user_login.go 26 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903
  1. package controllers
  2. import (
  3. "encoding/base64"
  4. "encoding/json"
  5. "eta/eta_api/models"
  6. "eta/eta_api/models/company"
  7. "eta/eta_api/models/system"
  8. "eta/eta_api/services"
  9. "eta/eta_api/services/eta_trial"
  10. "eta/eta_api/utils"
  11. "fmt"
  12. "github.com/mojocn/base64Captcha"
  13. "image/color"
  14. "strings"
  15. "time"
  16. )
  17. // UserLoginController 登录-无需Token
  18. type UserLoginController struct {
  19. BaseCommonController
  20. }
  21. // UserLoginAuthController 登录-需Token
  22. type UserLoginAuthController struct {
  23. BaseAuthController
  24. }
  25. // GenerateCaptcha
  26. // @Title 生成图形验证码
  27. // @Description 生成图形验证码
  28. // @Success 200 Ret=200 获取成功
  29. // @router /get_captcha [get]
  30. func (this *UserLoginController) GenerateCaptcha() {
  31. br := new(models.BaseResponse).Init()
  32. defer func() {
  33. if br.ErrMsg == "" {
  34. br.IsSendEmail = false
  35. }
  36. this.Data["json"] = br
  37. this.ServeJSON()
  38. }()
  39. //driver := base64Captcha.DefaultDriverDigit
  40. // 自定义验证码样式
  41. var driver base64Captcha.Driver
  42. driverString := base64Captcha.DriverString{
  43. Height: 60, //高度
  44. Width: 120, //宽度
  45. NoiseCount: 0, //干扰数
  46. ShowLineOptions: 2 | 4, //展示个数
  47. Length: 4, //长度
  48. //Source: "1234567890qwertyuioplkjhgfdsazxcvbnm", //验证码随机字符串来源
  49. Source: "1234567890", //验证码随机字符串来源
  50. BgColor: &color.RGBA{ // 背景颜色
  51. R: 0,
  52. G: 0,
  53. B: 0,
  54. A: 0,
  55. },
  56. Fonts: []string{"wqy-microhei.ttc"}, // 字体
  57. }
  58. driver = driverString.ConvertFonts()
  59. // 生成验证码
  60. store := services.CaptchaRedis{}
  61. captcha := base64Captcha.NewCaptcha(driver, store)
  62. id, b64s, err := captcha.Generate()
  63. if err != nil {
  64. br.Msg = "生成失败"
  65. br.ErrMsg = "生成验证码失败, Err: " + err.Error()
  66. return
  67. }
  68. type CaptchaResult struct {
  69. Id string
  70. Base64Blob string
  71. }
  72. res := new(CaptchaResult)
  73. res.Id = id
  74. res.Base64Blob = b64s
  75. br.Ret = 200
  76. br.Success = true
  77. br.Msg = "获取成功"
  78. br.Data = res
  79. }
  80. // GetVerifyCode
  81. // @Title 获取短信/邮箱验证码
  82. // @Description 获取短信/邮箱验证码
  83. // @Param request body VerifyCodeReq true "type json string"
  84. // @Success 200 Ret=200 获取成功
  85. // @router /verify_code [post]
  86. func (this *UserLoginController) GetVerifyCode() {
  87. br := new(models.BaseResponse).Init()
  88. defer func() {
  89. if br.ErrMsg == "" {
  90. br.IsSendEmail = false
  91. }
  92. this.Data["json"] = br
  93. this.ServeJSON()
  94. }()
  95. type VerifyCodeReq struct {
  96. VerifyType int `description:"验证方式: 1-手机号; 2-邮箱"`
  97. CaptchaId string `description:"验证码ID"`
  98. CaptchaCode string `description:"图形验证码"`
  99. Mobile string `description:"手机号"`
  100. TelAreaCode string `description:"手机区号"`
  101. Email string `description:"邮箱"`
  102. Source int `description:"来源:1-登录;2-异常登录校验;3-忘记密码"`
  103. }
  104. var req VerifyCodeReq
  105. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  106. if err != nil {
  107. br.Msg = "参数解析异常!"
