sys_user.go 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385
  1. package system
  2. import (
  3. "context"
  4. "github.com/medivhzhan/weapp"
  5. "strconv"
  6. "time"
  7. "github.com/flipped-aurora/gin-vue-admin/server/global"
  8. "github.com/flipped-aurora/gin-vue-admin/server/model/common/request"
  9. "github.com/flipped-aurora/gin-vue-admin/server/model/common/response"
  10. "github.com/flipped-aurora/gin-vue-admin/server/model/system"
  11. systemReq "github.com/flipped-aurora/gin-vue-admin/server/model/system/request"
  12. systemRes "github.com/flipped-aurora/gin-vue-admin/server/model/system/response"
  13. "github.com/flipped-aurora/gin-vue-admin/server/utils"
  14. "github.com/dgrijalva/jwt-go"
  15. "github.com/gin-gonic/gin"
  16. "github.com/go-redis/redis/v8"
  17. "go.uber.org/zap"
  18. )
  19. // @Tags Base
  20. // @Summary 用户登录
  21. // @Produce application/json
  22. // @Param data body systemReq.Login true "用户名, 密码, 验证码"
  23. // @Success 200 {string} string "{"success":true,"data":{},"msg":"登陆成功"}"
  24. // @Router /base/login [post]
  25. func (b *BaseApi) Login(c *gin.Context) {
  26. var l systemReq.Login
  27. _ = c.ShouldBindJSON(&l)
  28. if err := utils.Verify(l, utils.LoginVerify); err != nil {
  29. response.FailWithMessage(err.Error(), c)
  30. return
  31. }
  32. if store.Verify(l.CaptchaId, l.Captcha, true) {
  33. u := &system.SysUser{Username: l.Username, Password: l.Password}
  34. if err, user := userService.Login(u); err != nil {
  35. global.GVA_LOG.Error("登陆失败! 用户名不存在或者密码错误!", zap.Any("err", err))
  36. response.FailWithMessage("用户名不存在或者密码错误", c)
  37. } else {
  38. b.tokenNext(c, *user)
  39. }
  40. } else {
  41. response.FailWithMessage("验证码错误", c)
  42. }
  43. }
  44. func (b *BaseApi) LoginWx(c *gin.Context) {
  45. var l systemReq.LoginWx
  46. _ = c.ShouldBindJSON(&l)
  47. res, err := weapp.Login(global.GVA_CONFIG.Wxxcx.Appid, global.GVA_CONFIG.Wxxcx.Secret, l.Code)
  48. if err != nil {
  49. global.GVA_LOG.Error("登陆小程序失败!", zap.Any("err", err))
  50. response.FailWithMessage("小程序信息获取异常", c)
  51. return
  52. }
  53. global.GVA_REDIS.Set(context.Background(), "wxssk:"+res.OpenID, res.SessionKey, 0)
  54. if err, user := userService.FindUserByOpenId(res.OpenID); err != nil {
  55. response.CodeWithDetailed(1, res, "未注册", c)
  56. return
  57. } else {
  58. if user.AuthorityId == "100" {
  59. response.CodeMessage(2, "请等待审核", c)
  60. return
  61. }
  62. b.tokenNext(c, *user)
  63. }
  64. }
  65. func (b *BaseApi) RegisterWx(c *gin.Context) {
  66. var r systemReq.RegisterWx
  67. _ = c.ShouldBindJSON(&r)
  68. if err := utils.Verify(r, utils.RegisterWxVerify); err != nil {
  69. response.FailWithMessage(err.Error(), c)
  70. return
  71. }
  72. authorityId := "100"
  73. user := &system.SysUser{Username: r.Username, OpenId: r.OpenId, NickName: r.NickName, Password: utils.RandomString(10), HeaderImg: r.HeaderImg, AuthorityId: authorityId, Authorities: nil}
  74. err, userReturn := userService.Register(*user)
  75. if err != nil {
  76. global.GVA_LOG.Error("注册失败!", zap.Any("err", err))
  77. response.CodeMessage(2, "您已经申请过了,请耐心等待审核!", c)
  78. } else {
  79. response.CodeWithDetailed(2, systemRes.SysUserResponse{User: userReturn}, "申请登陆成功,请等待审核", c)
  80. }
  81. }
  82. // 登录以后签发jwt
  83. func (b *BaseApi) tokenNext(c *gin.Context, user system.SysUser) {
  84. j := &utils.JWT{SigningKey: []byte(global.GVA_CONFIG.JWT.SigningKey)} // 唯一签名
  85. claims := systemReq.CustomClaims{
  86. UUID: user.UUID,
  87. ID: user.ID,
  88. NickName: user.NickName,
  89. Username: user.Username,
  90. AuthorityId: user.AuthorityId,
