user_login.go 30 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065
  1. package controllers
  2. import (
  3. "encoding/base64"
  4. "encoding/json"
  5. "eta/eta_api/models"
  6. "eta/eta_api/models/company"
  7. "eta/eta_api/models/system"
  8. "eta/eta_api/services"
  9. "eta/eta_api/services/eta_trial"
  10. "eta/eta_api/utils"
  11. "fmt"
  12. "github.com/mojocn/base64Captcha"
  13. "image/color"
  14. "strings"
  15. "time"
  16. )
  17. // UserLoginController 登录-无需Token
  18. type UserLoginController struct {
  19. BaseCommonController
  20. }
  21. // UserLoginAuthController 登录-需Token
  22. type UserLoginAuthController struct {
  23. BaseAuthController
  24. }
  25. // GenerateCaptcha
  26. // @Title 生成图形验证码
  27. // @Description 生成图形验证码
  28. // @Success 200 Ret=200 获取成功
  29. // @router /get_captcha [get]
  30. func (this *UserLoginController) GenerateCaptcha() {
  31. br := new(models.BaseResponse).Init()
  32. defer func() {
  33. if br.ErrMsg == "" {
  34. br.IsSendEmail = false
  35. }
  36. this.Data["json"] = br
  37. this.ServeJSON()
  38. }()
  39. //driver := base64Captcha.DefaultDriverDigit
  40. // 自定义验证码样式
  41. var driver base64Captcha.Driver
  42. driverString := base64Captcha.DriverString{
  43. Height: 60, //高度
  44. Width: 120, //宽度
  45. NoiseCount: 0, //干扰数
  46. ShowLineOptions: 2 | 4, //展示个数
  47. Length: 4, //长度
  48. //Source: "1234567890qwertyuioplkjhgfdsazxcvbnm", //验证码随机字符串来源
  49. Source: "1234567890", //验证码随机字符串来源
  50. BgColor: &color.RGBA{ // 背景颜色
  51. R: 0,
  52. G: 0,
  53. B: 0,
  54. A: 0,
  55. },
  56. Fonts: []string{"wqy-microhei.ttc"}, // 字体
  57. }
  58. driver = driverString.ConvertFonts()
  59. // 生成验证码
  60. store := services.CaptchaRedis{}
  61. captcha := base64Captcha.NewCaptcha(driver, store)
  62. id, b64s, _, err := captcha.Generate()
  63. if err != nil {
  64. br.Msg = "生成失败"
  65. br.ErrMsg = "生成验证码失败, Err: " + err.Error()
  66. return
  67. }
  68. type CaptchaResult struct {
  69. Id string
  70. Base64Blob string
  71. }
  72. res := new(CaptchaResult)
  73. res.Id = id
  74. res.Base64Blob = b64s
  75. br.Ret = 200
  76. br.Success = true
  77. br.Msg = "获取成功"
  78. br.Data = res
  79. }
  80. // GetVerifyCode
  81. // @Title 获取短信/邮箱验证码
  82. // @Description 获取短信/邮箱验证码
  83. // @Param request body VerifyCodeReq true "type json string"
  84. // @Success 200 Ret=200 获取成功
  85. // @router /verify_code [post]
  86. func (this *UserLoginController) GetVerifyCode() {
  87. br := new(models.BaseResponse).Init()
  88. defer func() {
  89. if br.ErrMsg == "" {
  90. br.IsSendEmail = false
  91. }
  92. this.Data["json"] = br
  93. this.ServeJSON()
  94. }()
  95. type VerifyCodeReq struct {
  96. VerifyType int `description:"验证方式: 1-手机号; 2-邮箱"`
  97. CaptchaId string `description:"验证码ID"`
  98. CaptchaCode string `description:"图形验证码"`
  99. Mobile string `description:"手机号"`
  100. TelAreaCode string `description:"手机区号"`
  101. Email string `description:"邮箱"`
  102. Source int `description:"来源:1-登录;2-异常登录校验;3-忘记密码"`
  103. }
  104. var req VerifyCodeReq
  105. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  106. if err != nil {
  107. br.Msg = "参数解析异常!"