  108. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  109. return
  110. }
  111. if req.VerifyType != 1 && req.VerifyType != 2 {
  112. br.Msg = "验证方式有误"
  113. br.ErrMsg = "验证方式有误"
  114. return
  115. }
  116. if req.Source != 1 && req.Source != 2 && req.Source != 3 {
  117. br.Msg = "来源有误"
  118. br.ErrMsg = "来源有误"
  119. return
  120. }
  121. // 忘记密码图形校验在前一步, 这一步不再校验图形验证码
  122. if req.Source != 3 {
  123. if req.CaptchaId == "" || req.CaptchaCode == "" {
  124. br.Msg = "请输入图形验证码"
  125. return
  126. }
  127. }
  128. if req.VerifyType == 1 {
  129. if req.TelAreaCode == "" {
  130. br.Msg = "请选择区号"
  131. return
  132. }
  133. if req.Mobile == "" {
  134. br.Msg = "请输入手机号"
  135. return
  136. }
  137. if req.TelAreaCode == "86" && !utils.ValidateMobileFormatat(req.Mobile) {
  138. br.Msg = "您的手机号输入有误, 请检查"
  139. return
  140. }
  141. _, e := system.GetSysUserByMobile(req.Mobile)
  142. if e != nil {
  143. if e.Error() == utils.ErrNoRow() {
  144. br.Msg = "您的手机号未绑定账号, 请检查"
  145. return
  146. }
  147. br.Msg = "您的手机号未绑定账号, 请检查"
  148. br.ErrMsg = "手机号获取用户失败, Err:" + e.Error()
  149. return
  150. }
  151. }
  152. if req.VerifyType == 2 {
  153. if req.Email == "" {
  154. br.Msg = "请输入邮箱"
  155. return
  156. }
  157. if !utils.ValidateEmailFormatat(req.Email) {
  158. br.Msg = "您的邮箱输入有误, 请检查"
  159. return
  160. }
  161. _, e := system.GetSysUserByEmail(req.Email)
  162. if e != nil {
  163. if e.Error() == utils.ErrNoRow() {
  164. br.Msg = "您的邮箱未绑定账号, 请检查"
  165. return
  166. }
  167. br.Msg = "您的邮箱未绑定账号, 请检查"
  168. br.ErrMsg = "邮箱获取用户失败, Err:" + e.Error()
  169. return
  170. }
  171. }
  172. if req.Source != 3 {
  173. store := services.CaptchaRedis{}
  174. ok := store.Verify(req.CaptchaId, req.CaptchaCode, true)
  175. if !ok {
  176. br.Msg = "图形验证码错误, 请重新输入"
  177. return
  178. }
  179. }
  180. // 限制最多60s获取一次
  181. var lockKey string
  182. if req.VerifyType == 1 {
  183. lockKey = fmt.Sprint(utils.CaptchaCachePrefix, req.Mobile)
  184. }
  185. if req.VerifyType == 2 {
  186. lockKey = fmt.Sprint(utils.CaptchaCachePrefix, req.Email)
  187. }
  188. locked := utils.Rc.SetNX(lockKey, 1, time.Minute)
  189. if !locked {
  190. br.Msg = "请勿频繁发送"
  191. return
  192. }
  193. // 发送验证码
  194. sendRes := false
  195. if req.VerifyType == 1 {
  196. r, e := services.SendAdminMobileVerifyCode(req.Source, req.Mobile, req.TelAreaCode)
  197. if e != nil {
  198. br.Msg = "发送失败"
  199. br.ErrMsg = "发送短信验证码失败, Err: " + e.Error()
  200. return
  201. }
  202. sendRes = r
  203. }
  204. if req.VerifyType == 2 {
  205. r, e := services.SendAdminEmailVerifyCode(req.Source, req.Email)
  206. if e != nil {
  207. br.Msg = "发送失败"
  208. br.ErrMsg = "发送邮箱验证码失败, Err: " + e.Error()
  209. return
  210. }
  211. sendRes = r
  212. }
  213. if !sendRes {
  214. br.Msg = "发送失败"
  215. br.ErrMsg = "发送短信验证码失败"
  216. return
  217. }
  218. br.Ret = 200
  219. br.Success = true
  220. br.Msg = "发送成功"
  221. }
  222. // Login
  223. // @Title 用户登录
  224. // @Description 用户登录
  225. // @Param request body UserLoginReq true "type json string"
  226. // @Success 200 {object} models.LoginResp
  227. // @router /login [post]
  228. func (this *UserLoginController) Login() {
  229. br := new(models.BaseResponse).Init()
  230. defer func() {
  231. if br.ErrMsg != "" {
  232. br.IsSendEmail = false
  233. }
  234. this.Data["json"] = br
  235. this.ServeJSON()
  236. }()
  237. // 入参
  238. type UserLoginReq struct {
  239. LoginType int `description:"登录方式: 1-账号; 2-手机号; 3-邮箱"`
  240. Username string `description:"账号"`
  241. Password string `description:"密码"`
  242. Mobile string `description:"手机号"`
  243. Email string `description:"邮箱"`
  244. VerifyCode string `description:"验证码"`
  245. }
  246. var req UserLoginReq
  247. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  248. if err != nil {
  249. br.Msg = "参数解析异常!"