  91. BufferTime: global.GVA_CONFIG.JWT.BufferTime, // 缓冲时间1天 缓冲时间内会获得新的token刷新令牌 此时一个用户会存在两个有效令牌 但是前端只留一个 另一个会丢失
  92. StandardClaims: jwt.StandardClaims{
  93. NotBefore: time.Now().Unix() - 1000, // 签名生效时间
  94. ExpiresAt: time.Now().Unix() + global.GVA_CONFIG.JWT.ExpiresTime, // 过期时间 7天 配置文件
  95. Issuer: "qmPlus", // 签名的发行者
  96. },
  97. }
  98. token, err := j.CreateToken(claims)
  99. if err != nil {
  100. global.GVA_LOG.Error("获取token失败!", zap.Any("err", err))
  101. response.FailWithMessage("获取token失败", c)
  102. return
  103. }
  104. if !global.GVA_CONFIG.System.UseMultipoint {
  105. response.OkWithDetailed(systemRes.LoginResponse{
  106. User: user,
  107. Token: token,
  108. ExpiresAt: claims.StandardClaims.ExpiresAt * 1000,
  109. }, "登录成功", c)
  110. return
  111. }
  112. if err, jwtStr := jwtService.GetRedisJWT(user.Username); err == redis.Nil {
  113. if err := jwtService.SetRedisJWT(token, user.Username); err != nil {
  114. global.GVA_LOG.Error("设置登录状态失败!", zap.Any("err", err))
  115. response.FailWithMessage("设置登录状态失败", c)
  116. return
  117. }
  118. response.OkWithDetailed(systemRes.LoginResponse{
  119. User: user,
  120. Token: token,
  121. ExpiresAt: claims.StandardClaims.ExpiresAt * 1000,
  122. }, "登录成功", c)
  123. } else if err != nil {
  124. global.GVA_LOG.Error("设置登录状态失败!", zap.Any("err", err))
  125. response.FailWithMessage("设置登录状态失败", c)
  126. } else {
  127. var blackJWT system.JwtBlacklist
  128. blackJWT.Jwt = jwtStr
  129. if err := jwtService.JsonInBlacklist(blackJWT); err != nil {
  130. response.FailWithMessage("jwt作废失败", c)
  131. return
  132. }
  133. if err := jwtService.SetRedisJWT(token, user.Username); err != nil {
  134. response.FailWithMessage("设置登录状态失败", c)
  135. return
  136. }
  137. response.OkWithDetailed(systemRes.LoginResponse{
  138. User: user,
  139. Token: token,
  140. ExpiresAt: claims.StandardClaims.ExpiresAt * 1000,
  141. }, "登录成功", c)
  142. }
  143. }
  144. // @Tags SysUser
  145. // @Summary 用户注册账号
  146. // @Produce application/json
  147. // @Param data body systemReq.Register true "用户名, 昵称, 密码, 角色ID"
  148. // @Success 200 {string} string "{"success":true,"data":{},"msg":"注册成功"}"
  149. // @Router /user/register [post]
  150. func (b *BaseApi) Register(c *gin.Context) {
  151. var r systemReq.Register
  152. _ = c.ShouldBindJSON(&r)
  153. if err := utils.Verify(r, utils.RegisterVerify); err != nil {
  154. response.FailWithMessage(err.Error(), c)
  155. return
  156. }
  157. var authorities []system.SysAuthority
  158. for _, v := range r.AuthorityIds {
  159. authorities = append(authorities, system.SysAuthority{
  160. AuthorityId: v,
  161. })
  162. }
  163. user := &system.SysUser{Username: r.Username, NickName: r.NickName, Password: r.Password, HeaderImg: r.HeaderImg, AuthorityId: r.AuthorityId, Authorities: authorities}
  164. err, userReturn := userService.Register(*user)
  165. if err != nil {
  166. global.GVA_LOG.Error("注册失败!", zap.Any("err", err))
  167. response.FailWithDetailed(systemRes.SysUserResponse{User: userReturn}, "注册失败", c)
  168. } else {
  169. response.OkWithDetailed(systemRes.SysUserResponse{User: userReturn}, "注册成功", c)
  170. }
  171. }
  172. // @Tags SysUser
  173. // @Summary 用户修改密码
  174. // @Security ApiKeyAuth
  175. // @Produce application/json
  176. // @Param data body systemReq.ChangePasswordStruct true "用户名, 原密码, 新密码"
  177. // @Success 200 {string} string "{"success":true,"data":{},"msg":"修改成功"}"
  178. // @Router /user/changePassword [post]
  179. func (b *BaseApi) ChangePassword(c *gin.Context) {
  180. var user systemReq.ChangePasswordStruct
  181. _ = c.ShouldBindJSON(&user)
