Upsert]) MustORM(c echo.Context) *gorm.DB {
 	orm, err := ctr.ORM(c)
 	if err != nil {
 		panic(err)
 	}
 	return orm
 }
 // Repository 获取 Repository 实例
 func (ctr *Controller[Entity, Upsert]) Repository(c echo.Context) (*db.Repository[Entity], error) {
 	orm, err := ctr.ORM(c)
@ -86,6 +94,14 @@ func (ctr *Controller[Entity, Upsert]) Repository(c echo.Context) (*db.Repositor
 	return db.NewRepository[Entity](orm), nil
 }
 func (ctr *Controller[Entity, Upsert]) MustRepository(c echo.Context) *db.Repository[Entity] {
 	repository, err := ctr.Repository(c)
 	if err != nil {
 		panic(err)
 	}
 	return repository
 }
 // Create 创建数据
 func (ctr *Controller[Entity, Upsert]) Create(c echo.Context) error {
 	return ctr.upsert(c, true)
--- a/pkg/crud/echo_utils.go
+++ b/pkg/crud/echo_utils.go
@ -1,6 +1,7 @@
 package crud
 import (
 	"errors"
 	"github.com/labstack/echo/v4"
 	"net/http"
 	"reflect"
@ -27,9 +28,15 @@ var binder BodyBinder
 // Validate 验证数据
 func Validate(c echo.Context, t any, guards ...RequestGuarder) error {
 	err := c.Validate(t)
-	if err != nil {
+	if err != nil && !errors.Is(err, echo.ErrValidatorNotRegistered) {
 		return err
 	}
 	if v, ok := t.(interface{ Validate() error }); ok {
 		err = v.Validate()
 		if err != nil {
 			return err
 		}
 	}
 	for _, guard := range guards {
 		err = guard(c, t)
 		if err != nil {