shanshanzhong
1bcfa321b7
All checks were successful
Build docker and publish / build (20.15.1) (push) Successful in 7m9s
docs(scripts): 添加测试数据清理脚本的详细使用文档 fix(auth): 修复设备登录时处理孤立认证方法的问题 refactor(public): 改进邮箱绑定逻辑中的推荐码处理
374 lines
12 KiB
Go
374 lines
12 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"time"
|
|
|
|
"github.com/perfect-panel/server/internal/config"
|
|
"github.com/perfect-panel/server/internal/model/log"
|
|
"github.com/perfect-panel/server/internal/model/user"
|
|
"github.com/perfect-panel/server/internal/svc"
|
|
"github.com/perfect-panel/server/internal/types"
|
|
"github.com/perfect-panel/server/pkg/jwt"
|
|
"github.com/perfect-panel/server/pkg/logger"
|
|
"github.com/perfect-panel/server/pkg/tool"
|
|
"github.com/perfect-panel/server/pkg/uuidx"
|
|
"github.com/perfect-panel/server/pkg/xerr"
|
|
"github.com/pkg/errors"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
// DeviceLoginLogic 设备登录逻辑结构体
|
|
type DeviceLoginLogic struct {
|
|
logger.Logger
|
|
ctx context.Context
|
|
svcCtx *svc.ServiceContext
|
|
}
|
|
|
|
// NewDeviceLoginLogic 创建设备登录逻辑实例
|
|
func NewDeviceLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *DeviceLoginLogic {
|
|
return &DeviceLoginLogic{
|
|
Logger: logger.WithContext(ctx),
|
|
ctx: ctx,
|
|
svcCtx: svcCtx,
|
|
}
|
|
}
|
|
|
|
// DeviceLogin 设备登录主要逻辑
|
|
func (l *DeviceLoginLogic) DeviceLogin(req *types.DeviceLoginRequest) (resp *types.LoginResponse, err error) {
|
|
// 检查设备登录是否启用
|
|
if !l.svcCtx.Config.Device.Enable {
|
|
return nil, xerr.NewErrMsg("Device login is disabled")
|
|
}
|
|
|
|
loginStatus := false
|
|
var userInfo *user.User
|
|
|
|
// 延迟执行:记录登录状态日志
|
|
defer func() {
|
|
if userInfo != nil && userInfo.Id != 0 {
|
|
loginLog := log.Login{
|
|
Method: "device",
|
|
LoginIP: req.IP,
|
|
UserAgent: req.UserAgent,
|
|
Success: loginStatus,
|
|
Timestamp: time.Now().UnixMilli(),
|
|
}
|
|
content, _ := loginLog.Marshal()
|
|
if err := l.svcCtx.LogModel.Insert(l.ctx, &log.SystemLog{
|
|
Type: log.TypeLogin.Uint8(),
|
|
Date: time.Now().Format("2006-01-02"),
|
|
ObjectID: userInfo.Id,
|
|
Content: string(content),
|
|
}); err != nil {
|
|
l.Errorw("failed to insert login log",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("ip", req.IP),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
}
|
|
}
|
|
}()
|
|
|
|
// 根据设备标识符查找设备信息
|
|
deviceInfo, err := l.svcCtx.UserModel.FindOneDeviceByIdentifier(l.ctx, req.Identifier)
|
|
if err != nil {
|
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
|
// 设备未找到,但需要检查认证方法是否已存在
|
|
authMethod, authErr := l.svcCtx.UserModel.FindUserAuthMethodByOpenID(l.ctx, "device", req.Identifier)
|
|
if authErr != nil && !errors.Is(authErr, gorm.ErrRecordNotFound) {
|
|
l.Errorw("query auth method failed",
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", authErr.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query auth method failed: %v", authErr.Error())
|
|
}
|
|
|
|
if authMethod != nil {
|
|
// 认证方法存在但设备记录不存在,可能是数据不一致,先检查用户是否存在
|
|
userInfo, err = l.svcCtx.UserModel.FindOne(l.ctx, authMethod.UserId)
|
|
if err != nil {
|
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
|
// 用户不存在,说明是孤立的认证方法记录,需要清理
|
|
l.Errorw("found orphaned auth method record, cleaning up",
|
|
logger.Field("auth_method_id", authMethod.Id),
|
|
logger.Field("user_id", authMethod.UserId),
|
|
logger.Field("identifier", req.Identifier),
|
|
)
|
|
|
|
// 删除孤立的认证方法记录
|
|
if deleteErr := l.svcCtx.UserModel.DeleteUserAuthMethods(l.ctx, authMethod.UserId, authMethod.AuthType); deleteErr != nil {
|
|
l.Errorw("failed to delete orphaned auth method",
|
|
logger.Field("auth_method_id", authMethod.Id),
