new

2025-04-27 12:17:18 +08:00
parent b60f6ffb3e
commit 2aea96db2c
128 changed files with 396 additions and 222 deletions
--- a/app/main/api/internal/logic/user/decryptmobilelogic.go
+++ b/app/main/api/internal/logic/user/decryptmobilelogic.go
@@ -0,0 +1,29 @@
+package user
+
+import (
+	"context"
+
+	"tyc-server/app/main/api/internal/svc"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type DecryptMobileLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewDecryptMobileLogic(ctx context.Context, svcCtx *svc.ServiceContext) *DecryptMobileLogic {
+	return &DecryptMobileLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *DecryptMobileLogic) DecryptMobile() error {
+	// todo: add your logic here and delete this line
+
+	return nil
+}
--- a/app/main/api/internal/logic/user/detaillogic.go
+++ b/app/main/api/internal/logic/user/detaillogic.go
@@ -0,0 +1,56 @@
+package user
+
+import (
+	"context"
+	"tyc-server/app/main/api/internal/svc"
+	"tyc-server/app/main/api/internal/types"
+	"tyc-server/app/main/model"
+	"tyc-server/common/ctxdata"
+	"tyc-server/common/xerr"
+	"tyc-server/pkg/lzkit/crypto"
+
+	"github.com/jinzhu/copier"
+	"github.com/pkg/errors"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type DetailLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewDetailLogic(ctx context.Context, svcCtx *svc.ServiceContext) *DetailLogic {
+	return &DetailLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *DetailLogic) Detail() (resp *types.UserInfoResp, err error) {
+	userID, err := ctxdata.GetUidFromCtx(l.ctx)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "用户信息, %+v", err)
+	}
+	user, err := l.svcCtx.UserModel.FindOne(l.ctx, userID)
+	if err != nil {
+		if errors.Is(err, model.ErrNotFound) {
+			return nil, errors.Wrapf(xerr.NewErrCode(xerr.USER_NOT_FOUND), "用户信息, 用户不存在, %v", err)
+		}
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "用户信息, 数据库查询用户信息失败, %+v", err)
+	}
+	var userInfo types.User
+	err = copier.Copy(&userInfo, user)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "用户信息, 用户信息结构体复制失败, %+v", err)
+	}
+	userInfo.Mobile, err = crypto.DecryptMobile(userInfo.Mobile, l.svcCtx.Config.Encrypt.SecretKey)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "用户信息, 解密手机号失败, %v", err)
+	}
+	return &types.UserInfoResp{
+		UserInfo: userInfo,
+	}, nil
+}
--- a/app/main/api/internal/logic/user/gettokenlogic.go
+++ b/app/main/api/internal/logic/user/gettokenlogic.go
@@ -0,0 +1,49 @@
+package user
+
+import (
+	"context"
+	"time"
+	"tyc-server/common/ctxdata"
+	jwtx "tyc-server/common/jwt"
+	"tyc-server/common/xerr"
+
+	"github.com/pkg/errors"
+
+	"tyc-server/app/main/api/internal/svc"
+	"tyc-server/app/main/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type GetTokenLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewGetTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetTokenLogic {
+	return &GetTokenLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *GetTokenLogic) GetToken() (resp *types.MobileCodeLoginResp, err error) {
+	userID, err := ctxdata.GetUidFromCtx(l.ctx)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "用户信息, %+v", err)
+	}
+	token, generaErr := jwtx.GenerateJwtToken(userID, l.svcCtx.Config.JwtAuth.AccessSecret, l.svcCtx.Config.JwtAuth.AccessExpire)
+	if generaErr != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "更新token, 生成token失败 : %d", userID)
+	}
+	// 获取当前时间戳
+	now := time.Now().Unix()
+	return &types.MobileCodeLoginResp{
+		AccessToken:  token,
+		AccessExpire: now + l.svcCtx.Config.JwtAuth.AccessExpire,
+		RefreshAfter: now + l.svcCtx.Config.JwtAuth.RefreshAfter,
+	}, nil
+
+}
