From d44e8e11210b75c34cfb1cda1936b9bc9f048edf Mon Sep 17 00:00:00 2001 From: Rogee Date: Sun, 8 Dec 2024 13:31:39 +0800 Subject: [PATCH] fix: issues --- backend/config.toml | 4 ++ backend/main_test.go | 31 ++++++++++ .../middlewares/m_wechat_auth_userinfo.go | 16 +++-- backend/modules/users/controller.go | 2 +- backend/modules/users/service.go | 10 +-- backend/providers/wechat/errors.go | 12 ++-- backend/providers/wechat/response.go | 16 ++--- backend/providers/wechat/wechat.go | 61 +++++++++++++------ 8 files changed, 111 insertions(+), 41 deletions(-) diff --git a/backend/config.toml b/backend/config.toml index 90d2485..cf81473 100755 --- a/backend/config.toml +++ b/backend/config.toml @@ -23,7 +23,11 @@ AppId = "wx45745a8c51091ae0" AppSecret = "2ab33bc79d9b47efa4abef19d66e1977" Token = "W8Xhw5TivYBgY" AesKey = "F6AqCxAV4W1eCrY6llJ2zapphKK49CQN3RgtPDrjhnI" +DevMode = true +[JWT] +ExpiresTime = "168h" +SignKey = "LiXi.Y@140202" [HashIDs] Salt = "LiXi.Y@140202" diff --git a/backend/main_test.go b/backend/main_test.go index 929e973..3532d3a 100755 --- a/backend/main_test.go +++ b/backend/main_test.go @@ -1,6 +1,7 @@ package main import ( + "encoding/json" "testing" "backend/common/service/model" @@ -32,3 +33,33 @@ func Test_GenModel2(t *testing.T) { t.Logf("%+v", oauthInfo) } + +type Response struct { + ErrCode int `json:"errcode"` +} + +func (r *Response) Error() error { + return nil +} + +type Access struct { + Response + AccessToken string `json:"access_token"` +} + +func Test_Data(t *testing.T) { + data := &Access{ + Response: Response{ + ErrCode: 0, + }, + AccessToken: "123", + } + b, err := json.Marshal(data) + if err != nil { + t.Fatal(err) + } + + data.Error() + + t.Logf("%s", b) +} diff --git a/backend/modules/middlewares/m_wechat_auth_userinfo.go b/backend/modules/middlewares/m_wechat_auth_userinfo.go index 3e549d9..8ed3c19 100644 --- a/backend/modules/middlewares/m_wechat_auth_userinfo.go +++ b/backend/modules/middlewares/m_wechat_auth_userinfo.go @@ -19,6 +19,7 @@ func (f *Middlewares) WeChatAuthUserInfo(c fiber.Ctx) error { return c.Next() } + log.WithField("module", "middleware.AuthUserInfo").Debugf("query: %v", c.Queries()) state := c.Query("state") code := c.Query("code") @@ -29,13 +30,14 @@ func (f *Middlewares) WeChatAuthUserInfo(c fiber.Ctx) error { if state != "sns_basic_auth" { return c.Next() } - log.WithField("module", "middleware.AuthUserInfo").Debug("code", code) + log.WithField("module", "middleware.AuthUserInfo").Debugf("code: %s, state: %s", code, state) // get the openid token, err := f.client.AuthorizeCode2Token(code) if err != nil { return errors.Wrap(err, "failed to get openid") } + log.Debugf("tokenInfo %+v", token) paths := lo.Filter(strings.Split(c.Path(), "/"), func(s string, _ int) bool { return s != "" @@ -58,20 +60,24 @@ func (f *Middlewares) WeChatAuthUserInfo(c fiber.Ctx) error { if err := copier.Copy(&oauthInfo, token); err != nil { return errors.Wrap(err, "failed to copy oauth info") } + log.Debugf("oauthInfo %+v", oauthInfo) user, err := f.userSvc.GetOrNew(c.Context(), tenant.ID, token.Openid, oauthInfo) if err != nil { return errors.Wrap(err, "failed to get user") } - claim := f.jwt.CreateClaims(jwt.BaseClaims{OpenID: user.OpenID}) - claim.ID = user.OpenID + claim := f.jwt.CreateClaims(jwt.BaseClaims{ + OpenID: user.OpenID, + Tenant: tenantSlug, + UserID: user.ID, + TenantID: tenant.ID, + }) jwtToken, err := f.jwt.CreateToken(claim) if err != nil { return errors.Wrap(err, "failed to create token") } - _ = jwtToken // TODO: send html with jwt token - return c.SendString("Tenant: " + tenantSlug) + return c.SendString(jwtToken) } diff --git a/backend/modules/users/controller.go b/backend/modules/users/controller.go index dbe6582..6a9ee9a 100644 --- a/backend/modules/users/controller.go +++ b/backend/modules/users/controller.go @@ -9,6 +9,6 @@ type Controller struct { // List func (c *Controller) List(ctx fiber.Ctx) error { - return ctx.SendString(ctx.Params("tenant", "no tenant")) + return ctx.SendString(ctx.Params("tenant", "no user")) return ctx.JSON(nil) } diff --git a/backend/modules/users/service.go b/backend/modules/users/service.go index 36aee45..4aa8182 100644 --- a/backend/modules/users/service.go +++ b/backend/modules/users/service.go @@ -161,7 +161,7 @@ func (svc *Service) TenantHasUser(ctx context.Context, userID, tenantID int64) ( tbl := table.UsersTenants stmt := tbl. - SELECT(COUNT(tbl.ID)). + SELECT(COUNT(tbl.ID).AS("cnt")). WHERE( tbl.UserID.EQ(Int64(userID)).AND( tbl.TenantID.EQ(Int64(tenantID)), @@ -169,12 +169,14 @@ func (svc *Service) TenantHasUser(ctx context.Context, userID, tenantID int64) ( ) log.Debug(stmt.DebugSql()) - var cnt int - if err := stmt.QueryContext(ctx, db.FromContext(ctx, svc.db), &cnt); err != nil { + var result struct { + cnt int64 + } + if err := stmt.QueryContext(ctx, db.FromContext(ctx, svc.db), &result); err != nil { return false, errors.Wrap(err, "failed to query user-tenant relation") } - return cnt > 0, nil + return result.cnt > 0, nil } // CreateTenantUser diff --git a/backend/providers/wechat/errors.go b/backend/providers/wechat/errors.go index 58c8609..e8da727 100644 --- a/backend/providers/wechat/errors.go +++ b/backend/providers/wechat/errors.go @@ -23,8 +23,12 @@ import "github.com/pkg/errors" // 10013 state不能为空 // 10015 公众号未授权第三方平台,请检查授权状态 // 10016 不支持微信开放平台的Appid,请使用公众号Appid -func translateError(errCode int) error { - errors := map[int]error{ +func translateError(errCode int, msg string) error { + if errCode == 0 { + return nil + } + + errs := map[int]error{ 0: nil, -1: errors.New("系统繁忙,此时请开发者稍候再试"), 40001: errors.New("AppSecret错误或者AppSecret不属于这个公众号,请开发者确认AppSecret的正确性"), @@ -48,8 +52,8 @@ func translateError(errCode int) error { 10016: errors.New("不支持微信开放平台的Appid,请使用公众号Appid"), } - if err, ok := errors[errCode]; ok { + if err, ok := errs[errCode]; ok { return err } - return nil + return errors.New(msg) } diff --git a/backend/providers/wechat/response.go b/backend/providers/wechat/response.go index cea6324..c6d6036 100644 --- a/backend/providers/wechat/response.go +++ b/backend/providers/wechat/response.go @@ -1,16 +1,16 @@ package wechat -type Response struct { - ErrCode int `json:"errcode"` - ErrMsg int `json:"errmsg"` - ErrDescribe int `json:"-"` +type ErrorResponse struct { + ErrCode int `json:"errcode,omitempty"` + ErrMsg string `json:"errmsg,omitempty"` } -func (r *Response) Error() error { - return translateError(r.ErrCode) +func (r *ErrorResponse) Error() error { + return translateError(r.ErrCode, r.ErrMsg) } type AccessTokenResponse struct { - AccessToken string `json:"access_token"` - ExpiresIn int `json:"expires_in"` // seconds + ErrorResponse + AccessToken string `json:"access_token,omitempty"` + ExpiresIn int `json:"expires_in,omitempty"` // seconds } diff --git a/backend/providers/wechat/wechat.go b/backend/providers/wechat/wechat.go index 1874f62..6ae91fd 100644 --- a/backend/providers/wechat/wechat.go +++ b/backend/providers/wechat/wechat.go @@ -80,13 +80,22 @@ func (we *Client) GetAccessToken() (*AccessTokenResponse, error) { "grant_type": "client_credential", } - var data AccessTokenResponse - _, err := we.client.R().SetSuccessResult(&data).SetQueryParams(params).Get("/cgi-bin/token") + var data ErrorResponse + resp, err := we.client.R().SetSuccessResult(&data).SetQueryParams(params).Get("/cgi-bin/token") if err != nil { return nil, errors.Wrap(err, "call /cgi-bin/token failed") } - return &data, nil + if data.ErrCode != 0 { + return nil, data.Error() + } + + var token AccessTokenResponse + if err := resp.Unmarshal(&token); err != nil { + return nil, errors.Wrap(err, "parse response failed") + } + + return &token, nil } // ScopeAuthorizeURL @@ -115,13 +124,14 @@ func (we *Client) ScopeAuthorizeURL(opts ...ScopeAuthorizeURLOptions) (*url.URL, } type AuthorizeAccessToken struct { - AccessToken string `json:"access_token"` - ExpiresIn int64 `json:"expires_in"` - IsSnapshotuser int64 `json:"is_snapshotuser"` - Openid string `json:"openid"` - RefreshToken string `json:"refresh_token"` - Scope string `json:"scope"` - Unionid string `json:"unionid"` + ErrorResponse + AccessToken string `json:"access_token,omitempty"` + ExpiresIn int64 `json:"expires_in,omitempty"` + IsSnapshotuser int64 `json:"is_snapshotuser,omitempty"` + Openid string `json:"openid,omitempty"` + RefreshToken string `json:"refresh_token,omitempty"` + Scope string `json:"scope,omitempty"` + Unionid string `json:"unionid,omitempty"` } func (we *Client) AuthorizeCode2Token(code string) (*AuthorizeAccessToken, error) { @@ -136,6 +146,10 @@ func (we *Client) AuthorizeCode2Token(code string) (*AuthorizeAccessToken, error return nil, errors.Wrap(err, "call /sns/oauth2/access_token failed") } + if err := data.Error(); err != nil { + return nil, err + } + return &data, nil } @@ -151,19 +165,24 @@ func (we *Client) AuthorizeRefreshAccessToken(accessToken string) (*AuthorizeAcc return nil, errors.Wrap(err, "call /sns/oauth2/refresh_token failed") } + if err := data.Error(); err != nil { + return nil, err + } + return &data, nil } type AuthorizeUserInfo struct { - City string `json:"city"` - Country string `json:"country"` - Headimgurl string `json:"headimgurl"` - Nickname string `json:"nickname"` - Openid string `json:"openid"` - Privilege []string `json:"privilege"` - Province string `json:"province"` - Sex int64 `json:"sex"` - Unionid string `json:"unionid"` + ErrorResponse + City string `json:"city,omitempty"` + Country string `json:"country,omitempty"` + Headimgurl string `json:"headimgurl,omitempty"` + Nickname string `json:"nickname,omitempty"` + Openid string `json:"openid,omitempty"` + Privilege []string `json:"privilege,omitempty"` + Province string `json:"province,omitempty"` + Sex int64 `json:"sex,omitempty"` + Unionid string `json:"unionid,omitempty"` } func (we *Client) AuthorizeUserInfo(accessToken, openID string) (*AuthorizeUserInfo, error) { @@ -178,5 +197,9 @@ func (we *Client) AuthorizeUserInfo(accessToken, openID string) (*AuthorizeUserI return nil, errors.Wrap(err, "call /sns/userinfo failed") } + if err := data.Error(); err != nil { + return nil, err + } + return &data, nil }