rogee/quyun-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: update auth and portal

Browse Source
This commit is contained in:
Rogee
2026-01-14 11:29:17 +08:00
parent fb0a1c2f84
commit 3bcee7efc2
42 changed files with 5969 additions and 3014 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
backend/app/services/super.go
View File

@@ -27,12 +27,22 @@ type super struct {
}
func (s *super) Login(ctx context.Context, form *super_dto.LoginForm) (*super_dto.LoginResponse, error) {
tbl, q := models.UserQuery.QueryContext(ctx)
u, err := q.Where(tbl.Username.Eq(form.Username)).First()
if err != nil {
return nil, errorx.ErrInvalidCredentials.WithMsg("账号或密码错误")
if form == nil {
return nil, errorx.ErrInvalidParameter.WithMsg("登录参数不能为空")
}
if u.Password != form.Password {
username := strings.TrimSpace(form.Username)
password := strings.TrimSpace(form.Password)
if username == "" || password == "" {
return nil, errorx.ErrInvalidParameter.WithMsg("账号或密码不能为空")
}
// 校验账号与权限。
tbl, q := models.UserQuery.QueryContext(ctx)
u, err := q.Where(tbl.Username.Eq(username)).First()
if err != nil {
return nil, errorx.ErrInvalidCredentials.WithCause(err).WithMsg("账号或密码错误")
}
if u.Password != password {
return nil, errorx.ErrInvalidCredentials.WithMsg("账号或密码错误")
}
if u.Status == consts.UserStatusBanned {
@@ -42,11 +52,12 @@ func (s *super) Login(ctx context.Context, form *super_dto.LoginForm) (*super_dt
return nil, errorx.ErrForbidden.WithMsg("无权限访问")
}
// 生成登录令牌。
token, err := s.jwt.CreateToken(s.jwt.CreateClaims(jwt_provider.BaseClaims{
UserID: u.ID,
}))
if err != nil {
return nil, errorx.ErrInternalError.WithMsg("生成令牌失败")
return nil, errorx.ErrInternalError.WithCause(err).WithMsg("生成令牌失败")
}
return &super_dto.LoginResponse{
@@ -68,7 +79,10 @@ func (s *super) CheckToken(ctx context.Context, token string) (*super_dto.LoginR
tbl, q := models.UserQuery.QueryContext(ctx)
u, err := q.Where(tbl.ID.Eq(claims.UserID)).First()
if err != nil {
return nil, errorx.ErrUnauthorized.WithMsg("UserNotFound")
return nil, errorx.ErrUnauthorized.WithCause(err).WithMsg("UserNotFound")
}
if u.Status == consts.UserStatusBanned {
return nil, errorx.ErrAccountDisabled
}
if !hasRole(u.Roles, consts.RoleSuperAdmin) {
return nil, errorx.ErrForbidden.WithMsg("无权限访问")
@@ -78,7 +92,7 @@ func (s *super) CheckToken(ctx context.Context, token string) (*super_dto.LoginR
UserID: u.ID,
}))
if err != nil {
return nil, errorx.ErrInternalError.WithMsg("生成令牌失败")
return nil, errorx.ErrInternalError.WithCause(err).WithMsg("生成令牌失败")
}
return &super_dto.LoginResponse{