  182. if err := utils.Verify(user, utils.ChangePasswordVerify); err != nil {
  183. response.FailWithMessage(err.Error(), c)
  184. return
  185. }
  186. u := &system.SysUser{Username: user.Username, Password: user.Password}
  187. if err, _ := userService.ChangePassword(u, user.NewPassword); err != nil {
  188. global.GVA_LOG.Error("修改失败!", zap.Any("err", err))
  189. response.FailWithMessage("修改失败,原密码与当前账户不符", c)
  190. } else {
  191. response.OkWithMessage("修改成功", c)
  192. }
  193. }
  194. // @Tags SysUser
  195. // @Summary 分页获取用户列表
  196. // @Security ApiKeyAuth
  197. // @accept application/json
  198. // @Produce application/json
  199. // @Param data body request.PageInfo true "页码, 每页大小"
  200. // @Success 200 {string} string "{"success":true,"data":{},"msg":"获取成功"}"
  201. // @Router /user/getUserList [post]
  202. func (b *BaseApi) GetUserList(c *gin.Context) {
  203. var pageInfo request.PageInfo
  204. _ = c.ShouldBindJSON(&pageInfo)
  205. if err := utils.Verify(pageInfo, utils.PageInfoVerify); err != nil {
  206. response.FailWithMessage(err.Error(), c)
  207. return
  208. }
  209. if err, list, total := userService.GetUserInfoList(pageInfo); err != nil {
  210. global.GVA_LOG.Error("获取失败!", zap.Any("err", err))
  211. response.FailWithMessage("获取失败", c)
  212. } else {
  213. response.OkWithDetailed(response.PageResult{
  214. List: list,
  215. Total: total,
  216. Page: pageInfo.Page,
  217. PageSize: pageInfo.PageSize,
  218. }, "获取成功", c)
  219. }
  220. }
  221. func (b *BaseApi) GetUserPList(c *gin.Context) {
  222. var pageInfo systemReq.UserSearch
  223. _ = c.ShouldBindJSON(&pageInfo)
  224. if err := utils.Verify(pageInfo, utils.PageInfoVerify); err != nil {
  225. response.FailWithMessage(err.Error(), c)
  226. return
  227. }
  228. if err, list, total := userService.GetUserPInfoList(pageInfo); err != nil {
  229. global.GVA_LOG.Error("获取失败!", zap.Any("err", err))
  230. response.FailWithMessage("获取失败", c)
  231. } else {
  232. response.OkWithDetailed(response.PageResult{
  233. List: list,
  234. Total: total,
  235. Page: pageInfo.Page,
  236. PageSize: pageInfo.PageSize,
  237. }, "获取成功", c)
  238. }
  239. }
  240. // @Tags SysUser
  241. // @Summary 更改用户权限
  242. // @Security ApiKeyAuth
  243. // @accept application/json
  244. // @Produce application/json
  245. // @Param data body systemReq.SetUserAuth true "用户UUID, 角色ID"
  246. // @Success 200 {string} string "{"success":true,"data":{},"msg":"修改成功"}"
  247. // @Router /user/setUserAuthority [post]
  248. func (b *BaseApi) SetUserAuthority(c *gin.Context) {
  249. var sua systemReq.SetUserAuth
  250. _ = c.ShouldBindJSON(&sua)
  251. if UserVerifyErr := utils.Verify(sua, utils.SetUserAuthorityVerify); UserVerifyErr != nil {
  252. response.FailWithMessage(UserVerifyErr.Error(), c)
  253. return
  254. }
  255. userID := utils.GetUserID(c)
  256. uuid := utils.GetUserUuid(c)
  257. if err := userService.SetUserAuthority(userID, uuid, sua.AuthorityId); err != nil {
  258. global.GVA_LOG.Error("修改失败!", zap.Any("err", err))
  259. response.FailWithMessage(err.Error(), c)
  260. } else {
  261. claims := utils.GetUserInfo(c)
  262. j := &utils.JWT{SigningKey: []byte(global.GVA_CONFIG.JWT.SigningKey)} // 唯一签名
  263. claims.AuthorityId = sua.AuthorityId
  264. if token, err := j.CreateToken(*claims); err != nil {
  265. global.GVA_LOG.Error("修改失败!", zap.Any("err", err))
  266. response.FailWithMessage(err.Error(), c)
  267. } else {
  268. c.Header("new-token", token)
  269. c.Header("new-expires-at", strconv.FormatInt(claims.ExpiresAt, 10))
  270. response.OkWithMessage("修改成功", c)
  271. }
  272. }
  273. }
