package auth import ( "context" "encoding/json" "fmt" "net/http" "time" "github.com/perfect-panel/server/internal/config" "github.com/perfect-panel/server/internal/logic/common" "github.com/perfect-panel/server/internal/model/log" "github.com/perfect-panel/server/internal/model/user" "github.com/perfect-panel/server/internal/svc" "github.com/perfect-panel/server/internal/types" "github.com/perfect-panel/server/pkg/constant" "github.com/perfect-panel/server/pkg/jwt" "github.com/perfect-panel/server/pkg/logger" "github.com/perfect-panel/server/pkg/phone" "github.com/perfect-panel/server/pkg/tool" "github.com/perfect-panel/server/pkg/uuidx" "github.com/perfect-panel/server/pkg/xerr" "github.com/pkg/errors" "gorm.io/gorm" ) type TelephoneLoginLogic struct { logger.Logger ctx context.Context svcCtx *svc.ServiceContext } // User Telephone login func NewTelephoneLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *TelephoneLoginLogic { return &TelephoneLoginLogic{ Logger: logger.WithContext(ctx), ctx: ctx, svcCtx: svcCtx, } } func (l *TelephoneLoginLogic) TelephoneLogin(req *types.TelephoneLoginRequest, r *http.Request, ip string) (resp *types.LoginResponse, err error) { phoneNumber, err := phone.FormatToE164(req.TelephoneAreaCode, req.Telephone) if err != nil { return nil, errors.Wrapf(xerr.NewErrCode(xerr.TelephoneError), "Invalid phone number") } if !l.svcCtx.Config.Mobile.Enable { return nil, errors.Wrapf(xerr.NewErrCode(xerr.SmsNotEnabled), "sms login is not enabled") } loginStatus := false var userInfo *user.User // Record login status defer func(svcCtx *svc.ServiceContext) { if userInfo.Id != 0 { loginLog := log.Login{ Method: "mobile", LoginIP: ip, UserAgent: r.UserAgent(), Success: loginStatus, Timestamp: time.Now().UnixMilli(), } content, _ := loginLog.Marshal() if err := l.svcCtx.LogModel.Insert(l.ctx, &log.SystemLog{ Id: 0, Type: log.TypeLogin.Uint8(), Date: time.Now().Format("2006-01-02"), ObjectID: userInfo.Id, Content: string(content), }); err != nil { l.Errorw("failed to insert login log", logger.Field("user_id", userInfo.Id), logger.Field("ip", req.IP), logger.Field("error", err.Error()), ) } } }(l.svcCtx) authMethodInfo, err := l.svcCtx.UserModel.FindUserAuthMethodByOpenID(l.ctx, "mobile", phoneNumber) if err != nil { if errors.As(err, gorm.ErrRecordNotFound) { return nil, errors.Wrapf(xerr.NewErrCode(xerr.UserNotExist), "user telephone not exist: %v", req.Telephone) } return nil, errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query user info failed: %v", err.Error()) } userInfo, err = l.svcCtx.UserModel.FindOne(l.ctx, authMethodInfo.UserId) if err != nil { if errors.As(err, gorm.ErrRecordNotFound) { return nil, errors.Wrapf(xerr.NewErrCode(xerr.UserNotExist), "user telephone not exist: %v", req.Telephone) } return nil, errors.Wrapf(xerr.NewErrCode(xerr.DatabaseQueryError), "query user info failed: %v", err.Error()) } if req.Password == "" && req.TelephoneCode == "" { return nil, xerr.NewErrCodeMsg(xerr.InvalidParams, "password and telephone code is empty") } if req.TelephoneCode == "" { // Verify password if !tool.MultiPasswordVerify(userInfo.Algo, userInfo.Salt, req.Password, userInfo.Password) { return nil, errors.Wrapf(xerr.NewErrCode(xerr.UserPasswordError), "user password") } } else { cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeTelephoneCacheKey, constant.ParseVerifyType(uint8(constant.Security)), phoneNumber) value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result() if err != nil { l.Errorw("Redis Error", logger.Field("error", err.Error()), logger.Field("cacheKey", cacheKey)) return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "code error") } if value == "" { return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "code error") } var payload common.CacheKeyPayload if err := json.Unmarshal([]byte(value), &payload); err != nil { l.Errorw("[SendSmsCode]: Unmarshal Error", logger.Field("error", err.Error()), logger.Field("value", value)) } if payload.Code != req.TelephoneCode { return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "code error") } l.svcCtx.Redis.Del(l.ctx, cacheKey) } // Generate session id sessionId := uuidx.NewUUID().String() // Generate token token, err := jwt.NewJwtToken( l.svcCtx.Config.JwtAuth.AccessSecret, time.Now().Unix(), l.svcCtx.Config.JwtAuth.AccessExpire, jwt.WithOption("UserId", userInfo.Id), jwt.WithOption("SessionId", sessionId), ) if err != nil { l.Logger.Error("[UserLogin] token generate error", logger.Field("error", err.Error())) return nil, errors.Wrapf(xerr.NewErrCode(xerr.ERROR), "token generate error: %v", err.Error()) } sessionIdCacheKey := fmt.Sprintf("%v:%v", config.SessionIdKey, sessionId) if err = l.svcCtx.Redis.Set(l.ctx, sessionIdCacheKey, userInfo.Id, time.Duration(l.svcCtx.Config.JwtAuth.AccessExpire)*time.Second).Err(); err != nil { return nil, errors.Wrapf(xerr.NewErrCode(xerr.ERROR), "set session id error: %v", err.Error()) } loginStatus = true return &types.LoginResponse{ Token: token, }, nil }