mirror of
https://gitee.com/shikong-sk/gofiber-study
synced 2025-02-25 00:02:17 +08:00
145 lines
3.3 KiB
Go
145 lines
3.3 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"encoding/base64"
|
|
"errors"
|
|
"github.com/goccy/go-json"
|
|
"gofiber.study.skcks.cn/common/logger"
|
|
"gofiber.study.skcks.cn/common/utils"
|
|
"gofiber.study.skcks.cn/global"
|
|
"gofiber.study.skcks.cn/middleware"
|
|
"gofiber.study.skcks.cn/model/dto"
|
|
"gofiber.study.skcks.cn/model/generic/models"
|
|
"gofiber.study.skcks.cn/model/vo"
|
|
"time"
|
|
)
|
|
|
|
var (
|
|
PasswordIsEmpty = errors.New("密码不能为空")
|
|
Failed = errors.New("账号或密码错误")
|
|
InvalidRefreshToken = errors.New("刷新令牌已失效")
|
|
)
|
|
|
|
const (
|
|
Separator = ":"
|
|
RefreshTokenPrefix = "RefreshToken" + Separator
|
|
)
|
|
|
|
type Service struct {
|
|
}
|
|
|
|
var Services *Service
|
|
|
|
func InitService() {
|
|
Services = &Service{}
|
|
}
|
|
|
|
// generateAndSaveRefreshToken
|
|
//
|
|
// 生成并保存 refreshToken 刷新令牌
|
|
func (s *Service) generateAndSaveRefreshToken(user *models.User) (refreshTokenB64 string, err error) {
|
|
refreshTokenB64, err = global.GetNanoId()
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
refreshTokenB64 = user.Id + Separator + refreshTokenB64
|
|
|
|
expire := time.Duration(global.Config.Jwt.Expire*2) * time.Second
|
|
ctx := context.Background()
|
|
global.Redis.Set(ctx, RefreshTokenPrefix+refreshTokenB64, utils.Json(user), expire)
|
|
|
|
// base64 加密
|
|
return base64.StdEncoding.EncodeToString([]byte(refreshTokenB64)), err
|
|
}
|
|
|
|
func (s *Service) fromRefreshTokenGetUserCache(refreshTokenB64 string) (user *models.User, err error) {
|
|
refreshTokenBytes, err := base64.StdEncoding.DecodeString(refreshTokenB64)
|
|
if err != nil {
|
|
return nil, InvalidRefreshToken
|
|
}
|
|
|
|
refreshToken := RefreshTokenPrefix + string(refreshTokenBytes)
|
|
|
|
ctx := context.Background()
|
|
data, err := global.Redis.Get(ctx, refreshToken).Result()
|
|
if err != nil {
|
|
return nil, InvalidRefreshToken
|
|
}
|
|
global.Redis.Del(ctx, refreshToken)
|
|
cache := &models.User{}
|
|
err = json.Unmarshal([]byte(data), cache)
|
|
if err != nil {
|
|
return nil, InvalidRefreshToken
|
|
}
|
|
|
|
user = &models.User{Id: cache.Id, Account: cache.Account}
|
|
exist, err := global.DataSources.Get(user)
|
|
if !exist {
|
|
logger.Log.Infof("未能从 %s 找到用户信息", refreshToken)
|
|
return nil, InvalidRefreshToken
|
|
}
|
|
return
|
|
}
|
|
|
|
func (s *Service) getUserClaims(user *models.User) global.UserClaims {
|
|
return global.UserClaims{
|
|
Id: user.Id,
|
|
Account: user.Account,
|
|
Identify: "user" + middleware.CasBinSeparator + user.Account,
|
|
}
|
|
}
|
|
|
|
func (s *Service) Login(login *dto.Login) (result *vo.Login, err error) {
|
|
err = global.ValidateStruct(login)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
user := &models.User{Account: login.Account, Password: login.Password}
|
|
exist, err := global.DataSources.Get(user)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
if !exist {
|
|
return nil, Failed
|
|
}
|
|
|
|
token, err := global.GetToken(s.getUserClaims(user))
|
|
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
refreshToken, err := s.generateAndSaveRefreshToken(user)
|
|
|
|
_, _ = global.DataSources.Update(user)
|
|
|
|
return &vo.Login{
|
|
Token: token,
|
|
RefreshToken: refreshToken,
|
|
}, err
|
|
}
|
|
|
|
func (s *Service) RefreshToken(refreshTokenB64 string) (result *vo.Login, err error) {
|
|
user, err := s.fromRefreshTokenGetUserCache(refreshTokenB64)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
token, err := global.GetToken(s.getUserClaims(user))
|
|
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
refreshToken, err := s.generateAndSaveRefreshToken(user)
|
|
|
|
return &vo.Login{
|
|
Token: token,
|
|
RefreshToken: refreshToken,
|
|
}, err
|
|
}
|