package handler import ( "context" "fmt" "github.com/sirupsen/logrus" "go-micro.dev/v4/auth" "go-micro.dev/v4/metadata" "golang.org/x/crypto/bcrypt" "sghgogs.com/sghblog/authorization-service/domain/service" pb "sghgogs.com/sghblog/authorization-service/proto" "sghgogs.com/sghblog/authorization-service/utils/authutil" "sghgogs.com/sghblog/common" "sghgogs.com/sghblog/common/errorcode" "strconv" "strings" "time" ) type AdminCommon struct { Service service.IService } func ConvertTimeToInt64(t time.Time) int64 { return t.Unix() } // checkPasswordHash 验证用户输入的密码是否与存储的哈希值匹配 func checkPasswordHash(password, hash string) bool { err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) return err == nil } func (svc *AdminCommon) AdminLogin(ctx context.Context, loginUser *pb.AdminLoginRequest, rsp *pb.AdminLoginResponse) error { // 1. 查询 if user, uErr := svc.Service.AdminLogin(loginUser.Username, loginUser.Password); uErr != nil { return uErr } else { rsp.User = &user md := map[string]string{} md["username"] = user.Username md["user_id"] = fmt.Sprintf("%d", user.Id) md["phone_number"] = user.PhoneNumber md["password"] = loginUser.Password var roles []string for _, role := range user.Roles { roles = append(roles, strings.ToLower(role.Key)) } generate, err := authutil.JWTAuthService.GenerateToken( user.Id, "system", "user", loginUser.Password, roles, md, ) if err != nil { return errorcode.BadRequest("authorization service", common.ErrorMessage[common.FailedToGenerateTokenErrorCode]) } token, err := authutil.JWTAuthService.Token(user.Id, generate.Secret) if err != nil { return errorcode.BadRequest("authorization service", common.ErrorMessage[common.FailedToGenerateTokenErrorCode]) } if err = authutil.JWTAuthService.StoreToken(ctx, user.Id, user.Username, token.AccessToken); err != nil { return errorcode.BadRequest("authorization service", common.ErrorMessage[common.FailedToStoreTokenErrorCode]) } rsp.Token = token.AccessToken } return nil } func (svc *AdminCommon) AdminLogout(ctx context.Context, logoutRequest *pb.AdminLogoutRequest, rsp *pb.AdminLogoutResponse) error { fmt.Println("进退出") md, b := metadata.FromContext(ctx) if !b { return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.UnauthorizedErrorCode]) } authHeader, ok := md["Authorization"] if !ok || !strings.HasPrefix(authHeader, auth.BearerScheme) { logrus.Error("no auth token provided") return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.UnauthorizedErrorCode]) } // Extract auth token. token := strings.TrimPrefix(authHeader, auth.BearerScheme) token = strings.TrimSpace(token) fmt.Println("logout 退出") if err := authutil.JWTAuthService.Blacklist(token); err != nil { return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.FailedRedisInternalServerErrorCode]) } return nil } func (svc *AdminCommon) AdminProfile(ctx context.Context, profileRequest *pb.AdminProfileRequest, rsp *pb.AdminProfileResponse) error { md, b := metadata.FromContext(ctx) if !b { return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.UnauthorizedErrorCode]) // errors.New("no metadata found") } authHeader, ok := md["Authorization"] if !ok || !strings.HasPrefix(authHeader, auth.BearerScheme) { logrus.Error("no auth token provided") return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.UnauthorizedErrorCode]) } // Extract auth token. token := strings.TrimPrefix(authHeader, auth.BearerScheme) token = strings.TrimSpace(token) inspect, err := authutil.JWTAuthService.Inspect(token) if err != nil { return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.TokenInvalidErrorCode]) } if value, ok := inspect.Metadata["user_id"]; ok { userId, _ := strconv.ParseInt(value, 10, 64) user, err := svc.Service.GetAdminUser(userId) if err != nil { return err } rsp.User = user } return nil }