|
|
|
|
package controller
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"crypto/rand"
|
|
|
|
|
"encoding/base64"
|
|
|
|
|
"fmt"
|
|
|
|
|
"math/big"
|
|
|
|
|
"net/http"
|
|
|
|
|
"strconv"
|
|
|
|
|
"strings"
|
|
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
"gofaster/internal/auth/model"
|
|
|
|
|
"gofaster/internal/auth/service"
|
|
|
|
|
"gofaster/internal/shared/response"
|
|
|
|
|
|
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type AuthController struct {
|
|
|
|
|
authService *service.AuthService
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewAuthController(authService *service.AuthService) *AuthController {
|
|
|
|
|
fmt.Println("🔍 [验证码] AuthController 初始化 - 新版本代码已加载!")
|
|
|
|
|
return &AuthController{
|
|
|
|
|
authService: authService,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Login 用户登录
|
|
|
|
|
// @Summary 用户登录
|
|
|
|
|
// @Description 用户登录接口,支持验证码验证和密码错误次数限制
|
|
|
|
|
// @Tags 认证
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Param request body model.LoginRequest true "登录请求参数"
|
|
|
|
|
// @Success 200 {object} response.Response{data=model.LoginResponse} "登录成功"
|
|
|
|
|
// @Failure 400 {object} response.Response "请求参数错误"
|
|
|
|
|
// @Failure 401 {object} response.Response "认证失败"
|
|
|
|
|
// @Failure 423 {object} response.Response "账户被锁定"
|
|
|
|
|
// @Router /auth/login [post]
|
|
|
|
|
func (c *AuthController) Login(ctx *gin.Context) {
|
|
|
|
|
var req model.LoginRequest
|
|
|
|
|
if err := ctx.ShouldBindJSON(&req); err != nil {
|
|
|
|
|
response.Error(ctx, http.StatusBadRequest, "请求参数错误", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 调用服务层处理登录
|
|
|
|
|
resp, err := c.authService.Login(ctx, req.Username, req.Password, req.Captcha, req.CaptchaID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
// 根据错误类型返回不同的状态码
|
|
|
|
|
if isLockedError(err) {
|
|
|
|
|
response.Error(ctx, http.StatusLocked, "账户被锁定", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
if isAuthError(err) {
|
|
|
|
|
response.Error(ctx, http.StatusUnauthorized, "认证失败", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
response.Error(ctx, http.StatusInternalServerError, "系统错误", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
response.Success(ctx, "登录成功", resp)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Logout 用户登出
|
|
|
|
|
// @Summary 用户登出
|
|
|
|
|
// @Description 用户登出接口
|
|
|
|
|
// @Tags 认证
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Param request body model.LogoutRequest true "登出请求参数"
|
|
|
|
|
// @Success 200 {object} response.Response "登出成功"
|
|
|
|
|
// @Router /auth/logout [post]
|
|
|
|
|
func (c *AuthController) Logout(ctx *gin.Context) {
|
|
|
|
|
var req model.LogoutRequest
|
|
|
|
|
if err := ctx.ShouldBindJSON(&req); err != nil {
|
|
|
|
|
response.Error(ctx, http.StatusBadRequest, "请求参数错误", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err := c.authService.Logout(ctx, req.Token)