  250. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  251. return
  252. }
  253. req.Username = strings.TrimSpace(req.Username)
  254. req.Mobile = strings.TrimSpace(req.Mobile)
  255. if req.Mobile != "" {
  256. if !utils.ValidateMobileFormatat(req.Mobile) {
  257. br.Msg = "您的手机号输入有误, 请检查"
  258. return
  259. }
  260. }
  261. req.Email = strings.TrimSpace(req.Email)
  262. if req.Email != "" {
  263. if !utils.ValidateEmailFormatat(req.Email) {
  264. br.Msg = "您的邮箱输入有误, 请检查"
  265. return
  266. }
  267. }
  268. req.VerifyCode = strings.TrimSpace(req.VerifyCode)
  269. if req.LoginType != 1 && req.LoginType != 2 && req.LoginType != 3 {
  270. br.Msg = "登录方式有误"
  271. br.ErrMsg = fmt.Sprintf("登录方式有误, Type: %d", req.LoginType)
  272. return
  273. }
  274. sysUser := new(system.Admin)
  275. // 账号密码登录
  276. if req.LoginType == 1 {
  277. if req.Username == "" {
  278. br.Msg = "请输入账号"
  279. return
  280. }
  281. if req.Password == "" {
  282. br.Msg = "请输入密码"
  283. return
  284. }
  285. // 判断账号是否为异常登录, 算作异常的话就需要换另外的方式去登录了
  286. abnormalKey := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, req.Username)
  287. isAbnormal, _ := utils.Rc.RedisString(abnormalKey)
  288. if isAbnormal != "" {
  289. br.Ret = models.BaseRespCodeAbnormalLogin
  290. br.Msg = "账号异常, 请进行手机号/邮箱校验"
  291. return
  292. }
  293. // 账号密码校验
  294. errPassKey := fmt.Sprint(utils.CACHE_LOGIN_ERR_PASS, req.Username)
  295. accountUser, e := system.CheckSysUser(req.Username, req.Password)
  296. if e != nil {
  297. br.Ret = models.BaseRespCodeLoginErr
  298. if e.Error() == utils.ErrNoRow() {
  299. br.Msg = "登录失败, 账号或密码错误"
  300. if isAbnormal != "" {
  301. return
  302. }
  303. // 错误密码计数, 超过6次标记异常
  304. if !utils.Rc.IsExist(errPassKey) {
  305. _ = utils.Rc.Put(errPassKey, 1, utils.GetTodayLastSecond())
  306. return
  307. }
  308. errNum, _ := utils.Rc.RedisInt(errPassKey)
  309. errNum += 1
  310. if errNum >= 6 {
  311. br.Ret = models.BaseRespCodeAbnormalLogin
  312. br.Msg = "账号异常, 请进行手机号/邮箱校验"
  313. // 标记异常登录, 重置计数
  314. _ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
  315. _ = utils.Rc.Delete(errPassKey)
  316. return
  317. }
  318. _ = utils.Rc.Put(errPassKey, errNum, utils.GetTodayLastSecond())
  319. return
  320. }
  321. br.Msg = "登录失败, 账号或密码错误"
  322. br.ErrMsg = "登录失败, Err:" + e.Error()
  323. return
  324. }
  325. if accountUser.Enabled == 0 {
  326. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  327. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录账号: %s, 账户名称: %s", accountUser.AdminName, accountUser.RealName)
  328. return
  329. }
  330. // 异常登录-是否登录间隔大于60天
  331. if isAbnormal == "" {
  332. abnormalTime := time.Now().AddDate(0, 0, -60)
  333. lastLogin, _ := time.ParseInLocation(utils.FormatDateTime, accountUser.LastLoginTime, time.Local)
  334. if !lastLogin.IsZero() && lastLogin.Before(abnormalTime) {
  335. br.Msg = "请进行异常登录校验"
  336. br.Ret = models.BaseRespCodeAbnormalLogin
  337. // 标记异常登录
  338. _ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
  339. return
  340. }
  341. }
  342. sysUser = accountUser
  343. }
  344. // 手机号
  345. if req.LoginType == 2 {
  346. if req.Mobile == "" {
  347. br.Msg = "请输入手机号"
  348. return
  349. }
  350. if !utils.ValidateMobileFormatat(req.Mobile) {