  108. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  109. return
  110. }
  111. if req.VerifyType != 1 && req.VerifyType != 2 {
  112. br.Msg = "验证方式有误"
  113. br.ErrMsg = "验证方式有误"
  114. return
  115. }
  116. if req.Source != 1 && req.Source != 2 && req.Source != 3 {
  117. br.Msg = "来源有误"
  118. br.ErrMsg = "来源有误"
  119. return
  120. }
  121. // 忘记密码图形校验在前一步, 这一步不再校验图形验证码
  122. if req.Source != 3 {
  123. if req.CaptchaId == "" || req.CaptchaCode == "" {
  124. br.Msg = "请输入图形验证码"
  125. return
  126. }
  127. }
  128. if req.VerifyType == 1 {
  129. if req.TelAreaCode == "" {
  130. br.Msg = "请选择区号"
  131. return
  132. }
  133. if req.Mobile == "" {
  134. br.Msg = "请输入手机号"
  135. return
  136. }
  137. if req.TelAreaCode == utils.TelAreaCodeHome && !utils.ValidateMobileFormatat(req.Mobile) {
  138. br.Msg = "您的手机号输入有误, 请检查"
  139. return
  140. }
  141. _, e := system.GetSysUserByMobile(req.Mobile)
  142. if e != nil {
  143. if e.Error() == utils.ErrNoRow() {
  144. br.Msg = "您的手机号未绑定账号, 请检查"
  145. return
  146. }
  147. br.Msg = "您的手机号未绑定账号, 请检查"
  148. br.ErrMsg = "手机号获取用户失败, Err:" + e.Error()
  149. return
  150. }
  151. }
  152. if req.VerifyType == 2 {
  153. if req.Email == "" {
  154. br.Msg = "请输入邮箱"
  155. return
  156. }
  157. if !utils.ValidateEmailFormatat(req.Email) {
  158. br.Msg = "您的邮箱输入有误, 请检查"
  159. return
  160. }
  161. _, e := system.GetSysUserByEmail(req.Email)
  162. if e != nil {
  163. if e.Error() == utils.ErrNoRow() {
  164. br.Msg = "您的邮箱未绑定账号, 请检查"
  165. return
  166. }
  167. br.Msg = "您的邮箱未绑定账号, 请检查"
  168. br.ErrMsg = "邮箱获取用户失败, Err:" + e.Error()
  169. return
  170. }
  171. }
  172. if req.Source != 3 {
  173. store := services.CaptchaRedis{}
  174. ok := store.Verify(req.CaptchaId, req.CaptchaCode, true)
  175. if !ok {
  176. br.Msg = "图形验证码错误, 请重新输入"
  177. return
  178. }
  179. }
  180. // 限制最多60s获取一次
  181. var lockKey string
  182. if req.VerifyType == 1 {
  183. lockKey = fmt.Sprint(utils.CaptchaCachePrefix, req.Mobile)
  184. }
  185. if req.VerifyType == 2 {
  186. lockKey = fmt.Sprint(utils.CaptchaCachePrefix, req.Email)
  187. }
  188. locked := utils.Rc.SetNX(lockKey, 1, time.Minute)
  189. if !locked {
  190. br.Msg = "请勿频繁发送"
  191. return
  192. }
  193. // 发送验证码
  194. sendRes := false
  195. if req.VerifyType == 1 {
  196. r, e := services.SendAdminMobileVerifyCode(req.Source, req.Mobile, req.TelAreaCode)
  197. if e != nil {
  198. br.Msg = "发送失败"
  199. br.ErrMsg = "发送短信验证码失败, Err: " + e.Error()
  200. return
  201. }
  202. sendRes = r
  203. }
  204. if req.VerifyType == 2 {
  205. r, e := services.SendAdminEmailVerifyCode(req.Source, req.Email)
  206. if e != nil {
  207. br.Msg = "发送失败"
  208. br.ErrMsg = "发送邮箱验证码失败, Err: " + e.Error()
  209. return
  210. }
  211. sendRes = r
  212. }
  213. if !sendRes {
  214. br.Msg = "发送失败"
  215. br.ErrMsg = "发送短信验证码失败"
  216. return
  217. }
  218. br.Ret = 200
  219. br.Success = true
  220. br.Msg = "发送成功"
  221. }
  222. // Login
  223. // @Title 用户登录
  224. // @Description 用户登录
  225. // @Param request body UserLoginReq true "type json string"
  226. // @Success 200 {object} models.LoginResp
  227. // @router /login [post]
  228. func (this *UserLoginController) Login() {