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.Error(ctx, http.StatusInternalServerError, "登出失败", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
response.Success(ctx, "登出成功", nil)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// RefreshToken 刷新访问令牌
|
|
|
|
|
// @Summary 刷新访问令牌
|
|
|
|
|
// @Description 使用刷新令牌获取新的访问令牌
|
|
|
|
|
// @Tags 认证
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Param request body model.RefreshTokenRequest true "刷新令牌请求参数"
|
|
|
|
|
// @Success 200 {object} response.Response{data=model.LoginResponse} "刷新成功"
|
|
|
|
|
// @Failure 400 {object} response.Response "请求参数错误"
|
|
|
|
|
// @Failure 401 {object} response.Response "刷新令牌无效"
|
|
|
|
|
// @Router /auth/refresh [post]
|
|
|
|
|
func (c *AuthController) RefreshToken(ctx *gin.Context) {
|
|
|
|
|
var req model.RefreshTokenRequest
|
|
|
|
|
if err := ctx.ShouldBindJSON(&req); err != nil {
|
|
|
|
|
response.Error(ctx, http.StatusBadRequest, "请求参数错误", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resp, err := c.authService.RefreshToken(ctx, req.RefreshToken)
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.Error(ctx, http.StatusUnauthorized, "刷新令牌无效", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
response.Success(ctx, "令牌刷新成功", resp)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// GenerateCaptcha 生成验证码
|
|
|
|
|
// @Summary 生成验证码
|
|
|
|
|
// @Description 生成图形验证码,用于登录验证
|
|
|
|
|
// @Tags 认证
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Success 200 {object} response.Response{data=model.CaptchaResponse} "验证码生成成功"
|
|
|
|
|
// @Router /auth/captcha [get]
|
|
|
|
|
func (c *AuthController) GenerateCaptcha(ctx *gin.Context) {
|
|
|
|
|
fmt.Println("🔍 [验证码] 开始生成验证码...")
|
|
|
|
|
|
|
|
|
|
// 生成4位数字验证码
|
|
|
|
|
captchaText := generateRandomCaptcha(4)
|
|
|
|
|
fmt.Printf("🔍 [验证码] 生成的验证码文本: %s\n", captchaText)
|
|
|
|
|
|
|
|
|
|
captchaID := generateCaptchaID()
|
|
|
|
|
fmt.Printf("🔍 [验证码] 生成的验证码ID: %s\n", captchaID)
|
|
|
|
|
|
|
|
|
|
// 存储验证码到数据库(5分钟过期)
|
|
|
|
|
expiresAt := time.Now().Add(5 * time.Minute)
|
|
|
|
|
if err := c.authService.GetCaptchaRepo().Create(ctx, captchaID, captchaText, expiresAt); err != nil {
|
|
|
|
|
fmt.Printf("🔍 [验证码] 存储验证码失败: %v\n", err)
|
|
|
|
|
response.Error(ctx, http.StatusInternalServerError, "验证码生成失败", "存储验证码失败")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 生成验证码图片(SVG格式)
|
|
|
|
|
captchaImage := generateCaptchaSVG(captchaText)
|
|
|
|
|
fmt.Printf("🔍 [验证码] 生成的图片长度: %d\n", len(captchaImage))
|
|
|
|
|
fmt.Printf("🔍 [验证码] 图片前缀: %s\n", captchaImage[:50])
|
|
|
|
|
|
|
|
|
|
// 设置过期时间(5分钟)
|
|
|
|
|
expiresIn := int64(300)
|
|
|
|
|
|
|
|
|
|
// 返回验证码响应
|
|
|
|
|
resp := &model.CaptchaResponse{
|
|
|
|
|
CaptchaID: captchaID,
|
|
|
|
|
CaptchaImage: captchaImage,
|
|
|
|
|
ExpiresIn: expiresIn,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fmt.Println("🔍 [验证码] 验证码生成完成,准备返回响应")
|
|
|
|
|
response.Success(ctx, "验证码生成成功", resp)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// GetUserInfo 获取用户信息