|
|
logger.Field("error", deleteErr.Error()),
|
|
)
|
|
}
|
|
|
|
// 创建新用户和设备
|
|
userInfo, err = l.registerUserAndDevice(req)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
} else {
|
|
l.Errorw("query user by auth method failed",
|
|
logger.Field("user_id", authMethod.UserId),
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query user failed: %v", err.Error())
|
|
}
|
|
} else {
|
|
// 用户存在,重新创建缺失的设备记录
|
|
deviceInfo := &user.Device{
|
|
Ip: req.IP,
|
|
UserId: userInfo.Id,
|
|
UserAgent: req.UserAgent,
|
|
Identifier: req.Identifier,
|
|
Enabled: true,
|
|
Online: false,
|
|
}
|
|
if err := l.svcCtx.UserModel.InsertDevice(l.ctx, deviceInfo); err != nil {
|
|
l.Errorw("failed to recreate device record",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DatabaseInsertError), "recreate device record failed: %v", err)
|
|
}
|
|
|
|
l.Infow("found existing auth method without device record, recreated device record",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("device_id", deviceInfo.Id),
|
|
)
|
|
}
|
|
} else {
|
|
// 设备和认证方法都不存在,创建新用户和设备
|
|
userInfo, err = l.registerUserAndDevice(req)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
} else {
|
|
l.Errorw("query device failed",
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query device failed: %v", err.Error())
|
|
}
|
|
} else {
|
|
// 设备已存在,获取用户信息
|
|
userInfo, err = l.svcCtx.UserModel.FindOne(l.ctx, deviceInfo.UserId)
|
|
if err != nil {
|
|
l.Errorw("query user failed",
|
|
logger.Field("user_id", deviceInfo.UserId),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query user failed: %v", err.Error())
|
|
}
|
|
}
|
|
|
|
// 生成会话ID
|
|
sessionId := uuidx.NewUUID().String()
|
|
|
|
// 生成JWT令牌
|
|
token, err := jwt.NewJwtToken(
|
|
l.svcCtx.Config.JwtAuth.AccessSecret,
|
|
time.Now().Unix(),
|
|
l.svcCtx.Config.JwtAuth.AccessExpire,
|
|
jwt.WithOption("UserId", userInfo.Id),
|
|
jwt.WithOption("SessionId", sessionId),
|
|
jwt.WithOption("LoginType", "device"),
|
|
)
|
|
if err != nil {
|
|
l.Errorw("token generate error",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.ERROR), "token generate error: %v", err.Error())
|
|
}
|
|
|
|
// 将会话ID存储到Redis中
|
|
sessionIdCacheKey := fmt.Sprintf("%v:%v", config.SessionIdKey, sessionId)
|
|
if err = l.svcCtx.Redis.Set(l.ctx, sessionIdCacheKey, userInfo.Id, time.Duration(l.svcCtx.Config.JwtAuth.AccessExpire)*time.Second).Err(); err != nil {
|
|
l.Errorw("set session id error",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.ERROR), "set session id error: %v", err.Error())
|
|
}
|
|
|
|
loginStatus = true
|
|
return &types.LoginResponse{
|
|
Token: token,
|
|
}, nil
|
|
}
|
|
|
|
// registerUserAndDevice 注册新用户和设备
|
|
func (l *DeviceLoginLogic) registerUserAndDevice(req *types.DeviceLoginRequest) (*user.User, error) {
|
|
l.Infow("device not found, creating new user and device",
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("ip", req.IP),
|
|
)
|
|
|
|
var userInfo *user.User
|
|
// 使用数据库事务确保数据一致性
|
|
err := l.svcCtx.UserModel.Transaction(l.ctx, func(db *gorm.DB) error {
|
|
// 创建新用户
|
|
userInfo = &user.User{
|
|
OnlyFirstPurchase: &l.svcCtx.Config.Invite.OnlyFirstPurchase,
|
|
}
|
|
if err := db.Create(userInfo).Error; err != nil {
|
|
l.Errorw("failed to create user",
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseInsertError), "create user failed: %v", err)
|
|
}
|
|
|
|
// 更新用户邀请码
|
|
userInfo.ReferCode = uuidx.UserInviteCode(userInfo.Id)
|
|
if err := db.Model(&user.User{}).Where("id = ?", userInfo.Id).Update("refer_code", userInfo.ReferCode).Error; err != nil {
|
|
