264 lines
8.5 KiB
Go
264 lines
8.5 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/perfect-panel/server/internal/model/user"
|
|
"github.com/perfect-panel/server/internal/svc"
|
|
"github.com/perfect-panel/server/pkg/logger"
|
|
"github.com/perfect-panel/server/pkg/xerr"
|
|
"github.com/pkg/errors"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
type BindDeviceLogic struct {
|
|
logger.Logger
|
|
ctx context.Context
|
|
svcCtx *svc.ServiceContext
|
|
}
|
|
|
|
func NewBindDeviceLogic(ctx context.Context, svcCtx *svc.ServiceContext) *BindDeviceLogic {
|
|
return &BindDeviceLogic{
|
|
Logger: logger.WithContext(ctx),
|
|
ctx: ctx,
|
|
svcCtx: svcCtx,
|
|
}
|
|
}
|
|
|
|
// BindDeviceToUser binds a device to a user
|
|
// If the device is already bound to another user, it will disable that user and bind the device to the current user
|
|
func (l *BindDeviceLogic) BindDeviceToUser(identifier, ip, userAgent string, currentUserId int64) error {
|
|
if identifier == "" {
|
|
// No device identifier provided, skip binding
|
|
return nil
|
|
}
|
|
|
|
l.Infow("binding device to user",
|
|
logger.Field("identifier", identifier),
|
|
logger.Field("user_id", currentUserId),
|
|
logger.Field("ip", ip),
|
|
)
|
|
|
|
// Check if device exists
|
|
deviceInfo, err := l.svcCtx.UserModel.FindOneDeviceByIdentifier(l.ctx, identifier)
|
|
if err != nil {
|
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
|
// Device not found, create new device record
|
|
return l.createDeviceForUser(identifier, ip, userAgent, currentUserId)
|
|
}
|
|
l.Errorw("failed to query device",
|
|
logger.Field("identifier", identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query device failed: %v", err.Error())
|
|
}
|
|
|
|
// Device exists, check if it's bound to current user
|
|
if deviceInfo.UserId == currentUserId {
|
|
// Already bound to current user, just update IP and UserAgent
|
|
l.Infow("device already bound to current user, updating info",
|
|
logger.Field("identifier", identifier),
|
|
logger.Field("user_id", currentUserId),
|
|
)
|
|
deviceInfo.Ip = ip
|
|
deviceInfo.UserAgent = userAgent
|
|
if err := l.svcCtx.UserModel.UpdateDevice(l.ctx, deviceInfo); err != nil {
|
|
l.Errorw("failed to update device",
|
|
logger.Field("identifier", identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseUpdateError), "update device failed: %v", err.Error())
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// Device is bound to another user, need to disable old user and rebind
|
|
l.Infow("device bound to another user, rebinding",
|
|
logger.Field("identifier", identifier),
|
|
logger.Field("old_user_id", deviceInfo.UserId),
|
|
logger.Field("new_user_id", currentUserId),
|
|
)
|
|
|
|
return l.rebindDeviceToNewUser(deviceInfo, ip, userAgent, currentUserId)
|
|
}
|
|
|
|
func (l *BindDeviceLogic) createDeviceForUser(identifier, ip, userAgent string, userId int64) error {
|
|
l.Infow("creating new device for user",
|
|
logger.Field("identifier", identifier),
|
|
logger.Field("user_id", userId),
|
|
)
|
|
|
|
err := l.svcCtx.UserModel.Transaction(l.ctx, func(db *gorm.DB) error {
|
|
// Create device auth method
|
|
authMethod := &user.AuthMethods{
|
|
UserId: userId,
|
|
AuthType: "device",
|
|
AuthIdentifier: identifier,
|
|
Verified: true,
|
|
}
|
|
if err := db.Create(authMethod).Error; err != nil {
|
|
l.Errorw("failed to create device auth method",
|
|
logger.Field("user_id", userId),
|
|
logger.Field("identifier", identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseInsertError), "create device auth method failed: %v", err)
|
|
}
|
|
|
|
// Create device record
|
|
deviceInfo := &user.Device{
|
|
Ip: ip,
|
|
UserId: userId,
|
|
|
|
UserAgent: userAgent,
|
|
Identifier: identifier,
|
|
Enabled: true,
|
|
Online: false,
|
|
}
|
|
if err := db.Create(deviceInfo).Error; err != nil {
|
|
l.Errorw("failed to create device",
|
|
logger.Field("user_id", userId),
|
|
logger.Field("identifier", identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseInsertError), "create device failed: %v", err)
|
|
}
|
|
|
|
return nil
|
|
})
|
|
|
|
if err != nil {
|
|
l.Errorw("device creation failed",
|
|
logger.Field("identifier", identifier),
|
|