|
|
|
|
|
// @Summary 获取用户信息
|
|
|
|
|
// @Description 获取当前登录用户的详细信息
|
|
|
|
|
// @Tags 认证
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Security BearerAuth
|
|
|
|
|
// @Success 200 {object} response.Response{data=model.UserInfo} "获取成功"
|
|
|
|
|
// @Failure 401 {object} response.Response "未授权"
|
|
|
|
|
// @Router /auth/userinfo [get]
|
|
|
|
|
func (c *AuthController) GetUserInfo(ctx *gin.Context) {
|
|
|
|
|
// 从JWT令牌中获取用户ID
|
|
|
|
|
userID, exists := ctx.Get("user_id")
|
|
|
|
|
if !exists {
|
|
|
|
|
response.Error(ctx, http.StatusUnauthorized, "未授权", "用户ID不存在")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 转换用户ID类型
|
|
|
|
|
var uid uint
|
|
|
|
|
switch v := userID.(type) {
|
|
|
|
|
case float64:
|
|
|
|
|
uid = uint(v)
|
|
|
|
|
case int:
|
|
|
|
|
uid = uint(v)
|
|
|
|
|
case string:
|
|
|
|
|
if parsed, err := strconv.ParseUint(v, 10, 32); err == nil {
|
|
|
|
|
uid = uint(parsed)
|
|
|
|
|
} else {
|
|
|
|
|
response.Error(ctx, http.StatusBadRequest, "用户ID格式错误", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
default:
|
|
|
|
|
response.Error(ctx, http.StatusBadRequest, "用户ID类型错误", "无法识别的用户ID类型")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 获取用户信息
|
|
|
|
|
userInfo, err := c.authService.GetUserInfo(ctx, uid)
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.Error(ctx, http.StatusInternalServerError, "获取用户信息失败", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
response.Success(ctx, "获取用户信息成功", userInfo)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// getClientIP 获取客户端IP地址
|
|
|
|
|
func getClientIP(r *http.Request) string {
|
|
|
|
|
// 尝试从各种头部获取真实IP
|
|
|
|
|
ip := r.Header.Get("X-Real-IP")
|
|
|
|
|
if ip != "" {
|
|
|
|
|
return ip
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ip = r.Header.Get("X-Forwarded-For")
|
|
|
|
|
if ip != "" {
|
|
|
|
|
// X-Forwarded-For可能包含多个IP,取第一个
|
|
|
|
|
if idx := strings.Index(ip, ","); idx != -1 {
|
|
|
|
|
ip = ip[:idx]
|
|
|
|
|
}
|
|
|
|
|
return strings.TrimSpace(ip)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ip = r.Header.Get("X-Forwarded")
|
|
|
|
|
if ip != "" {
|
|
|
|
|
return ip
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 从RemoteAddr获取
|
|
|
|
|
if r.RemoteAddr != "" {
|
|
|
|
|
if idx := strings.Index(r.RemoteAddr, ":"); idx != -1 {
|
|
|
|
|
return r.RemoteAddr[:idx]
|
|
|
|
|
}
|
|
|
|
|
return r.RemoteAddr
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return "127.0.0.1"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// isLockedError 检查是否为锁定错误
|
|
|
|
|
func isLockedError(err error) bool {
|
|
|
|
|
return strings.Contains(err.Error(), "锁定")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// isAuthError 检查是否为认证错误
|
|
|
|
|
func isAuthError(err error) bool {
|
|
|
|
|
return strings.Contains(err.Error(), "密码错误") ||
|
|
|
|
|
strings.Contains(err.Error(), "用户不存在") ||
|
|
|
|
|
strings.Contains(err.Error(), "验证码错误")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// generateRandomCaptcha 生成随机验证码