  351. br.Msg = "您的手机号输入有误, 请检查"
  352. return
  353. }
  354. if req.VerifyCode == "" {
  355. br.Msg = "请输入验证码"
  356. return
  357. }
  358. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  359. recordCond := ` AND source = ? AND mobile = ? AND code = ? AND expired_time <= ?`
  360. recordPars := make([]interface{}, 0)
  361. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceLogin, req.Mobile, req.VerifyCode, expiredTime)
  362. recordOb := new(system.AdminVerifyCodeRecord)
  363. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  364. if e != nil {
  365. if e.Error() == utils.ErrNoRow() {
  366. br.Msg = "验证码错误, 请重新输入"
  367. return
  368. }
  369. br.Msg = "验证码错误, 请重新输入"
  370. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  371. return
  372. }
  373. mobileUser, e := system.GetSysUserByMobile(req.Mobile)
  374. if e != nil {
  375. if e.Error() == utils.ErrNoRow() {
  376. br.Msg = "您的手机号未绑定账号, 请检查"
  377. return
  378. }
  379. br.Msg = "您的手机号未绑定账号, 请检查"
  380. br.ErrMsg = "手机号获取用户失败, Err:" + e.Error()
  381. return
  382. }
  383. if mobileUser.Enabled == 0 {
  384. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  385. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录手机号: %s", req.Mobile)
  386. return
  387. }
  388. sysUser = mobileUser
  389. }
  390. // 邮箱登录
  391. if req.LoginType == 3 {
  392. if req.Email == "" {
  393. br.Msg = "请输入邮箱"
  394. return
  395. }
  396. if !utils.ValidateEmailFormatat(req.Email) {
  397. br.Msg = "您的邮箱输入有误, 请检查"
  398. return
  399. }
  400. if req.VerifyCode == "" {
  401. br.Msg = "请输入验证码"
  402. return
  403. }
  404. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  405. recordCond := ` AND source = ? AND email = ? AND code = ? AND expired_time <= ?`
  406. recordPars := make([]interface{}, 0)
  407. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceLogin, req.Email, req.VerifyCode, expiredTime)
  408. recordOb := new(system.AdminVerifyCodeRecord)
  409. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  410. if e != nil {
  411. if e.Error() == utils.ErrNoRow() {
  412. br.Msg = "验证码错误, 请重新输入"
  413. return
  414. }
  415. br.Msg = "验证码错误, 请重新输入"
  416. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  417. return
  418. }
  419. emailUser, e := system.GetSysUserByEmail(req.Email)
  420. if e != nil {
  421. if e.Error() == utils.ErrNoRow() {
  422. br.Msg = "您的邮箱未绑定账号, 请检查"
  423. return
  424. }
  425. br.Msg = "您的邮箱未绑定账号, 请检查"
  426. br.ErrMsg = "邮箱获取用户失败, Err:" + e.Error()
  427. return
  428. }
  429. if emailUser.Enabled == 0 {
  430. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  431. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录邮箱: %s", req.Email)
  432. return
  433. }
  434. sysUser = emailUser
  435. }
  436. // 登录成功(无论哪种方式登录), 清除异常标记
  437. abnormalCache := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, sysUser.AdminName)
  438. errPassCache := fmt.Sprint(utils.CACHE_LOGIN_ERR_PASS, sysUser.AdminName)
  439. _ = utils.Rc.Delete(abnormalCache)
  440. _ = utils.Rc.Delete(errPassCache)
  441. account := utils.MD5(sysUser.AdminName)
  442. token := utils.GenToken(account)
  443. sysSession := new(system.SysSession)
  444. sysSession.UserName = req.Username
  445. sysSession.SysUserId = sysUser.AdminId
  446. sysSession.ExpiredTime = time.Now().AddDate(0, 0, 90)