  229. br := new(models.BaseResponse).Init()
  230. defer func() {
  231. if br.ErrMsg == "" {
  232. br.IsSendEmail = false
  233. }
  234. this.Data["json"] = br
  235. this.ServeJSON()
  236. }()
  237. // 入参
  238. type UserLoginReq struct {
  239. LoginType int `description:"登录方式: 1-账号; 2-手机号; 3-邮箱"`
  240. Username string `description:"账号"`
  241. Password string `description:"密码"`
  242. Mobile string `description:"手机号"`
  243. Email string `description:"邮箱"`
  244. VerifyCode string `description:"验证码"`
  245. ReqTime string `description:"登录时间戳"`
  246. TelAreaCode string `description:"区号"`
  247. }
  248. var req UserLoginReq
  249. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  250. if err != nil {
  251. br.Msg = "参数解析异常!"
  252. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  253. return
  254. }
  255. req.Username = strings.TrimSpace(req.Username)
  256. req.Mobile = strings.TrimSpace(req.Mobile)
  257. req.Email = strings.TrimSpace(req.Email)
  258. req.VerifyCode = strings.TrimSpace(req.VerifyCode)
  259. if req.LoginType != 1 && req.LoginType != 2 && req.LoginType != 3 {
  260. br.Msg = "登录方式有误"
  261. br.ErrMsg = fmt.Sprintf("登录方式有误, Type: %d", req.LoginType)
  262. return
  263. }
  264. sysUser := new(system.Admin)
  265. // 账号密码登录
  266. if req.LoginType == 1 {
  267. if req.Username == "" {
  268. br.Msg = "请输入账号"
  269. return
  270. }
  271. if req.Password == "" {
  272. br.Msg = "请输入密码"
  273. return
  274. }
  275. // 判断账号是否为异常登录, 算作异常的话就需要换另外的方式去登录了
  276. abnormalKey := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, req.Username)
  277. isAbnormal, _ := utils.Rc.RedisString(abnormalKey)
  278. if isAbnormal != "" {
  279. br.Ret = models.BaseRespCodeAbnormalLogin
  280. br.Msg = "账号异常, 请进行手机号/邮箱校验"
  281. return
  282. }
  283. // 查询账号信息
  284. errPassKey := fmt.Sprint(utils.CACHE_LOGIN_ERR_PASS, req.Username)
  285. accountUser, e := system.GetSysUserByAdminName(req.Username)
  286. if e != nil {
  287. br.Ret = models.BaseRespCodeLoginErr
  288. br.Msg = "登录失败, 账号或密码错误"
  289. // 账号查询异常均进行标记, 避免一直尝试进行登录
  290. if !utils.Rc.IsExist(errPassKey) {
  291. _ = utils.Rc.Put(errPassKey, 1, utils.GetTodayLastSecond())
  292. return
  293. }
  294. errNum, _ := utils.Rc.RedisInt(errPassKey)
  295. errNum += 1
  296. if errNum < 6 {
  297. _ = utils.Rc.Put(errPassKey, errNum, utils.GetTodayLastSecond())
  298. return
  299. }
  300. // 标记异常登录, 重置计数
  301. br.Ret = models.BaseRespCodeAbnormalLogin
  302. br.Msg = "账号异常, 请进行手机号/邮箱校验"
  303. _ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
  304. _ = utils.Rc.Delete(errPassKey)
  305. return
  306. }
  307. // 系统用户-账号密码校验
  308. if accountUser.IsLdap == 0 {
  309. dbPass := utils.MD5(fmt.Sprintf("%s%s%s", accountUser.Password, utils.UserLoginSalt, req.ReqTime))
  310. if req.Password != dbPass {
  311. br.Ret = models.BaseRespCodeLoginErr
  312. br.Msg = "登录失败, 账号或密码错误"
  313. // 错误密码计数, 超过6次标记异常
  314. if !utils.Rc.IsExist(errPassKey) {
  315. _ = utils.Rc.Put(errPassKey, 1, utils.GetTodayLastSecond())
  316. return
  317. }
  318. errNum, _ := utils.Rc.RedisInt(errPassKey)
  319. errNum += 1
  320. if errNum < 6 {
  321. _ = utils.Rc.Put(errPassKey, errNum, utils.GetTodayLastSecond())
  322. return
  323. }