|
|
|
|
|
func generateRandomCaptcha(length int) string {
|
|
|
|
|
fmt.Printf("🔍 [验证码] 开始生成%d位随机验证码\n", length)
|
|
|
|
|
const charset = "0123456789"
|
|
|
|
|
result := make([]byte, length)
|
|
|
|
|
for i := range result {
|
|
|
|
|
randomIndex, _ := rand.Int(rand.Reader, big.NewInt(int64(len(charset))))
|
|
|
|
|
result[i] = charset[randomIndex.Int64()]
|
|
|
|
|
}
|
|
|
|
|
generated := string(result)
|
|
|
|
|
fmt.Printf("🔍 [验证码] 生成的验证码: %s\n", generated)
|
|
|
|
|
return generated
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// generateCaptchaID 生成验证码ID
|
|
|
|
|
func generateCaptchaID() string {
|
|
|
|
|
const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
|
|
|
|
result := make([]byte, 16)
|
|
|
|
|
for i := range result {
|
|
|
|
|
randomIndex, _ := rand.Int(rand.Reader, big.NewInt(int64(len(charset))))
|
|
|
|
|
result[i] = charset[randomIndex.Int64()]
|
|
|
|
|
}
|
|
|
|
|
return string(result)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// generateCaptchaSVG 生成验证码SVG图片
|
|
|
|
|
func generateCaptchaSVG(text string) string {
|
|
|
|
|
fmt.Printf("🔍 [验证码] 开始生成SVG图片,文本: %s\n", text)
|
|
|
|
|
|
|
|
|
|
// 生成随机干扰元素
|
|
|
|
|
line1Y1, _ := rand.Int(rand.Reader, big.NewInt(20))
|
|
|
|
|
line1Y2, _ := rand.Int(rand.Reader, big.NewInt(20))
|
|
|
|
|
line2Y1, _ := rand.Int(rand.Reader, big.NewInt(20))
|
|
|
|
|
line2Y2, _ := rand.Int(rand.Reader, big.NewInt(20))
|
|
|
|
|
circle1X, _ := rand.Int(rand.Reader, big.NewInt(120))
|
|
|
|
|
circle1Y, _ := rand.Int(rand.Reader, big.NewInt(40))
|
|
|
|
|
circle2X, _ := rand.Int(rand.Reader, big.NewInt(120))
|
|
|
|
|
circle2Y, _ := rand.Int(rand.Reader, big.NewInt(40))
|
|
|
|
|
circle3X, _ := rand.Int(rand.Reader, big.NewInt(120))
|
|
|
|
|
circle3Y, _ := rand.Int(rand.Reader, big.NewInt(40))
|
|
|
|
|
|
|
|
|
|
// 生成SVG验证码图片
|
|
|
|
|
svg := fmt.Sprintf(`<svg width="120" height="40" xmlns="http://www.w3.org/2000/svg">
|
|
|
|
|
<rect width="120" height="40" fill="#f0f0f0"/>
|
|
|
|
|
<text x="60" y="25" font-family="Arial, sans-serif" font-size="18" font-weight="bold" text-anchor="middle" fill="#333">%s</text>
|
|
|
|
|
<line x1="0" y1="%d" x2="120" y2="%d" stroke="#ccc" stroke-width="1"/>
|
|
|
|
|
<line x1="0" y1="%d" x2="120" y2="%d" stroke="#ccc" stroke-width="1"/>
|
|
|
|
|
<circle cx="%d" cy="%d" r="1" fill="#999"/>
|
|
|
|
|
<circle cx="%d" cy="%d" r="1" fill="#999"/>
|
|
|
|
|
<circle cx="%d" cy="%d" r="1" fill="#999"/>
|
|
|
|
|
</svg>`,
|
|
|
|
|
text,
|
|
|
|
|
line1Y1.Int64()+10, line1Y2.Int64()+10,
|
|
|
|
|
line2Y1.Int64()+20, line2Y2.Int64()+20,
|
|
|
|
|
circle1X.Int64(), circle1Y.Int64(),
|
|
|
|
|
circle2X.Int64(), circle2Y.Int64(),
|
|
|
|
|
circle3X.Int64(), circle3Y.Int64())
|
|
|
|
|
|
|
|
|
|
encoded := "data:image/svg+xml;base64," + base64.StdEncoding.EncodeToString([]byte(svg))
|
|
|
|
|
fmt.Printf("🔍 [验证码] SVG图片生成完成,长度: %d\n", len(encoded))
|
|
|
|
|
return encoded
|
|
|
|
|
}
|
