139 lines
4.4 KiB
Go
139 lines
4.4 KiB
Go
package user
|
||
|
||
import (
|
||
"context"
|
||
"encoding/json"
|
||
"fmt"
|
||
"io"
|
||
"net/http"
|
||
"qnc-server/app/user/model"
|
||
jwtx "qnc-server/common/jwt"
|
||
"qnc-server/common/xerr"
|
||
"time"
|
||
|
||
"github.com/pkg/errors"
|
||
"github.com/zeromicro/go-zero/core/stores/sqlx"
|
||
|
||
"qnc-server/app/user/cmd/api/internal/svc"
|
||
"qnc-server/app/user/cmd/api/internal/types"
|
||
|
||
"github.com/zeromicro/go-zero/core/logx"
|
||
)
|
||
|
||
type WxH5AuthLogic struct {
|
||
logx.Logger
|
||
ctx context.Context
|
||
svcCtx *svc.ServiceContext
|
||
}
|
||
|
||
func NewWxH5AuthLogic(ctx context.Context, svcCtx *svc.ServiceContext) *WxH5AuthLogic {
|
||
return &WxH5AuthLogic{
|
||
Logger: logx.WithContext(ctx),
|
||
ctx: ctx,
|
||
svcCtx: svcCtx,
|
||
}
|
||
}
|
||
|
||
func (l *WxH5AuthLogic) WxH5Auth(req *types.WXH5AuthReq) (resp *types.WXH5AuthResp, err error) {
|
||
// Step 1: 使用code获取access_token
|
||
accessTokenResp, err := l.GetAccessToken(req.Code)
|
||
if err != nil {
|
||
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "获取access_token失败: %v", err)
|
||
}
|
||
if accessTokenResp.AccessToken == "" || accessTokenResp.Openid == "" {
|
||
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "获取access_token为空: %v", accessTokenResp)
|
||
}
|
||
// Step 2: 查找用户授权信息
|
||
userAuth, findErr := l.svcCtx.UserAuthModel.FindOneByAuthTypeAuthKey(l.ctx, model.UserAuthTypeWxh5, accessTokenResp.Openid)
|
||
if findErr != nil && !errors.Is(findErr, model.ErrNotFound) {
|
||
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "查询用户授权失败,findErr: %v", findErr)
|
||
}
|
||
|
||
// Step 3: 查找或创建用户
|
||
var user *model.User
|
||
if userAuth != nil {
|
||
// 授权信息存在,查找用户
|
||
userModel, findUserErr := l.svcCtx.UserModel.FindOne(l.ctx, userAuth.UserId)
|
||
if findUserErr != nil {
|
||
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "查询用户失败,userId: %v", findUserErr)
|
||
}
|
||
user = userModel
|
||
} else {
|
||
// 授权信息不存在,创建新用户
|
||
user = &model.User{}
|
||
if transErr := l.svcCtx.UserModel.Trans(l.ctx, func(context context.Context, session sqlx.Session) error {
|
||
// 插入数据库
|
||
insertResult, insertErr := l.svcCtx.UserModel.Insert(l.ctx, session, user)
|
||
if insertErr != nil {
|
||
return errors.Wrapf(insertErr, "创建新用户失败,openid: %s", accessTokenResp.Openid)
|
||
}
|
||
// 获取插入后生成的 user.Id
|
||
lastInsertId, lastInsertIdErr := insertResult.LastInsertId()
|
||
if lastInsertIdErr != nil {
|
||
return errors.Wrapf(lastInsertIdErr, "获取新用户ID失败,openid: %s", accessTokenResp.Openid)
|
||
}
|
||
user.Id = lastInsertId
|
||
// 创建用户授权信息
|
||
userAuth = &model.UserAuth{
|
||
UserId: user.Id,
|
||
AuthKey: accessTokenResp.Openid,
|
||
AuthType: model.UserAuthTypeWxh5, // 微信小程序
|
||
}
|
||
if _, insertUserAuthErr := l.svcCtx.UserAuthModel.Insert(l.ctx, session, userAuth); insertUserAuthErr != nil {
|
||
return errors.Wrapf(insertUserAuthErr, "创建用户授权失败,openid: %s", accessTokenResp.Openid)
|
||
}
|
||
return nil
|
||
}); transErr != nil {
|
||
return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "创建新用户事务失败: %v", transErr)
|
||
}
|
||
}
|
||
|
||
// Step 4: 生成JWT Token
|
||
token, genErr := jwtx.GenerateJwtToken(user.Id, l.svcCtx.Config.JwtAuth.AccessSecret, l.svcCtx.Config.JwtAuth.AccessExpire)
|
||
if genErr != nil {
|
||
return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "生成JWT token失败: %v", genErr)
|
||
}
|
||
|
||
now := time.Now().Unix()
|
||
return &types.WXH5AuthResp{
|
||
AccessToken: token,
|
||
AccessExpire: now + l.svcCtx.Config.JwtAuth.AccessExpire,
|
||
RefreshAfter: now + l.svcCtx.Config.JwtAuth.RefreshAfter,
|
||
}, nil
|
||
}
|
||
|
||
type AccessTokenResp struct {
|
||
AccessToken string `json:"access_token"`
|
||
Openid string `json:"openid"`
|
||
}
|
||
|
||
// GetAccessToken 通过code获取access_token
|
||
func (l *WxH5AuthLogic) GetAccessToken(code string) (*AccessTokenResp, error) {
|
||
appID := l.svcCtx.Config.WechatH5.AppID
|
||
appSecret := l.svcCtx.Config.WechatH5.AppSecret
|
||
|
||
url := fmt.Sprintf("https://api.weixin.qq.com/sns/oauth2/access_token?appid=%s&secret=%s&code=%s&grant_type=authorization_code", appID, appSecret, code)
|
||
|
||
resp, err := http.Get(url)
|
||
if err != nil {
|
||
return nil, err
|
||
}
|
||
defer resp.Body.Close()
|
||
|
||
body, err := io.ReadAll(resp.Body)
|
||
if err != nil {
|
||
return nil, err
|
||
}
|
||
|
||
var accessTokenResp AccessTokenResp
|
||
if err = json.Unmarshal(body, &accessTokenResp); err != nil {
|
||
return nil, err
|
||
}
|
||
|
||
//if accessTokenResp.AccessToken == "" {
|
||
// return nil, errors.New("accessTokenResp.AccessToken为空")
|
||
//}
|
||
|
||
return &accessTokenResp, nil
|
||
}
|