shanshanzhong
3417da2a9e
Some checks failed
Build docker and publish / build (20.15.1) (push) Failing after 7m14s
- 新增 EnableTrialEmailWhitelist + TrialEmailDomainWhitelist 配置 - 邮箱注册/登录:加白名单域名判断,域名匹配才赠送 trial - 设备登录/手机注册:移除 activeTrial,不再自动赠送 - 绑定邮箱(bindEmailWithVerification):绑定成功后检查白名单+防重复赠送 - 新增 IsEmailDomainWhitelisted 导出函数供跨包调用 - 清理 deviceLoginLogic/telephoneUserRegisterLogic 中的 activeTrial 死代码 Co-Authored-By: claude-flow <ruv@ruv.net>
282 lines
8.6 KiB
Go
282 lines
8.6 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"time"
|
|
|
|
"github.com/perfect-panel/server/internal/config"
|
|
"github.com/perfect-panel/server/internal/model/log"
|
|
"github.com/perfect-panel/server/internal/model/user"
|
|
"github.com/perfect-panel/server/internal/svc"
|
|
"github.com/perfect-panel/server/internal/types"
|
|
"github.com/perfect-panel/server/pkg/jwt"
|
|
"github.com/perfect-panel/server/pkg/logger"
|
|
"github.com/perfect-panel/server/pkg/uuidx"
|
|
"github.com/perfect-panel/server/pkg/xerr"
|
|
"github.com/pkg/errors"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
type DeviceLoginLogic struct {
|
|
logger.Logger
|
|
ctx context.Context
|
|
svcCtx *svc.ServiceContext
|
|
}
|
|
|
|
// Device Login
|
|
func NewDeviceLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *DeviceLoginLogic {
|
|
return &DeviceLoginLogic{
|
|
Logger: logger.WithContext(ctx),
|
|
ctx: ctx,
|
|
svcCtx: svcCtx,
|
|
}
|
|
}
|
|
|
|
func (l *DeviceLoginLogic) DeviceLogin(req *types.DeviceLoginRequest) (resp *types.LoginResponse, err error) {
|
|
if !l.svcCtx.Config.Device.Enable {
|
|
return nil, xerr.NewErrMsg("Device login is disabled")
|
|
}
|
|
|
|
loginStatus := false
|
|
var userInfo *user.User
|
|
// Record login status
|
|
defer func() {
|
|
if userInfo != nil && userInfo.Id != 0 {
|
|
loginLog := log.Login{
|
|
Method: "device",
|
|
LoginIP: req.IP,
|
|
UserAgent: req.UserAgent,
|
|
Success: loginStatus,
|
|
Timestamp: time.Now().UnixMilli(),
|
|
}
|
|
content, _ := loginLog.Marshal()
|
|
if err := l.svcCtx.LogModel.Insert(l.ctx, &log.SystemLog{
|
|
Type: log.TypeLogin.Uint8(),
|
|
Date: time.Now().Format("2006-01-02"),
|
|
ObjectID: userInfo.Id,
|
|
Content: string(content),
|
|
}); err != nil {
|
|
l.Errorw("failed to insert login log",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("ip", req.IP),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
}
|
|
}
|
|
}()
|
|
|
|
// Check if device exists by identifier
|
|
deviceInfo, err := l.svcCtx.UserModel.FindOneDeviceByIdentifier(l.ctx, req.Identifier)
|
|
if err != nil {
|
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
|
if !registerIpLimit(l.svcCtx, l.ctx, req.IP, "device", req.Identifier) {
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.RegisterIPLimit), "register ip limit: %v", req.IP)
|
|
}
|
|
// Device not found, create new user and device
|
|
userInfo, err = l.registerUserAndDevice(req)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
} else {
|
|
l.Errorw("query device failed",
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query device failed: %v", err.Error())
|
|
}
|
|
} else {
|
|
// Device found, get user info
|
|
userInfo, err = l.svcCtx.UserModel.FindOne(l.ctx, deviceInfo.UserId)
|
|
if err != nil {
|
|
l.Errorw("query user failed",
|
|
logger.Field("user_id", deviceInfo.UserId),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query user failed: %v", err.Error())
|
|
}
|
|
|
|
// 注销后 device auth_method 被删除,重新登录时需要补回
|
|
hasDeviceAuth := false
|
|
for _, am := range userInfo.AuthMethods {
|
|
if am.AuthType == "device" && am.AuthIdentifier == req.Identifier {
|
|
hasDeviceAuth = true
|
|
break
|
|
}
|
|
}
|
|
if !hasDeviceAuth {
|
|
authMethod := &user.AuthMethods{
|
|
UserId: userInfo.Id,
|
|
AuthType: "device",
|
|
AuthIdentifier: req.Identifier,
|
|
Verified: true,
|
|
}
|
|
if createErr := l.svcCtx.DB.Create(authMethod).Error; createErr != nil {
|
|
l.Errorw("re-create device auth method failed",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", createErr.Error()),
|
|
)
|
|
} else {
|
|
// 清缓存让后续 FindOne 返回最新 AuthMethods
|
|
_ = l.svcCtx.UserModel.ClearUserCache(l.ctx, userInfo)
|
|
}
|
|
}
|
|
}
|
|
|
|
// Generate session id
|
|
sessionId := uuidx.NewUUID().String()
|
|
|
|
// Generate token
|
|
token, err := jwt.NewJwtToken(
|
|
l.svcCtx.Config.JwtAuth.AccessSecret,
|
|
