From 5598181a484c0a211bd748cb93568fc36d17116d Mon Sep 17 00:00:00 2001 From: shanshanzhong Date: Wed, 31 Dec 2025 02:09:31 -0800 Subject: [PATCH] =?UTF-8?q?fix(auth):=20=E4=BF=AE=E5=A4=8D=E9=82=AE?= =?UTF-8?q?=E4=BB=B6=E9=AA=8C=E8=AF=81=E7=A0=81=E9=80=BB=E8=BE=91=EF=BC=8C?= =?UTF-8?q?=E6=94=AF=E6=8C=81=E5=A4=9A=E7=A7=8D=E5=9C=BA=E6=99=AF=E9=AA=8C?= =?UTF-8?q?=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 修改邮件验证码校验逻辑,使其能够处理注册和安全验证等多种场景。移除不再需要的用户绑定检查,简化代码逻辑。 --- internal/logic/auth/emailLoginLogic.go | 36 ++++++++++++--------- internal/logic/common/sendEmailCodeLogic.go | 2 -- 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/internal/logic/auth/emailLoginLogic.go b/internal/logic/auth/emailLoginLogic.go index b92482e..545d086 100644 --- a/internal/logic/auth/emailLoginLogic.go +++ b/internal/logic/auth/emailLoginLogic.go @@ -60,23 +60,29 @@ func (l *EmailLoginLogic) EmailLogin(req *types.EmailLoginRequest) (resp *types. // So the frontend probably sends type="login" (or similar). // Let's check `constant` package for available types? I don't see it. // Assuming `constant.Security` for generic verification. - cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, constant.Security, req.Email) - value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result() - if err != nil { - l.Errorw("Verification code error (Redis get)", logger.Field("cacheKey", cacheKey), logger.Field("error", err.Error())) + scenes := []string{constant.Security.String(), constant.Register.String()} + var verified bool + var cacheKeyUsed string + var payload common.CacheKeyPayload + for _, scene := range scenes { + cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, scene, req.Email) + value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result() + if err != nil || value == "" { + continue + } + if err := json.Unmarshal([]byte(value), &payload); err != nil { + continue + } + if payload.Code == req.Code { + verified = true + cacheKeyUsed = cacheKey + break + } + } + if !verified { return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "verification code error or expired") } - - var payload common.CacheKeyPayload - if err := json.Unmarshal([]byte(value), &payload); err != nil { - l.Errorw("Unmarshal error", logger.Field("error", err.Error()), logger.Field("value", value)) - return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "verification code error") - } - if payload.Code != req.Code { - return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "verification code mismatch") - } - // Delete code after use? Or keep it? Usually delete. - l.svcCtx.Redis.Del(l.ctx, cacheKey) + l.svcCtx.Redis.Del(l.ctx, cacheKeyUsed) // Check User diff --git a/internal/logic/common/sendEmailCodeLogic.go b/internal/logic/common/sendEmailCodeLogic.go index c538d72..1764ed9 100644 --- a/internal/logic/common/sendEmailCodeLogic.go +++ b/internal/logic/common/sendEmailCodeLogic.go @@ -78,8 +78,6 @@ func (l *SendEmailCodeLogic) SendEmailCode(req *types.SendCodeRequest) (resp *ty } if constant.ParseVerifyType(req.Type) == constant.Register && m.Id > 0 { return nil, errors.Wrapf(xerr.NewErrCode(xerr.UserExist), "mobile already bind") - } else if constant.ParseVerifyType(req.Type) == constant.Security && m.Id == 0 { - return nil, errors.Wrapf(xerr.NewErrCode(xerr.UserNotExist), "mobile not bind") } var payload CacheKeyPayload