  447. sysSession.IsRemember = 0 // 均需要做过期校验
  448. sysSession.CreatedTime = time.Now()
  449. sysSession.LastUpdatedTime = time.Now()
  450. sysSession.AccessToken = token
  451. if e := system.AddSysSession(sysSession); e != nil {
  452. br.Msg = "登录失败"
  453. br.ErrMsg = "新增session信息失败, Err:" + e.Error()
  454. return
  455. }
  456. // 修改最后登录时间
  457. {
  458. sysUser.LastLoginTime = time.Now().Format(utils.FormatDateTime)
  459. sysUser.LastUpdatedTime = time.Now().Format(utils.FormatDateTime)
  460. _ = sysUser.Update([]string{"LastLoginTime", "LastUpdatedTime"})
  461. }
  462. resp := new(system.LoginResp)
  463. resp.Authorization = token
  464. resp.Authorization = "authorization=" + token + "$account=" + account
  465. resp.RealName = sysUser.RealName
  466. resp.AdminName = sysUser.AdminName
  467. resp.RoleName = sysUser.RoleName
  468. resp.SysRoleTypeCode = sysUser.RoleTypeCode //系统角色编码
  469. resp.RoleTypeCode = sysUser.RoleTypeCode
  470. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_GROUP {
  471. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  472. }
  473. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_TEAM {
  474. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  475. }
  476. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_DEPARTMENT {
  477. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  478. }
  479. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_GROUP {
  480. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
  481. }
  482. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_DEPARTMENT {
  483. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
  484. }
  485. if sysUser.RoleName == utils.ROLE_NAME_FICC_DIRECTOR {
  486. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  487. }
  488. resp.AdminId = sysUser.AdminId
  489. var productName string
  490. productId := services.GetProductId(sysUser.RoleTypeCode)
  491. if productId == 1 {
  492. productName = utils.COMPANY_PRODUCT_FICC_NAME
  493. } else if productId == 2 {
  494. productName = utils.COMPANY_PRODUCT_RAI_NAME
  495. } else {
  496. productName = "admin"
  497. }
  498. resp.ProductName = productName
  499. resp.Authority = sysUser.Authority
  500. // 设置redis缓存
  501. {
  502. // 获取不可信的登录态,并将该登录态重置掉,不允许多次登录
  503. noTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN_NO_TRUST, sysUser.AdminId)
  504. noTrustLoginId, _ := utils.Rc.RedisString(noTrustLoginKey)
  505. if noTrustLoginId != `` { // 如果存在不可信设备,那么将其下架
  506. oldNoTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, noTrustLoginId)
  507. _ = utils.Rc.Put(oldNoTrustLoginKey, "0", utils.LoginCacheTime*time.Minute)
  508. }
  509. // 如果当前是不可信设备,那么将其加入到不可信名单
  510. loginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, sysSession.Id)
  511. _ = utils.Rc.Put(loginKey, "1", utils.LoginCacheTime*time.Minute)
  512. _ = utils.Rc.Put(noTrustLoginKey, sysSession.Id, utils.LoginCacheTime*time.Minute)
  513. }
  514. // 新增登录记录
  515. go func() {
  516. record := new(system.SysUserLoginRecord)
  517. record.Uid = sysUser.AdminId
  518. record.UserName = req.Username
  519. record.Ip = this.Ctx.Input.IP()
  520. record.Stage = "login"
  521. record.CreateTime = time.Now()
  522. _ = system.AddSysUserLoginRecord(record)
  523. }()