time.Now().Unix(),
|
|
l.svcCtx.Config.JwtAuth.AccessExpire,
|
|
jwt.WithOption("UserId", userInfo.Id),
|
|
jwt.WithOption("SessionId", sessionId),
|
|
jwt.WithOption("CtxLoginType", "device"),
|
|
jwt.WithOption("LoginType", "device"),
|
|
)
|
|
if err != nil {
|
|
l.Errorw("token generate error",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.ERROR), "token generate error: %v", err.Error())
|
|
}
|
|
|
|
// Store session id in redis
|
|
sessionIdCacheKey := fmt.Sprintf("%v:%v", config.SessionIdKey, sessionId)
|
|
if err = l.svcCtx.Redis.Set(l.ctx, sessionIdCacheKey, userInfo.Id, time.Duration(l.svcCtx.Config.JwtAuth.AccessExpire)*time.Second).Err(); err != nil {
|
|
l.Errorw("set session id error",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.ERROR), "set session id error: %v", err.Error())
|
|
}
|
|
|
|
// Store device id in redis
|
|
|
|
deviceCacheKey := fmt.Sprintf("%v:%v", config.DeviceCacheKeyKey, req.Identifier)
|
|
if err = l.svcCtx.Redis.Set(l.ctx, deviceCacheKey, sessionId, time.Duration(l.svcCtx.Config.JwtAuth.AccessExpire)*time.Second).Err(); err != nil {
|
|
l.Errorw("set device id error",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, errors.Wrapf(xerr.NewErrCode(xerr.ERROR), "set device id error: %v", err.Error())
|
|
}
|
|
|
|
loginStatus = true
|
|
return &types.LoginResponse{
|
|
Token: token,
|
|
}, nil
|
|
}
|
|
|
|
func (l *DeviceLoginLogic) registerUserAndDevice(req *types.DeviceLoginRequest) (*user.User, error) {
|
|
l.Infow("device not found, creating new user and device",
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("ip", req.IP),
|
|
)
|
|
|
|
var userInfo *user.User
|
|
err := l.svcCtx.UserModel.Transaction(l.ctx, func(db *gorm.DB) error {
|
|
// Create new user
|
|
userInfo = &user.User{
|
|
Salt: "default",
|
|
OnlyFirstPurchase: &l.svcCtx.Config.Invite.OnlyFirstPurchase,
|
|
}
|
|
if err := db.Create(userInfo).Error; err != nil {
|
|
l.Errorw("failed to create user",
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseInsertError), "create user failed: %v", err)
|
|
}
|
|
|
|
// Update refer code
|
|
userInfo.ReferCode = uuidx.UserInviteCode(userInfo.Id)
|
|
if err := db.Model(&user.User{}).Where("id = ?", userInfo.Id).Update("refer_code", userInfo.ReferCode).Error; err != nil {
|
|
l.Errorw("failed to update refer code",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseUpdateError), "update refer code failed: %v", err)
|
|
}
|
|
|
|
// Create device auth method
|
|
authMethod := &user.AuthMethods{
|
|
UserId: userInfo.Id,
|
|
AuthType: "device",
|
|
AuthIdentifier: req.Identifier,
|
|
Verified: true,
|
|
}
|
|
if err := db.Create(authMethod).Error; err != nil {
|
|
l.Errorw("failed to create device auth method",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseInsertError), "create device auth method failed: %v", err)
|
|
}
|
|
|
|
// Insert device record
|
|
deviceInfo := &user.Device{
|
|
Ip: req.IP,
|
|
UserId: userInfo.Id,
|
|
UserAgent: req.UserAgent,
|
|
Identifier: req.Identifier,
|
|
ShortCode: req.ShortCode,
|
|
Enabled: true,
|
|
Online: false,
|
|
}
|
|
if err := db.Create(deviceInfo).Error; err != nil {
|
|
l.Errorw("failed to insert device",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseInsertError), "insert device failed: %v", err)
|
|
}
|
|
|
|
return nil
|
|
})
|
|
|
|
if err != nil {
|
|
l.Errorw("device registration failed",
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return nil, err
|
|
}
|
|
|
|
l.Infow("device registration completed successfully",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("identifier", req.Identifier),
|
|
logger.Field("refer_code", userInfo.ReferCode),
|
|
)
|
|
|
|
// Register log
|
|
registerLog := log.Register{
|
|
AuthMethod: "device",
|
|
Identifier: req.Identifier,
|
|
RegisterIP: req.IP,
|
|
UserAgent: req.UserAgent,
|
|
Timestamp: time.Now().UnixMilli(),
|
|
}
|
|
content, _ := registerLog.Marshal()
|
|
|
|
if err := l.svcCtx.LogModel.Insert(l.ctx, &log.SystemLog{
|
|
Type: log.TypeRegister.Uint8(),
|
|
Date: time.Now().Format("2006-01-02"),
|
|
ObjectID: userInfo.Id,
|
|
Content: string(content),
|
|
}); err != nil {
|
|
l.Errorw("failed to insert register log",
|
|
logger.Field("user_id", userInfo.Id),
|
|
logger.Field("ip", req.IP),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
}
|
|
|
|
return userInfo, nil
|
|
}
|