--- a/app/main/api/internal/logic/user/mobilecodeloginlogic.go
+++ b/app/main/api/internal/logic/user/mobilecodeloginlogic.go
@@ -0,0 +1,103 @@
+package user
+
+import (
+	"context"
+	"database/sql"
+	"fmt"
+	"time"
+	"tyc-server/app/main/api/internal/svc"
+	"tyc-server/app/main/api/internal/types"
+	"tyc-server/app/main/model"
+	jwtx "tyc-server/common/jwt"
+	"tyc-server/common/xerr"
+	"tyc-server/pkg/lzkit/crypto"
+
+	"github.com/pkg/errors"
+	"github.com/zeromicro/go-zero/core/stores/redis"
+	"github.com/zeromicro/go-zero/core/stores/sqlx"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type MobileCodeLoginLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewMobileCodeLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *MobileCodeLoginLogic {
+	return &MobileCodeLoginLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *MobileCodeLoginLogic) MobileCodeLogin(req *types.MobileCodeLoginReq) (resp *types.MobileCodeLoginResp, err error) {
+	secretKey := l.svcCtx.Config.Encrypt.SecretKey
+	encryptedMobile, err := crypto.EncryptMobile(req.Mobile, secretKey)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "手机登录, 加密手机号失败: %+v", err)
+	}
+
+	// 检查手机号是否在一分钟内已发送过验证码
+	redisKey := fmt.Sprintf("%s:%s", "login", encryptedMobile)
+	cacheCode, err := l.svcCtx.Redis.Get(redisKey)
+	if err != nil {
+		if errors.Is(err, redis.Nil) {
+			return nil, errors.Wrapf(xerr.NewErrMsg("验证码已过期"), "手机登录, 验证码过期: %s", encryptedMobile)
+		}
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机登录, 读取验证码redis缓存失败, mobile: %s, err: %+v", encryptedMobile, err)
+	}
+	if cacheCode != req.Code {
+		return nil, errors.Wrapf(xerr.NewErrMsg("验证码不正确"), "手机登录, 验证码不正确: %s", encryptedMobile)
+	}
+
+	user, findUserErr := l.svcCtx.UserModel.FindOneByMobile(l.ctx, encryptedMobile)
+	if findUserErr != nil && findUserErr != model.ErrNotFound {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机登录, 读取数据库获取用户失败, mobile: %s, err: %+v", encryptedMobile, err)
+	}
+	if user == nil {
+		user = &model.User{Mobile: encryptedMobile}
+		if user.Nickname.Valid && user.Nickname.String != "" {
+			user.Nickname = sql.NullString{
+				String: encryptedMobile,
+				Valid:  true,
+			}
+		}
+		if transErr := l.svcCtx.UserModel.Trans(l.ctx, func(ctx context.Context, session sqlx.Session) error {
+			insertResult, userInsertErr := l.svcCtx.UserModel.Insert(ctx, session, user)
+			if userInsertErr != nil {
+				return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机注册, 数据库插入新用户失败, mobile: %s, err: %+v", encryptedMobile, err)
+			}
+			lastId, lastInsertIdErr := insertResult.LastInsertId()
+			if lastInsertIdErr != nil {
+				return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机注册, 获取新用户ID失败, err:%+v, user:%+v", lastInsertIdErr, user)
+			}
+			user.Id = lastId
+
+			userAuth := new(model.UserAuth)
+			userAuth.UserId = lastId
+			userAuth.AuthKey = encryptedMobile
+			userAuth.AuthType = model.UserAuthTypeAppMobile
+			if _, userAuthInsertErr := l.svcCtx.UserAuthModel.Insert(ctx, session, userAuth); userAuthInsertErr != nil {
+				return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机注册, 数据库插入用户认证失败, err:%+v", userAuthInsertErr)
+			}
+			return nil
+		}); transErr != nil {
+			return nil, transErr
+		}
+	}
+	token, generaErr := jwtx.GenerateJwtToken(user.Id, l.svcCtx.Config.JwtAuth.AccessSecret, l.svcCtx.Config.JwtAuth.AccessExpire)
+	if generaErr != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "手机登录, 生成token失败 : %d", user.Id)
+	}
+
+	// 获取当前时间戳
+	now := time.Now().Unix()
+	return &types.MobileCodeLoginResp{
+		AccessToken:  token,
+		AccessExpire: now + l.svcCtx.Config.JwtAuth.AccessExpire,
+		RefreshAfter: now + l.svcCtx.Config.JwtAuth.RefreshAfter,