l.Errorw("failed to update refer code",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseUpdateError), "update refer code failed: %v", err)
|
|
}
|
|
|
|
// 创建设备认证方式记录
|
|
authMethod := &user.AuthMethods{
|
|
UserId: userInfo.Id,
|
|
AuthType: "device",
|
|
AuthIdentifier: req.Identifier,
|
|
Verified: true,
|
|
}
|
|
if err := db.Create(authMethod).Error; err != nil {
|
|
l.Errorw("failed to create device auth method",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseInsertError), "create device auth method failed: %v", err)
|
|
}
|
|
|
|
// 插入设备记录
|
|
deviceInfo := &user.Device{
|
|
Ip: req.IP,
|
|
UserId: userInfo.Id,
|
|
UserAgent: req.UserAgent,
|
|
Identifier: req.Identifier,
|
|
Enabled: true,
|
|
Online: false,
|
|
}
|
|
if err := db.Create(deviceInfo).Error; err != nil {
|
|
l.Errorw("failed to insert device",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseInsertError), "insert device failed: %v", err)
|
|
}
|
|
|
|
// 如果启用了试用,则激活试用订阅
|
|
if l.svcCtx.Config.Register.EnableTrial {
|
|
if err := l.activeTrial(userInfo.Id, db); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
return nil
|
|
})
|
|
|
|
if err != nil {
|
|
l.Errorw("device registration failed",
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, err
|
|
}
|
|
|
|
l.Infow("device registration completed successfully",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("refer_code", userInfo.ReferCode),
|
|
)
|
|
|
|
// 记录注册日志
|
|
registerLog := log.Register{
|
|
AuthMethod: "device",
|
|
Identifier: req.Identifier,
|
|
RegisterIP: req.IP,
|
|
UserAgent: req.UserAgent,
|
|
Timestamp: time.Now().UnixMilli(),
|
|
}
|
|
content, _ := registerLog.Marshal()
|
|
|
|
if err := l.svcCtx.LogModel.Insert(l.ctx, &log.SystemLog{
|
|
Type: log.TypeRegister.Uint8(),
|
|
Date: time.Now().Format("2006-01-02"),
|
|
ObjectID: userInfo.Id,
|
|
Content: string(content),
|
|
}); err != nil {
|
|
l.Errorw("failed to insert register log",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("ip", req.IP),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
}
|
|
|
|
return userInfo, nil
|
|
}
|
|
|
|
// activeTrial 激活试用订阅
|
|
func (l *DeviceLoginLogic) activeTrial(userId int64, db *gorm.DB) error {
|
|
// 查找试用订阅模板
|
|
sub, err := l.svcCtx.SubscribeModel.FindOne(l.ctx, l.svcCtx.Config.Register.TrialSubscribe)
|
|
if err != nil {
|
|
l.Errorw("failed to find trial subscription template",
|
|
logger.Field("user_id", userId),
|
|
logger.Field("trial_subscribe_id", l.svcCtx.Config.Register.TrialSubscribe),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return err
|
|
}
|
|
|
|
// 计算试用期时间
|
|
startTime := time.Now()
|
|
expireTime := tool.AddTime(l.svcCtx.Config.Register.TrialTimeUnit, l.svcCtx.Config.Register.TrialTime, startTime)
|
|
subscribeToken := uuidx.SubscribeToken(fmt.Sprintf("Trial-%v", userId))
|
|
subscribeUUID := uuidx.NewUUID().String()
|
|
|
|
// 创建用户订阅记录
|
|
userSub := &user.Subscribe{
|
|
UserId: userId,
|
|
OrderId: 0,
|
|
SubscribeId: sub.Id,
|
|
StartTime: startTime,
|
|
ExpireTime: expireTime,
|
|
Traffic: sub.Traffic,
|
|
Download: 0,
|
|
Upload: 0,
|
|
Token: subscribeToken,
|
|
UUID: subscribeUUID,
|
|
Status: 1,
|
|
}
|
|
|
|
if err := db.Create(userSub).Error; err != nil {
|
|
l.Errorw("failed to insert trial subscription",
|
|
logger.Field("user_id", userId),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return err
|
|
}
|
|
|
|
l.Infow("trial subscription activated successfully",
|
|
logger.Field("user_id", userId),
|
|
logger.Field("subscribe_id", sub.Id),
|
|
logger.Field("expire_time", expireTime),
|
|
logger.Field("traffic", sub.Traffic),
|
|
)
|
|
|
|
return nil
|
|
}
|