  324. // 标记异常登录, 重置计数
  325. br.Ret = models.BaseRespCodeAbnormalLogin
  326. br.Msg = "账号异常, 请进行手机号/邮箱校验"
  327. _ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
  328. _ = utils.Rc.Delete(errPassKey)
  329. return
  330. }
  331. if accountUser.Enabled == 0 {
  332. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  333. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录账号: %s, 账户名称: %s", accountUser.AdminName, accountUser.RealName)
  334. return
  335. }
  336. // 异常登录-是否登录间隔大于60天
  337. if isAbnormal == "" {
  338. abnormalTime := time.Now().AddDate(0, 0, -60)
  339. lastLogin, _ := time.ParseInLocation(utils.FormatDateTime, accountUser.LastLoginTime, time.Local)
  340. if !lastLogin.IsZero() && lastLogin.Before(abnormalTime) {
  341. br.Msg = "请进行异常登录校验"
  342. br.Ret = models.BaseRespCodeAbnormalLogin
  343. // 标记异常登录
  344. _ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
  345. return
  346. }
  347. }
  348. }
  349. // 如果是域账号, 那么取出原始密码走AD域校验
  350. if accountUser.IsLdap == 1 {
  351. passDecode, e := base64.StdEncoding.DecodeString(req.Password)
  352. if e != nil {
  353. br.Ret = models.BaseRespCodeLoginErr
  354. br.Msg = "登录失败, 账号或密码错误"
  355. br.ErrMsg = "Pass Decode err: " + e.Error()
  356. return
  357. }
  358. originPass := strings.Replace(string(passDecode), utils.UserLoginSalt, "", 1)
  359. pass, e := services.LdapUserCheck(req.Username, originPass)
  360. if e != nil {
  361. br.Ret = models.BaseRespCodeLoginErr
  362. br.Msg = "登录失败, 账号或密码错误"
  363. br.ErrMsg = "LdapLogin err: " + e.Error()
  364. return
  365. }
  366. if !pass {
  367. br.Ret = models.BaseRespCodeLoginErr
  368. br.Msg = "登录失败, 账号或密码错误"
  369. return
  370. }
  371. }
  372. sysUser = accountUser
  373. }
  374. // 手机号
  375. if req.LoginType == 2 {
  376. if req.Mobile == "" {
  377. br.Msg = "请输入手机号"
  378. return
  379. }
  380. // 大陆校验区号
  381. if req.TelAreaCode == utils.TelAreaCodeHome && !utils.ValidateMobileFormatat(req.Mobile) {
  382. br.Msg = "您的手机号输入有误, 请检查"
  383. return
  384. }
  385. if req.VerifyCode == "" {
  386. br.Msg = "请输入验证码"
  387. return
  388. }
  389. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  390. recordCond := ` AND source = ? AND mobile = ? AND code = ? AND expired_time <= ?`
  391. recordPars := make([]interface{}, 0)
  392. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceLogin, req.Mobile, req.VerifyCode, expiredTime)
  393. recordOb := new(system.AdminVerifyCodeRecord)
  394. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  395. if e != nil {
  396. if e.Error() == utils.ErrNoRow() {
  397. br.Msg = "验证码错误, 请重新输入"
  398. return
  399. }
  400. br.Msg = "验证码错误, 请重新输入"
  401. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  402. return
  403. }
  404. mobileUser, e := system.GetSysUserByMobile(req.Mobile)
  405. if e != nil {
  406. if e.Error() == utils.ErrNoRow() {
  407. br.Msg = "您的手机号未绑定账号, 请检查"
  408. return
  409. }
  410. br.Msg = "您的手机号未绑定账号, 请检查"
  411. br.ErrMsg = "手机号获取用户失败, Err:" + e.Error()
  412. return
  413. }
  414. if mobileUser.Enabled == 0 {
  415. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  416. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录手机号: %s", req.Mobile)
  417. return
  418. }