+	}, nil
+}
--- a/app/main/api/internal/logic/user/mobileloginlogic.go
+++ b/app/main/api/internal/logic/user/mobileloginlogic.go
@@ -0,0 +1,64 @@
+package user
+
+import (
+	"context"
+	"time"
+	"tyc-server/app/main/model"
+	jwtx "tyc-server/common/jwt"
+	"tyc-server/common/tool"
+	"tyc-server/common/xerr"
+	"tyc-server/pkg/lzkit/crypto"
+	"tyc-server/pkg/lzkit/lzUtils"
+
+	"github.com/pkg/errors"
+
+	"tyc-server/app/main/api/internal/svc"
+	"tyc-server/app/main/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type MobileLoginLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewMobileLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *MobileLoginLogic {
+	return &MobileLoginLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *MobileLoginLogic) MobileLogin(req *types.MobileLoginReq) (resp *types.MobileCodeLoginResp, err error) {
+	secretKey := l.svcCtx.Config.Encrypt.SecretKey
+	encryptedMobile, err := crypto.EncryptMobile(req.Mobile, secretKey)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "手机登录, 加密手机号失败: %+v", err)
+	}
+	user, findUserErr := l.svcCtx.UserModel.FindOneByMobile(l.ctx, encryptedMobile)
+	if findUserErr != nil && findUserErr != model.ErrNotFound {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机登录, 读取数据库获取用户失败, mobile%s, err: %+v", encryptedMobile, err)
+	}
+	if user == nil {
+		return nil, errors.Wrapf(xerr.NewErrMsg("手机号码未注册"), "手机登录, 手机号未注册:%s", encryptedMobile)
+	}
+	if !(tool.Md5ByString(req.Password) == lzUtils.NullStringToString(user.Password)) {
+		return nil, errors.Wrapf(xerr.NewErrMsg("密码不正确"), "手机登录, 密码匹配不正确%s", encryptedMobile)
+	}
+
+	token, generaErr := jwtx.GenerateJwtToken(user.Id, l.svcCtx.Config.JwtAuth.AccessSecret, l.svcCtx.Config.JwtAuth.AccessExpire)
+	if generaErr != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "手机登录, 生成token失败 : %d", user.Id)
+	}
+
+	// 获取当前时间戳
+	now := time.Now().Unix()
+	return &types.MobileCodeLoginResp{
+		AccessToken:  token,
+		AccessExpire: now + l.svcCtx.Config.JwtAuth.AccessExpire,
+		RefreshAfter: now + l.svcCtx.Config.JwtAuth.RefreshAfter,
+	}, nil
+}
--- a/app/main/api/internal/logic/user/registerlogic.go
+++ b/app/main/api/internal/logic/user/registerlogic.go
@@ -0,0 +1,109 @@
+package user
+
+import (
+	"context"
+	"database/sql"
+	"fmt"
+	"time"
+	"tyc-server/app/main/api/internal/svc"
+	"tyc-server/app/main/api/internal/types"
+	"tyc-server/app/main/model"
+	jwtx "tyc-server/common/jwt"
+	"tyc-server/common/tool"
+	"tyc-server/common/xerr"
+	"tyc-server/pkg/lzkit/crypto"
+	"tyc-server/pkg/lzkit/lzUtils"
+
+	"github.com/pkg/errors"
+	"github.com/zeromicro/go-zero/core/stores/redis"
+	"github.com/zeromicro/go-zero/core/stores/sqlx"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type RegisterLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewRegisterLogic(ctx context.Context, svcCtx *svc.ServiceContext) *RegisterLogic {
+	return &RegisterLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *RegisterLogic) Register(req *types.RegisterReq) (resp *types.RegisterResp, err error) {
+	secretKey := l.svcCtx.Config.Encrypt.SecretKey
+	encryptedMobile, err := crypto.EncryptMobile(req.Mobile, secretKey)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "手机注册, 加密手机号失败: %+v", err)
+	}
+	// 检查手机号是否在一分钟内已发送过验证码
+	redisKey := fmt.Sprintf("%s:%s", "register", encryptedMobile)
+	cacheCode, err := l.svcCtx.Redis.Get(redisKey)
+	if err != nil {
+		if errors.Is(err, redis.Nil) {
+			return nil, errors.Wrapf(xerr.NewErrMsg("验证码已过期"), "手机注册, 验证码过期: %s", encryptedMobile)
+		}
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机注册, 读取验证码redis缓存失败, mobile: %s, err: %+v", encryptedMobile, err)