  524. // ETA试用平台-请求中间服务更新用户最后登录时间和次数
  525. if utils.BusinessCode == utils.BusinessCodeSandbox {
  526. go func() {
  527. var r eta_trial.EtaTrialUserReq
  528. r.Mobile = sysUser.Mobile
  529. _, _ = eta_trial.UpdateEtaTrialUserLogin(r)
  530. }()
  531. }
  532. br.Data = resp
  533. br.Ret = 200
  534. br.Success = true
  535. br.Msg = "登录成功"
  536. }
  537. // ForgetAccountGet
  538. // @Title 忘记密码-账号校验
  539. // @Description 忘记密码-账号校验
  540. // @Param request body ForgetAccountGetReq true "type json string"
  541. // @Success 200 Ret=200 获取成功
  542. // @router /forget/account_get [post]
  543. func (this *UserLoginController) ForgetAccountGet() {
  544. br := new(models.BaseResponse).Init()
  545. defer func() {
  546. if br.ErrMsg == "" {
  547. br.IsSendEmail = false
  548. }
  549. this.Data["json"] = br
  550. this.ServeJSON()
  551. }()
  552. type ForgetAccountGetReq struct {
  553. CaptchaId string `description:"验证码ID"`
  554. CaptchaCode string `description:"图形验证码"`
  555. UserName string `description:"用户名"`
  556. }
  557. var req ForgetAccountGetReq
  558. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  559. if err != nil {
  560. br.Msg = "参数解析异常!"
  561. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  562. return
  563. }
  564. req.UserName = strings.TrimSpace(req.UserName)
  565. if req.UserName == "" {
  566. br.Msg = "请输入账号"
  567. return
  568. }
  569. if req.CaptchaId == "" || req.CaptchaCode == "" {
  570. br.Msg = "请输入图形验证码"
  571. return
  572. }
  573. store := services.CaptchaRedis{}
  574. ok := store.Verify(req.CaptchaId, req.CaptchaCode, true)
  575. if !ok {
  576. br.Msg = "验证码错误, 请重新输入"
  577. return
  578. }
  579. sysUser, e := system.GetSysUserByAdminName(req.UserName)
  580. if e != nil {
  581. if e.Error() == utils.ErrNoRow() {
  582. br.Msg = "用户不存在, 请检查"
  583. return
  584. }
  585. br.Msg = "账号错误, 请重新输入"
  586. br.ErrMsg = "用户名获取用户失败, Err: " + e.Error()
  587. return
  588. }
  589. type ForgetAccountCheckResp struct {
  590. Mobile string `description:"手机号"`
  591. Email string `description:"邮箱"`
  592. TelAreaCode string `description:"手机区号"`
  593. }
  594. resp := ForgetAccountCheckResp{
  595. Mobile: sysUser.Mobile,
  596. Email: sysUser.Email,
  597. TelAreaCode: sysUser.TelAreaCode,
  598. }
  599. br.Data = resp
  600. br.Ret = 200
  601. br.Success = true
  602. br.Msg = "获取成功"
  603. }
  604. // ForgetCodeVerify
  605. // @Title 忘记密码-验证码校验
  606. // @Description 忘记密码-验证码校验
  607. // @Param request body ForgetCodeVerifyReq true "type json string"
  608. // @Success 200 Ret=200 获取成功
  609. // @router /forget/code_verify [post]
  610. func (this *UserLoginController) ForgetCodeVerify() {
  611. br := new(models.BaseResponse).Init()
  612. defer func() {
  613. if br.ErrMsg == "" {
  614. br.IsSendEmail = false
  615. }
  616. this.Data["json"] = br
  617. this.ServeJSON()
  618. }()
  619. type ForgetCodeVerifyReq struct {
  620. FindType int `description:"密码找回方式: 1-手机号; 2-邮箱"`
  621. VerifyCode string `description:"验证码"`
  622. UserName string `description:"用户名"`
  623. Mobile string `description:"手机号"`
  624. Email string `description:"邮箱"`
  625. }
  626. var req ForgetCodeVerifyReq
  627. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  628. if err != nil {
  629. br.Msg = "参数解析异常!"