  419. sysUser = mobileUser
  420. }
  421. // 邮箱登录
  422. if req.LoginType == 3 {
  423. if req.Email == "" {
  424. br.Msg = "请输入邮箱"
  425. return
  426. }
  427. if !utils.ValidateEmailFormatat(req.Email) {
  428. br.Msg = "您的邮箱输入有误, 请检查"
  429. return
  430. }
  431. if req.VerifyCode == "" {
  432. br.Msg = "请输入验证码"
  433. return
  434. }
  435. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  436. recordCond := ` AND source = ? AND email = ? AND code = ? AND expired_time <= ?`
  437. recordPars := make([]interface{}, 0)
  438. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceLogin, req.Email, req.VerifyCode, expiredTime)
  439. recordOb := new(system.AdminVerifyCodeRecord)
  440. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  441. if e != nil {
  442. if e.Error() == utils.ErrNoRow() {
  443. br.Msg = "验证码错误, 请重新输入"
  444. return
  445. }
  446. br.Msg = "验证码错误, 请重新输入"
  447. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  448. return
  449. }
  450. emailUser, e := system.GetSysUserByEmail(req.Email)
  451. if e != nil {
  452. if e.Error() == utils.ErrNoRow() {
  453. br.Msg = "您的邮箱未绑定账号, 请检查"
  454. return
  455. }
  456. br.Msg = "您的邮箱未绑定账号, 请检查"
  457. br.ErrMsg = "邮箱获取用户失败, Err:" + e.Error()
  458. return
  459. }
  460. if emailUser.Enabled == 0 {
  461. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  462. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录邮箱: %s", req.Email)
  463. return
  464. }
  465. sysUser = emailUser
  466. }
  467. // 登录成功(无论哪种方式登录), 清除异常标记
  468. abnormalCache := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, sysUser.AdminName)
  469. errPassCache := fmt.Sprint(utils.CACHE_LOGIN_ERR_PASS, sysUser.AdminName)
  470. _ = utils.Rc.Delete(abnormalCache)
  471. _ = utils.Rc.Delete(errPassCache)
  472. account := utils.MD5(sysUser.AdminName)
  473. token := utils.GenToken(account)
  474. sysSession := new(system.SysSession)
  475. sysSession.UserName = sysUser.AdminName
  476. sysSession.SysUserId = sysUser.AdminId
  477. sysSession.ExpiredTime = time.Now().AddDate(0, 0, 90)
  478. sysSession.IsRemember = 0 // 均需要做过期校验
  479. sysSession.CreatedTime = time.Now()
  480. sysSession.LastUpdatedTime = time.Now()
  481. sysSession.AccessToken = token
  482. if e := system.AddSysSession(sysSession); e != nil {
  483. br.Msg = "登录失败"
  484. br.ErrMsg = "新增session信息失败, Err:" + e.Error()
  485. return
  486. }
  487. // 修改最后登录时间
  488. {
  489. sysUser.LastLoginTime = time.Now().Format(utils.FormatDateTime)
  490. sysUser.LastUpdatedTime = time.Now().Format(utils.FormatDateTime)
  491. _ = sysUser.Update([]string{"LastLoginTime", "LastUpdatedTime"})
  492. }
  493. resp := new(system.LoginResp)
  494. resp.Authorization = token
  495. resp.Authorization = "authorization=" + token
  496. resp.RealName = sysUser.RealName
  497. resp.AdminName = sysUser.AdminName
  498. resp.RoleName = sysUser.RoleName
  499. resp.SysRoleTypeCode = sysUser.RoleTypeCode //系统角色编码
  500. resp.RoleTypeCode = sysUser.RoleTypeCode
  501. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_GROUP {
  502. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  503. }
  504. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_TEAM {
  505. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  506. }