+	}
+	if cacheCode != req.Code {
+		return nil, errors.Wrapf(xerr.NewErrMsg("验证码不正确"), "手机注册, 验证码不正确: %s", encryptedMobile)
+	}
+	hasUser, findUserErr := l.svcCtx.UserModel.FindOneByMobile(l.ctx, encryptedMobile)
+	if findUserErr != nil && findUserErr != model.ErrNotFound {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机注册, 读取数据库获取用户失败, mobile%s, err: %+v", encryptedMobile, err)
+	}
+	if hasUser != nil {
+		return nil, errors.Wrapf(xerr.NewErrMsg("该手机号码已注册"), "手机注册, 手机号码已注册, mobile:%s", encryptedMobile)
+	}
+	var userId int64
+	if transErr := l.svcCtx.UserModel.Trans(l.ctx, func(ctx context.Context, session sqlx.Session) error {
+		user := new(model.User)
+		user.Mobile = encryptedMobile
+		if user.Nickname.Valid && user.Nickname.String != "" {
+			user.Nickname = sql.NullString{
+				String: encryptedMobile,
+				Valid:  true,
+			}
+		}
+		if len(req.Password) > 0 {
+			user.Password = lzUtils.StringToNullString(tool.Md5ByString(req.Password))
+		}
+		insertResult, userInsertErr := l.svcCtx.UserModel.Insert(ctx, session, user)
+		if userInsertErr != nil {
+			return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机注册, 数据库插入新用户失败, mobile%s, err: %+v", encryptedMobile, err)
+		}
+		lastId, lastInsertIdErr := insertResult.LastInsertId()
+		if lastInsertIdErr != nil {
+			return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机注册, 获取新用户ID失败, err:%+v, user:%+v", lastInsertIdErr, user)
+		}
+		userId = lastId
+
+		userAuth := new(model.UserAuth)
+		userAuth.UserId = lastId
+		userAuth.AuthKey = encryptedMobile
+		userAuth.AuthType = model.UserAuthTypeAppMobile
+		if _, userAuthInsertErr := l.svcCtx.UserAuthModel.Insert(ctx, session, userAuth); userAuthInsertErr != nil {
+			return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "手机注册, 数据库插入用户认证失败, err:%+v", userAuthInsertErr)
+		}
+		return nil
+	}); transErr != nil {
+		return nil, transErr
+	}
+
+	token, generaErr := jwtx.GenerateJwtToken(userId, l.svcCtx.Config.JwtAuth.AccessSecret, l.svcCtx.Config.JwtAuth.AccessExpire)
+	if generaErr != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "手机注册, 生成jwt token失败, userid: %d, err:%+v", userId, generaErr)
+	}
+	// 获取当前时间戳
+	now := time.Now().Unix()
+	return &types.RegisterResp{
+		AccessToken:  token,
+		AccessExpire: now + l.svcCtx.Config.JwtAuth.AccessExpire,
+		RefreshAfter: now + l.svcCtx.Config.JwtAuth.RefreshAfter,
+	}, nil
+}
--- a/app/main/api/internal/logic/user/wxh5authlogic.go
+++ b/app/main/api/internal/logic/user/wxh5authlogic.go
@@ -0,0 +1,136 @@
+package user
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"time"
+	"tyc-server/app/main/model"
+	jwtx "tyc-server/common/jwt"
+
+	"github.com/pkg/errors"
+	"github.com/zeromicro/go-zero/core/stores/sqlx"
+
+	"tyc-server/app/main/api/internal/svc"
+	"tyc-server/app/main/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type WxH5AuthLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewWxH5AuthLogic(ctx context.Context, svcCtx *svc.ServiceContext) *WxH5AuthLogic {
+	return &WxH5AuthLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *WxH5AuthLogic) WxH5Auth(req *types.WXH5AuthReq) (resp *types.WXH5AuthResp, err error) {
+	// Step 1: 使用code获取access_token
+	accessTokenResp, err := GetAccessToken(req.Code)
+	if err != nil {
+		return nil, errors.Wrap(err, "获取access_token失败")
+	}
+
+	// Step 2: 查找用户授权信息
+	userAuth, findErr := l.svcCtx.UserAuthModel.FindOneByAuthTypeAuthKey(l.ctx, accessTokenResp.Openid, "h5-weixin")
+	if findErr != nil && !errors.Is(findErr, model.ErrNotFound) {
+		return nil, errors.Wrapf(findErr, "查询用户授权失败，openid: %s", accessTokenResp.Openid)
+	}
+