  630. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  631. return
  632. }
  633. req.UserName = strings.TrimSpace(req.UserName)
  634. if req.UserName == "" {
  635. br.Msg = "请输入账号"
  636. return
  637. }
  638. if req.VerifyCode == "" {
  639. br.Msg = "请输入验证码"
  640. return
  641. }
  642. // 手机号找回
  643. var verifyRes bool
  644. if req.FindType == 1 {
  645. req.Mobile = strings.TrimSpace(req.Mobile)
  646. if req.Mobile == "" {
  647. br.Msg = "请输入手机号"
  648. return
  649. }
  650. if !utils.ValidateMobileFormatat(req.Mobile) {
  651. br.Msg = "您的手机号输入有误, 请检查"
  652. return
  653. }
  654. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  655. recordCond := ` AND source = ? AND mobile = ? AND code = ? AND expired_time <= ?`
  656. recordPars := make([]interface{}, 0)
  657. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceForget, req.Mobile, req.VerifyCode, expiredTime)
  658. recordOb := new(system.AdminVerifyCodeRecord)
  659. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  660. if e != nil {
  661. if e.Error() == utils.ErrNoRow() {
  662. br.Msg = "验证码错误, 请重新输入"
  663. return
  664. }
  665. br.Msg = "验证码错误, 请重新输入"
  666. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  667. return
  668. }
  669. verifyRes = true
  670. }
  671. // 邮箱找回
  672. if req.FindType == 2 {
  673. req.Email = strings.TrimSpace(req.Email)
  674. if req.Email == "" {
  675. br.Msg = "请输入邮箱"
  676. return
  677. }
  678. if !utils.ValidateEmailFormatat(req.Email) {
  679. br.Msg = "您的邮箱输入有误, 请检查"
  680. return
  681. }
  682. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  683. recordCond := ` AND source = ? AND email = ? AND code = ? AND expired_time <= ?`
  684. recordPars := make([]interface{}, 0)
  685. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceForget, req.Email, req.VerifyCode, expiredTime)
  686. recordOb := new(system.AdminVerifyCodeRecord)
  687. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  688. if e != nil {
  689. if e.Error() == utils.ErrNoRow() {
  690. br.Msg = "验证码错误, 请重新输入"
  691. return
  692. }
  693. br.Msg = "验证码错误, 请重新输入"
  694. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  695. return
  696. }
  697. verifyRes = true
  698. }
  699. if verifyRes {
  700. successKey := fmt.Sprint(utils.CACHE_FIND_PASS_VERIFY, req.UserName)
  701. _ = utils.Rc.Put(successKey, "true", utils.GetTodayLastSecond())
  702. }
  703. br.Data = verifyRes
  704. br.Ret = 200
  705. br.Success = true
  706. br.Msg = "操作成功"
  707. }
  708. // ForgetResetPass
  709. // @Title 忘记密码-重置密码
  710. // @Description 忘记密码-重置密码
  711. // @Param request body ForgetResetPassReq true "type json string"
  712. // @Success 200 Ret=200 获取成功
  713. // @router /forget/reset_pass [post]
  714. func (this *UserLoginController) ForgetResetPass() {
  715. br := new(models.BaseResponse).Init()
  716. defer func() {
  717. if br.ErrMsg == "" {
  718. br.IsSendEmail = false
  719. }
  720. this.Data["json"] = br
  721. this.ServeJSON()
  722. }()
  723. type ForgetResetPassReq struct {
  724. UserName string `description:"用户名"`
  725. Password string `description:"密码"`
  726. RePassword string `description:"重复密码"`
  727. }
  728. var req ForgetResetPassReq
  729. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  730. if err != nil {
  731. br.Msg = "参数解析异常!"