  507. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_DEPARTMENT {
  508. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  509. }
  510. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_GROUP {
  511. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
  512. }
  513. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_DEPARTMENT {
  514. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
  515. }
  516. if sysUser.RoleName == utils.ROLE_NAME_FICC_DIRECTOR {
  517. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  518. }
  519. resp.AdminId = sysUser.AdminId
  520. var productName string
  521. productId := services.GetProductId(sysUser.RoleTypeCode)
  522. if productId == 1 {
  523. productName = utils.COMPANY_PRODUCT_FICC_NAME
  524. } else if productId == 2 {
  525. productName = utils.COMPANY_PRODUCT_RAI_NAME
  526. } else {
  527. productName = "admin"
  528. }
  529. resp.ProductName = productName
  530. resp.Authority = sysUser.Authority
  531. // 设置redis缓存
  532. {
  533. // 获取不可信的登录态,并将该登录态重置掉,不允许多次登录
  534. noTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN_NO_TRUST, sysUser.AdminId)
  535. noTrustLoginId, _ := utils.Rc.RedisString(noTrustLoginKey)
  536. if noTrustLoginId != `` { // 如果存在不可信设备,那么将其下架
  537. oldNoTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, noTrustLoginId)
  538. _ = utils.Rc.Put(oldNoTrustLoginKey, "0", utils.LoginCacheTime*time.Minute)
  539. }
  540. // 如果当前是不可信设备,那么将其加入到不可信名单
  541. loginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, sysSession.Id)
  542. _ = utils.Rc.Put(loginKey, "1", utils.LoginCacheTime*time.Minute)
  543. _ = utils.Rc.Put(noTrustLoginKey, sysSession.Id, utils.LoginCacheTime*time.Minute)
  544. }
  545. // 新增登录记录
  546. go func() {
  547. record := new(system.SysUserLoginRecord)
  548. record.Uid = sysUser.AdminId
  549. record.UserName = req.Username
  550. record.Ip = this.Ctx.Input.IP()
  551. record.Stage = "login"
  552. record.CreateTime = time.Now()
  553. _ = system.AddSysUserLoginRecord(record)
  554. }()
  555. // ETA试用平台-请求中间服务更新用户最后登录时间和次数
  556. if utils.BusinessCode == utils.BusinessCodeSandbox {
  557. go func() {
  558. var r eta_trial.EtaTrialUserReq
  559. r.Mobile = sysUser.Mobile
  560. _, _ = eta_trial.UpdateEtaTrialUserLogin(r)
  561. }()
  562. }
  563. br.Data = resp
  564. br.Ret = 200
  565. br.Success = true
  566. br.Msg = "登录成功"
  567. }
  568. // ForgetAccountGet
  569. // @Title 忘记密码-账号校验
  570. // @Description 忘记密码-账号校验
  571. // @Param request body ForgetAccountGetReq true "type json string"
  572. // @Success 200 Ret=200 获取成功
  573. // @router /forget/account_get [post]
  574. func (this *UserLoginController) ForgetAccountGet() {
  575. br := new(models.BaseResponse).Init()
  576. defer func() {
  577. if br.ErrMsg == "" {
  578. br.IsSendEmail = false
  579. }
  580. this.Data["json"] = br
  581. this.ServeJSON()
  582. }()
  583. type ForgetAccountGetReq struct {
  584. CaptchaId string `description:"验证码ID"`
  585. CaptchaCode string `description:"图形验证码"`
  586. UserName string `description:"用户名"`
  587. }
  588. var req ForgetAccountGetReq
  589. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  590. if err != nil {
  591. br.Msg = "参数解析异常!"