  274. // @Tags SysUser
  275. // @Summary 设置用户权限
  276. // @Security ApiKeyAuth
  277. // @accept application/json
  278. // @Produce application/json
  279. // @Param data body systemReq.SetUserAuthorities true "用户UUID, 角色ID"
  280. // @Success 200 {string} string "{"success":true,"data":{},"msg":"修改成功"}"
  281. // @Router /user/setUserAuthorities [post]
  282. func (b *BaseApi) SetUserAuthorities(c *gin.Context) {
  283. var sua systemReq.SetUserAuthorities
  284. _ = c.ShouldBindJSON(&sua)
  285. if err := userService.SetUserAuthorities(sua.ID, sua.AuthorityIds); err != nil {
  286. global.GVA_LOG.Error("修改失败!", zap.Any("err", err))
  287. response.FailWithMessage("修改失败", c)
  288. } else {
  289. response.OkWithMessage("修改成功", c)
  290. }
  291. }
  292. // @Tags SysUser
  293. // @Summary 删除用户
  294. // @Security ApiKeyAuth
  295. // @accept application/json
  296. // @Produce application/json
  297. // @Param data body request.GetById true "用户ID"
  298. // @Success 200 {string} string "{"success":true,"data":{},"msg":"删除成功"}"
  299. // @Router /user/deleteUser [delete]
  300. func (b *BaseApi) DeleteUser(c *gin.Context) {
  301. var reqId request.GetById
  302. _ = c.ShouldBindJSON(&reqId)
  303. if err := utils.Verify(reqId, utils.IdVerify); err != nil {
  304. response.FailWithMessage(err.Error(), c)
  305. return
  306. }
  307. jwtId := utils.GetUserID(c)
  308. if jwtId == uint(reqId.ID) {
  309. response.FailWithMessage("删除失败, 自杀失败", c)
  310. return
  311. }
  312. if err := userService.DeleteUser(reqId.ID); err != nil {
  313. global.GVA_LOG.Error("删除失败!", zap.Any("err", err))
  314. response.FailWithMessage("删除失败", c)
  315. } else {
  316. response.OkWithMessage("删除成功", c)
  317. }
  318. }
  319. // @Tags SysUser
  320. // @Summary 设置用户信息
  321. // @Security ApiKeyAuth
  322. // @accept application/json
  323. // @Produce application/json
  324. // @Param data body system.SysUser true "ID, 用户名, 昵称, 头像链接"
  325. // @Success 200 {string} string "{"success":true,"data":{},"msg":"设置成功"}"
  326. // @Router /user/setUserInfo [put]
  327. func (b *BaseApi) SetUserInfo(c *gin.Context) {
  328. var user system.SysUser
  329. _ = c.ShouldBindJSON(&user)
  330. if err := utils.Verify(user, utils.IdVerify); err != nil {
  331. response.FailWithMessage(err.Error(), c)
  332. return
  333. }
  334. if err, ReqUser := userService.SetUserInfo(user); err != nil {
  335. global.GVA_LOG.Error("设置失败!", zap.Any("err", err))
  336. response.FailWithMessage("设置失败", c)
  337. } else {
  338. response.OkWithDetailed(gin.H{"userInfo": ReqUser}, "设置成功", c)
  339. }
  340. }
  341. // @Tags SysUser
  342. // @Summary 获取用户信息
  343. // @Security ApiKeyAuth
  344. // @accept application/json
  345. // @Produce application/json
  346. // @Success 200 {string} string "{"success":true,"data":{},"msg":"获取成功"}"
  347. // @Router /user/getUserInfo [get]
  348. func (b *BaseApi) GetUserInfo(c *gin.Context) {
  349. uuid := utils.GetUserUuid(c)
  350. if err, ReqUser := userService.GetUserInfo(uuid); err != nil {
  351. global.GVA_LOG.Error("获取失败!", zap.Any("err", err))
  352. response.FailWithMessage("获取失败", c)
  353. } else {
  354. response.OkWithDetailed(gin.H{"userInfo": ReqUser}, "获取成功", c)
  355. }
  356. }
  357. func (b *BaseApi) GetUserInfoById(c *gin.Context) {
  358. var user system.SysUser
  359. _ = c.ShouldBindQuery(&user)
  360. if err, ReqUser := userService.FindUserById(int(user.ID)); err != nil {
  361. global.GVA_LOG.Error("获取失败!", zap.Any("err", err))
  362. response.FailWithMessage("获取失败", c)
  363. } else {
  364. response.OkWithDetailed(gin.H{"userInfo": ReqUser}, "获取成功", c)
  365. }
  366. }