logger.Field("user_id", userId),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return err
|
|
}
|
|
|
|
l.Infow("device created successfully",
|
|
logger.Field("identifier", identifier),
|
|
logger.Field("user_id", userId),
|
|
)
|
|
|
|
return nil
|
|
}
|
|
|
|
func (l *BindDeviceLogic) rebindDeviceToNewUser(deviceInfo *user.Device, ip, userAgent string, newUserId int64) error {
|
|
oldUserId := deviceInfo.UserId
|
|
var users []*user.User
|
|
err := l.svcCtx.DB.Where("id in (?)", []int64{oldUserId, newUserId}).Find(&users).Error
|
|
if err != nil {
|
|
l.Errorw("failed to query users for rebinding",
|
|
logger.Field("old_user_id", oldUserId),
|
|
logger.Field("new_user_id", newUserId),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query users failed: %v", err)
|
|
}
|
|
err = l.svcCtx.UserModel.Transaction(l.ctx, func(tx *gorm.DB) error {
|
|
//检查旧设备是否存在认证方式
|
|
var authMethod user.AuthMethods
|
|
err := tx.Where("auth_type = ? AND auth_identifier = ?", "device", deviceInfo.Identifier).Find(&authMethod).Error
|
|
if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
|
|
l.Errorw("failed to query device auth method",
|
|
logger.Field("identifier", deviceInfo.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query device auth method failed: %v", err)
|
|
}
|
|
|
|
//未找到设备认证方式信息,创建新的设备认证方式
|
|
if err != nil {
|
|
authMethod = user.AuthMethods{
|
|
UserId: newUserId,
|
|
AuthType: "device",
|
|
AuthIdentifier: deviceInfo.Identifier,
|
|
Verified: true,
|
|
}
|
|
logger.Infof("create auth method: %v", authMethod)
|
|
if err := tx.Create(&authMethod).Error; err != nil {
|
|
l.Errorw("failed to create device auth method", logger.Field("new_user_id", newUserId),
|
|
logger.Field("error", err.Error()))
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseInsertError), "create device auth method failed: %v", err)
|
|
}
|
|
} else {
|
|
//更新设备认证方式的用户ID为新用户ID
|
|
authMethod.UserId = newUserId
|
|
if err := tx.Save(&authMethod).Error; err != nil {
|
|
l.Errorw("failed to update device auth method",
|
|
logger.Field("identifier", deviceInfo.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseUpdateError), "update device auth method failed: %v", err)
|
|
}
|
|
}
|
|
|
|
//检查旧用户是否还有其他认证方式
|
|
var count int64
|
|
if err := tx.Model(&user.AuthMethods{}).Where("user_id = ?", oldUserId).Count(&count).Error; err != nil {
|
|
l.Errorw("failed to query auth methods for old user",
|
|
logger.Field("old_user_id", oldUserId),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query auth methods failed: %v", err)
|
|
}
|
|
|
|
//如果没有其他认证方式,禁用旧用户账号
|
|
if count < 1 {
|
|
if err := tx.Model(&user.User{}).Where("id = ?", oldUserId).Delete(&user.User{}).Error; err != nil {
|
|
l.Errorw("failed to disable old user",
|
|
logger.Field("old_user_id", oldUserId),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseUpdateError), "disable old user failed: %v", err)
|
|
}
|
|
}
|
|
|
|
l.Infow("disabled old user (no other auth methods)",
|
|
logger.Field("old_user_id", oldUserId),
|
|
)
|
|
|
|
// 更新设备绑定的用户id
|
|
deviceInfo.UserId = newUserId
|
|
deviceInfo.Ip = ip
|
|
deviceInfo.UserAgent = userAgent
|
|
deviceInfo.Enabled = true
|
|
if err := tx.Save(deviceInfo).Error; err != nil {
|
|
l.Errorw("failed to update device",
|
|
logger.Field("identifier", deviceInfo.Identifier),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseUpdateError), "update device failed: %v", err)
|
|
}
|
|
return nil
|
|
})
|
|
|
|
if err != nil {
|
|
l.Errorw("device rebinding failed",
|
|
logger.Field("identifier", deviceInfo.Identifier),
|
|
logger.Field("old_user_id", oldUserId),
|
|
logger.Field("new_user_id", newUserId),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
return err
|
|
}
|
|
|
|
err = l.svcCtx.UserModel.ClearUserCache(l.ctx, users...)
|
|
if err != nil {
|
|
l.Errorw("failed to clear user cache after rebinding",
|
|
logger.Field("old_user_id", oldUserId),
|
|
logger.Field("new_user_id", newUserId),
|
|
logger.Field("error", err.Error()),
|
|
)
|
|
}
|
|
|
|
l.Infow("device rebound successfully",
|
|
logger.Field("identifier", deviceInfo.Identifier),
|
|
logger.Field("old_user_id", oldUserId),
|
|
logger.Field("new_user_id", newUserId),
|
|
)
|
|
|
|
return nil
|
|
}
|