  592. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  593. return
  594. }
  595. req.UserName = strings.TrimSpace(req.UserName)
  596. if req.UserName == "" {
  597. br.Msg = "请输入账号"
  598. return
  599. }
  600. if req.CaptchaId == "" || req.CaptchaCode == "" {
  601. br.Msg = "请输入图形验证码"
  602. return
  603. }
  604. store := services.CaptchaRedis{}
  605. ok := store.Verify(req.CaptchaId, req.CaptchaCode, true)
  606. if !ok {
  607. br.Msg = "验证码错误, 请重新输入"
  608. return
  609. }
  610. sysUser, e := system.GetSysUserByAdminName(req.UserName)
  611. if e != nil {
  612. if e.Error() == utils.ErrNoRow() {
  613. br.Msg = "用户不存在, 请检查"
  614. return
  615. }
  616. br.Msg = "账号错误, 请重新输入"
  617. br.ErrMsg = "用户名获取用户失败, Err: " + e.Error()
  618. return
  619. }
  620. type ForgetAccountCheckResp struct {
  621. Mobile string `description:"手机号"`
  622. Email string `description:"邮箱"`
  623. TelAreaCode string `description:"手机区号"`
  624. }
  625. resp := ForgetAccountCheckResp{
  626. Mobile: sysUser.Mobile,
  627. Email: sysUser.Email,
  628. TelAreaCode: sysUser.TelAreaCode,
  629. }
  630. br.Data = resp
  631. br.Ret = 200
  632. br.Success = true
  633. br.Msg = "获取成功"
  634. }
  635. // ForgetCodeVerify
  636. // @Title 忘记密码-验证码校验
  637. // @Description 忘记密码-验证码校验
  638. // @Param request body ForgetCodeVerifyReq true "type json string"
  639. // @Success 200 Ret=200 获取成功
  640. // @router /forget/code_verify [post]
  641. func (this *UserLoginController) ForgetCodeVerify() {
  642. br := new(models.BaseResponse).Init()
  643. defer func() {
  644. if br.ErrMsg == "" {
  645. br.IsSendEmail = false
  646. }
  647. this.Data["json"] = br
  648. this.ServeJSON()
  649. }()
  650. type ForgetCodeVerifyReq struct {
  651. FindType int `description:"密码找回方式: 1-手机号; 2-邮箱"`
  652. VerifyCode string `description:"验证码"`
  653. UserName string `description:"用户名"`
  654. Mobile string `description:"手机号"`
  655. Email string `description:"邮箱"`
  656. TelAreaCode string `description:"区号"`
  657. }
  658. var req ForgetCodeVerifyReq
  659. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  660. if err != nil {
  661. br.Msg = "参数解析异常!"