+	// Step 3: 查找或创建用户
+	var user *model.User
+	if userAuth != nil {
+		// 授权信息存在，查找用户
+		userModel, findUserErr := l.svcCtx.UserModel.FindOne(l.ctx, userAuth.UserId)
+		if findUserErr != nil {
+			return nil, errors.Wrapf(findUserErr, "查询用户失败，userId: %d", userAuth.UserId)
+		}
+		user = userModel
+	} else {
+		// 授权信息不存在，创建新用户
+		user = &model.User{}
+		if transErr := l.svcCtx.UserModel.Trans(l.ctx, func(context context.Context, session sqlx.Session) error {
+			// 插入数据库
+			insertResult, insertErr := l.svcCtx.UserModel.Insert(l.ctx, session, user)
+			if insertErr != nil {
+				return errors.Wrapf(insertErr, "创建新用户失败，openid: %s", accessTokenResp.Openid)
+			}
+			// 获取插入后生成的 user.Id
+			lastInsertId, lastInsertIdErr := insertResult.LastInsertId()
+			if lastInsertIdErr != nil {
+				return errors.Wrapf(lastInsertIdErr, "获取新用户ID失败，openid: %s", accessTokenResp.Openid)
+			}
+			user.Id = lastInsertId
+			// 创建用户授权信息
+			userAuth = &model.UserAuth{
+				UserId:   user.Id,
+				AuthKey:  accessTokenResp.Openid,
+				AuthType: "mp-weixin", // 微信小程序
+			}
+			if _, insertUserAuthErr := l.svcCtx.UserAuthModel.Insert(l.ctx, session, userAuth); insertUserAuthErr != nil {
+				return errors.Wrapf(insertUserAuthErr, "创建用户授权失败，openid: %s", accessTokenResp.Openid)
+			}
+			return nil
+		}); transErr != nil {
+			return nil, transErr
+		}
+
+	}
+
+	// Step 4: 生成JWT Token
+	token, genErr := jwtx.GenerateJwtToken(user.Id, l.svcCtx.Config.JwtAuth.AccessSecret, l.svcCtx.Config.JwtAuth.AccessExpire)
+	if genErr != nil {
+		return nil, errors.Wrap(genErr, "生成JWT token失败")
+	}
+
+	now := time.Now().Unix()
+	return &types.WXH5AuthResp{
+		AccessToken:  token,
+		AccessExpire: now + l.svcCtx.Config.JwtAuth.AccessExpire,
+		RefreshAfter: now + l.svcCtx.Config.JwtAuth.RefreshAfter,
+	}, nil
+}
+
+type AccessTokenResp struct {
+	AccessToken string `json:"access_token"`
+	Openid      string `json:"openid"`
+}
+
+// GetAccessToken 通过code获取access_token
+func GetAccessToken(code string) (*AccessTokenResp, error) {
+	appID := "wxd1554b7a57cecc9e"
+	appSecret := "fb8026c0bc66625b580453300d4b43db"
+
+	url := fmt.Sprintf("https://api.weixin.qq.com/sns/oauth2/access_token?appid=%s&secret=%s&code=%s&grant_type=authorization_code", appID, appSecret, code)
+
+	resp, err := http.Get(url)
+	if err != nil {
+		return nil, errors.Wrap(err, "获取access_token失败")
+	}
+	defer resp.Body.Close()
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, errors.Wrap(err, "读取access_token响应失败")
+	}
+
+	var accessTokenResp AccessTokenResp
+	if err := json.Unmarshal(body, &accessTokenResp); err != nil {
+		return nil, errors.Wrap(err, "解析access_token响应失败")
+	}
+
+	if accessTokenResp.AccessToken == "" {
+		return nil, errors.New("获取access_token失败")
+	}
+
+	return &accessTokenResp, nil
+}
--- a/app/main/api/internal/logic/user/wxminiauthlogic.go
+++ b/app/main/api/internal/logic/user/wxminiauthlogic.go
@@ -0,0 +1,151 @@
+package user
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"time"
+	"tyc-server/app/main/api/internal/svc"
+	"tyc-server/app/main/api/internal/types"
+	"tyc-server/app/main/model"
+	jwtx "tyc-server/common/jwt"
+	"tyc-server/common/xerr"
+
+	"github.com/pkg/errors"
+	"github.com/zeromicro/go-zero/core/stores/sqlx"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type WxMiniAuthLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewWxMiniAuthLogic(ctx context.Context, svcCtx *svc.ServiceContext) *WxMiniAuthLogic {
+	return &WxMiniAuthLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *WxMiniAuthLogic) WxMiniAuth(req *types.WXMiniAuthReq) (resp *types.WXMiniAuthResp, err error) {
+	// 1. 使用微信提供的 code 换取 session_key 和 openid