  732. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  733. return
  734. }
  735. req.UserName = strings.TrimSpace(req.UserName)
  736. if req.UserName == "" {
  737. br.Msg = "请输入账号"
  738. return
  739. }
  740. req.Password = strings.TrimSpace(req.Password)
  741. if req.Password == "" {
  742. br.Msg = "请输入新密码"
  743. return
  744. }
  745. req.RePassword = strings.TrimSpace(req.RePassword)
  746. if req.RePassword == "" {
  747. br.Msg = "请确认新密码"
  748. return
  749. }
  750. if req.Password != req.RePassword {
  751. br.Msg = "两次密码输入不一致, 请检查"
  752. return
  753. }
  754. // 接上一步-验证码校验成功后才允许修改
  755. successKey := fmt.Sprint(utils.CACHE_FIND_PASS_VERIFY, req.UserName)
  756. verifyOk, _ := utils.Rc.RedisString(successKey)
  757. if verifyOk != "true" {
  758. br.Msg = "验证码校验失效, 请重新验证"
  759. br.ErrMsg = "重置密码异常, 验证码校验已失效"
  760. return
  761. }
  762. sysUser, e := system.GetSysAdminByName(req.UserName)
  763. if e != nil {
  764. if e.Error() == utils.ErrNoRow() {
  765. br.Msg = "用户不存在, 请检查"
  766. return
  767. }
  768. br.Msg = "操作失败"
  769. br.ErrMsg = "密码找回获取用户失败, Err:" + e.Error()
  770. return
  771. }
  772. b, e := base64.StdEncoding.DecodeString(req.Password)
  773. if e != nil {
  774. br.Msg = "操作失败"
  775. br.ErrMsg = "解析密码失败, Err:" + e.Error()
  776. return
  777. }
  778. pwd := string(b)
  779. pwd = utils.MD5(pwd)
  780. sysUser.Password = pwd
  781. sysUser.LastUpdatedPasswordTime = time.Now().Format(utils.FormatDateTime)
  782. // 重置密码后更新一下登录时间, 不然账号密码登录如果超过60天还会被异常校验再校验一次, 影响体验
  783. sysUser.LastLoginTime = time.Now().Format(utils.FormatDateTime)
  784. sysUser.LastUpdatedTime = time.Now().Format(utils.FormatDateTime)
  785. if e = sysUser.Update([]string{"Password", "LastUpdatedPasswordTime", "LastLoginTime", "LastUpdatedTime"}); e != nil {
  786. br.Msg = "操作失败"
  787. br.ErrMsg = "更新密码失败, Err: " + e.Error()
  788. return
  789. }
  790. // 如果有异常标记也清除掉
  791. abnormalKey := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, req.UserName)
  792. _ = utils.Rc.Delete(abnormalKey)
  793. _ = utils.Rc.Delete(successKey)
  794. // 同步ETA用户缓存
  795. if utils.BusinessCode == utils.BusinessCodeRelease || utils.BusinessCode == utils.BusinessCodeSandbox {
  796. var syncData system.SyncAdminData
  797. syncData.Source = utils.SOURCE_ETA_FLAG
  798. syncData.AdminName = sysUser.AdminName
  799. _ = utils.Rc.LPush(utils.CACHE_SYNC_ADMIN, syncData)
  800. }
  801. br.Data = true
  802. br.Ret = 200
  803. br.Success = true
  804. br.Msg = "操作成功"
  805. }
  806. // AreaCodeList
  807. // @Title 手机号区号列表
  808. // @Description 手机号区号列表
  809. // @Success 200 Ret=200 获取成功
  810. // @router /area_code/list [get]
  811. func (this *UserLoginController) AreaCodeList() {
  812. br := new(models.BaseResponse).Init()
  813. defer func() {
  814. if br.ErrMsg == "" {
  815. br.IsSendEmail = false
  816. }
  817. this.Data["json"] = br
  818. this.ServeJSON()
  819. }()
  820. type AreaCodeListResp struct {
  821. Name string `description:"地区"`
  822. Value string `description:"区号"`
  823. }
  824. resp := make([]AreaCodeListResp, 0)
  825. confAuth, e := company.GetConfigDetailByCode(company.ConfAreaCodeListKey)
  826. if e != nil {
  827. br.Msg = "获取失败"
  828. br.ErrMsg = "获取手机号区号配置失败, Err: " + e.Error()
  829. return
  830. }
  831. if confAuth.ConfigValue == "" {
  832. br.Msg = "获取失败"
  833. br.ErrMsg = "手机号区号配置为空"
  834. return
  835. }
  836. if e := json.Unmarshal([]byte(confAuth.ConfigValue), &resp); e != nil {
  837. br.Msg = "获取失败"
  838. br.ErrMsg = "手机号区号配置有误"
  839. return
  840. }
  841. br.Data = resp
  842. br.Ret = 200
  843. br.Success = true
  844. br.Msg = "获取成功"
  845. }