package user import ( "context" "encoding/json" "fmt" "io" "net/http" "qnc-server/app/main/model" jwtx "qnc-server/common/jwt" "qnc-server/common/xerr" "time" "github.com/pkg/errors" "github.com/zeromicro/go-zero/core/stores/sqlx" "qnc-server/app/main/api/internal/svc" "qnc-server/app/main/api/internal/types" "github.com/zeromicro/go-zero/core/logx" ) type WxMiniAuthLogic struct { logx.Logger ctx context.Context svcCtx *svc.ServiceContext } func NewWxMiniAuthLogic(ctx context.Context, svcCtx *svc.ServiceContext) *WxMiniAuthLogic { return &WxMiniAuthLogic{ Logger: logx.WithContext(ctx), ctx: ctx, svcCtx: svcCtx, } } func (l *WxMiniAuthLogic) WxMiniAuth(req *types.WXMiniAuthReq) (resp *types.WXMiniAuthResp, err error) { // 1. 获取session_key和openid sessionKeyResp, err := l.GetSessionKey(req.Code) if err != nil { return nil, err } // 2. 查找用户授权信息 userAuth, err := l.svcCtx.UserAuthModel.FindOneByAuthTypeAuthKey(l.ctx, model.UserAuthTypeWxMiniOpenID, sessionKeyResp.Openid) if err != nil && !errors.Is(err, model.ErrNotFound) { return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询用户授权失败: %v", err) } // 3. 处理用户信息 var user *model.User if userAuth != nil { // 已存在用户,直接登录 user, err = l.svcCtx.UserModel.FindOne(l.ctx, userAuth.UserId) if err != nil { return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询用户信息失败: %v", err) } } else { userTemp, err := l.svcCtx.UserTempModel.FindOneByAuthTypeAuthKey(l.ctx, model.UserAuthTypeWxMiniOpenID, sessionKeyResp.Openid) if err != nil && !errors.Is(err, model.ErrNotFound) { return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询用户临时信息失败: %v", err) } if userTemp == nil { userTemp.AuthType = model.UserAuthTypeWxMiniOpenID userTemp.AuthKey = sessionKeyResp.Openid user, err = l.svcCtx.UserModel.Insert(l.ctx, userTemp) if err != nil { return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "创建用户信息失败: %v", err) } userAuth = &model.UserAuth{ UserId: user.Id, AuthKey: sessionKeyResp.Openid, AuthType: model.UserAuthTypeWxMiniOpenID, } // 新用户,创建用户记录 user = &model.User{} if transErr := l.svcCtx.UserModel.Trans(l.ctx, func(ctx context.Context, session sqlx.Session) error { // 插入用户基本信息 insertResult, err := l.svcCtx.UserModel.Insert(ctx, session, user) if err != nil { return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "创建新用户失败: %v", err) } lastId, err := insertResult.LastInsertId() if err != nil { return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "获取新用户ID失败: %v", err) } user.Id = lastId // 创建用户授权信息 userAuth = &model.UserAuth{ UserId: user.Id, AuthKey: sessionKeyResp.Openid, AuthType: model.UserAuthTypeWxMiniOpenID, } if _, err := l.svcCtx.UserAuthModel.Insert(ctx, session, userAuth); err != nil { return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "创建用户授权失败: %v", err) } return nil }); transErr != nil { return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "创建新用户事务失败: %v", transErr) } } // 4. 生成JWT Token token, err := jwtx.GenerateJwtToken(user.Id, l.svcCtx.Config.JwtAuth.AccessSecret, l.svcCtx.Config.JwtAuth.AccessExpire) if err != nil { return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "生成JWT token失败: %v", err) } // 5. 返回登录结果 now := time.Now().Unix() return &types.WXMiniAuthResp{ AccessToken: token, AccessExpire: now + l.svcCtx.Config.JwtAuth.AccessExpire, RefreshAfter: now + l.svcCtx.Config.JwtAuth.RefreshAfter, }, nil } // SessionKeyResp 小程序登录返回结构 type SessionKeyResp struct { Openid string `json:"openid"` SessionKey string `json:"session_key"` Unionid string `json:"unionid,omitempty"` ErrCode int `json:"errcode,omitempty"` ErrMsg string `json:"errmsg,omitempty"` } // GetSessionKey 通过code获取小程序的session_key和openid func (l *WxMiniAuthLogic) GetSessionKey(code string) (*SessionKeyResp, error) { appID := l.svcCtx.Config.WechatMini.AppID appSecret := l.svcCtx.Config.WechatMini.AppSecret url := fmt.Sprintf("https://api.weixin.qq.com/sns/jscode2session?appid=%s&secret=%s&js_code=%s&grant_type=authorization_code", appID, appSecret, code) resp, err := http.Get(url) if err != nil { return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "获取session_key失败: %v", err) } defer resp.Body.Close() body, err := io.ReadAll(resp.Body) if err != nil { return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "读取响应失败: %v", err) } var sessionKeyResp SessionKeyResp if err = json.Unmarshal(body, &sessionKeyResp); err != nil { return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "解析响应失败: %v", err) } // 检查微信返回的错误码 if sessionKeyResp.ErrCode != 0 { return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "微信接口返回错误: errcode=%d, errmsg=%s", sessionKeyResp.ErrCode, sessionKeyResp.ErrMsg) } // 验证必要字段 if sessionKeyResp.Openid == "" || sessionKeyResp.SessionKey == "" { return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "微信接口返回数据不完整: openid=%s, session_key=%s", sessionKeyResp.Openid, sessionKeyResp.SessionKey) } return &sessionKeyResp, nil }