+	weChatResponse, err := l.exchangeCodeForSession(req.Code)
+	if err != nil {
+		return nil, errors.Wrapf(xerr.NewErrMsg("微信登录失败"), "微信登录, code 换取 session 失败: %s, err: %+v", req.Code, err)
+	}
+
+	// 2. 根据 openid 查找用户
+	userAuth, findErr := l.svcCtx.UserAuthModel.FindOneByAuthTypeAuthKey(l.ctx, model.UserAuthTypeWxMini, weChatResponse.OpenId)
+	if findErr != nil && findErr != model.ErrNotFound {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "微信登录, 读取用户认证信息失败, openid: %s, err: %+v", weChatResponse.OpenId, findErr)
+	}
+
+	var user *model.User
+	if findErr == model.ErrNotFound {
+		// 用户不存在，创建新用户
+		user = &model.User{}
+		user.Mobile = weChatResponse.OpenId
+		if transErr := l.svcCtx.UserModel.Trans(l.ctx, func(ctx context.Context, session sqlx.Session) error {
+			// 插入新用户
+			insertResult, userInsertErr := l.svcCtx.UserModel.Insert(ctx, session, user)
+			if userInsertErr != nil {
+				return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "微信登录, 数据库插入新用户失败, openid: %s, err: %+v", weChatResponse.OpenId, userInsertErr)
+			}
+
+			// 获取新用户的 ID
+			lastId, lastInsertIdErr := insertResult.LastInsertId()
+			if lastInsertIdErr != nil {
+				return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "微信登录, 获取新用户ID失败, err:%+v, user:%+v", lastInsertIdErr, user)
+			}
+			user.Id = lastId
+
+			// 创建用户认证信息
+			newUserAuth := &model.UserAuth{
+				UserId:   lastId,
+				AuthKey:  weChatResponse.OpenId,
+				AuthType: model.UserAuthTypeWxMini,
+			}
+			if _, userAuthInsertErr := l.svcCtx.UserAuthModel.Insert(ctx, session, newUserAuth); userAuthInsertErr != nil {
+				return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "微信登录, 数据库插入用户认证信息失败, err:%+v", userAuthInsertErr)
+			}
+			return nil
+		}); transErr != nil {
+			return nil, transErr
+		}
+	} else {
+		// 获取用户信息
+		user, err = l.svcCtx.UserModel.FindOne(l.ctx, userAuth.UserId)
+		if err != nil {
+			return nil, errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "微信登录, 读取用户信息失败, userId: %d, err: %+v", userAuth.UserId, err)
+		}
+	}
+
+	// 3. 生成 JWT 令牌
+	token, generateErr := jwtx.GenerateJwtToken(user.Id, l.svcCtx.Config.JwtAuth.AccessSecret, l.svcCtx.Config.JwtAuth.AccessExpire)
+	if generateErr != nil {
+		return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "微信登录, 生成token失败 : %d", user.Id)
+	}
+
+	// 4. 获取当前时间戳
+	now := time.Now().Unix()
+
+	return &types.WXMiniAuthResp{
+		AccessToken:  token,
+		AccessExpire: now + l.svcCtx.Config.JwtAuth.AccessExpire,
+		RefreshAfter: now + l.svcCtx.Config.JwtAuth.RefreshAfter,
+	}, nil
+}
+
+type WxLoginResp struct {
+	OpenId     string `json:"openid"`
+	SessionKey string `json:"session_key"`
+	Unionid    string `json:"unionid"`
+	ErrCode    int    `json:"errcode"`
+	ErrMsg     string `json:"errmsg"`
+}
+
+func (l *WxMiniAuthLogic) exchangeCodeForSession(code string) (response WxLoginResp, err error) {
+
+	// 向微信发出登录请求
+	baseURL := "https://api.weixin.qq.com/sns/jscode2session"
+	// 创建查询参数
+	params := url.Values{}
+	params.Add("appid", l.svcCtx.Config.Wxpay.AppID)
+	params.Add("secret", l.svcCtx.Config.Wxpay.AppSecret)
+	params.Add("js_code", code)
+	params.Add("grant_type", "authorization_code")
+
+	// 构建完整的请求 URL
+	requestURL := fmt.Sprintf("%s?%s", baseURL, params.Encode())
+
+	// 发送 GET 请求
+	resp, err := http.Get(requestURL)
+	if err != nil {
+		return
+	}
+	defer resp.Body.Close()
+
+	// 读取响应体
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return
+	}
+	// 将响应体解析为结构体
+	err = json.Unmarshal(body, &response)
+	if err != nil {
+		return
+	}
+
+	if response.ErrCode != 0 {
+		err = errors.New(response.ErrMsg)
+		return
+	}
+	return
+}