  662. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  663. return
  664. }
  665. req.UserName = strings.TrimSpace(req.UserName)
  666. if req.UserName == "" {
  667. br.Msg = "请输入账号"
  668. return
  669. }
  670. if req.VerifyCode == "" {
  671. br.Msg = "请输入验证码"
  672. return
  673. }
  674. // 手机号找回
  675. var verifyRes bool
  676. if req.FindType == 1 {
  677. req.Mobile = strings.TrimSpace(req.Mobile)
  678. if req.Mobile == "" {
  679. br.Msg = "请输入手机号"
  680. return
  681. }
  682. if req.TelAreaCode == utils.TelAreaCodeHome && !utils.ValidateMobileFormatat(req.Mobile) {
  683. br.Msg = "您的手机号输入有误, 请检查"
  684. return
  685. }
  686. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  687. recordCond := ` AND source = ? AND mobile = ? AND code = ? AND expired_time <= ?`
  688. recordPars := make([]interface{}, 0)
  689. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceForget, req.Mobile, req.VerifyCode, expiredTime)
  690. recordOb := new(system.AdminVerifyCodeRecord)
  691. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  692. if e != nil {
  693. if e.Error() == utils.ErrNoRow() {
  694. br.Msg = "验证码错误, 请重新输入"
  695. return
  696. }
  697. br.Msg = "验证码错误, 请重新输入"
  698. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  699. return
  700. }
  701. verifyRes = true
  702. }
  703. // 邮箱找回
  704. if req.FindType == 2 {
  705. req.Email = strings.TrimSpace(req.Email)
  706. if req.Email == "" {
  707. br.Msg = "请输入邮箱"
  708. return
  709. }
  710. if !utils.ValidateEmailFormatat(req.Email) {
  711. br.Msg = "您的邮箱输入有误, 请检查"
  712. return
  713. }
  714. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  715. recordCond := ` AND source = ? AND email = ? AND code = ? AND expired_time <= ?`
  716. recordPars := make([]interface{}, 0)
  717. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceForget, req.Email, req.VerifyCode, expiredTime)
  718. recordOb := new(system.AdminVerifyCodeRecord)
  719. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  720. if e != nil {
  721. if e.Error() == utils.ErrNoRow() {
  722. br.Msg = "验证码错误, 请重新输入"
  723. return
  724. }
  725. br.Msg = "验证码错误, 请重新输入"
  726. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  727. return
  728. }
  729. verifyRes = true
  730. }
  731. if verifyRes {
  732. successKey := fmt.Sprint(utils.CACHE_FIND_PASS_VERIFY, req.UserName)
  733. _ = utils.Rc.Put(successKey, "true", utils.GetTodayLastSecond())
  734. }
  735. br.Data = verifyRes
  736. br.Ret = 200
  737. br.Success = true
  738. br.Msg = "操作成功"
  739. }
  740. // ForgetResetPass
  741. // @Title 忘记密码-重置密码
  742. // @Description 忘记密码-重置密码
  743. // @Param request body ForgetResetPassReq true "type json string"
  744. // @Success 200 Ret=200 获取成功
  745. // @router /forget/reset_pass [post]
  746. func (this *UserLoginController) ForgetResetPass() {
  747. br := new(models.BaseResponse).Init()
  748. defer func() {
  749. if br.ErrMsg == "" {
  750. br.IsSendEmail = false
  751. }
  752. this.Data["json"] = br
  753. this.ServeJSON()
  754. }()
  755. type ForgetResetPassReq struct {
  756. UserName string `description:"用户名"`
  757. Password string `description:"密码"`
  758. RePassword string `description:"重复密码"`
  759. }
  760. var req ForgetResetPassReq
  761. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  762. if err != nil {
  763. br.Msg = "参数解析异常!"
  764. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  765. return
  766. }
  767. req.UserName = strings.TrimSpace(req.UserName)
  768. if req.UserName == "" {
  769. br.Msg = "请输入账号"
  770. return
  771. }
  772. req.Password = strings.TrimSpace(req.Password)
  773. if req.Password == "" {
  774. br.Msg = "请输入新密码"
  775. return
  776. }
  777. req.RePassword = strings.TrimSpace(req.RePassword)
  778. if req.RePassword == "" {
  779. br.Msg = "请确认新密码"
  780. return
  781. }
  782. if req.Password != req.RePassword {
  783. br.Msg = "两次密码输入不一致, 请检查"
  784. return
  785. }
  786. // 接上一步-验证码校验成功后才允许修改
  787. successKey := fmt.Sprint(utils.CACHE_FIND_PASS_VERIFY, req.UserName)
  788. verifyOk, _ := utils.Rc.RedisString(successKey)
  789. if verifyOk != "true" {
  790. br.Msg = "验证码校验失效, 请重新验证"
  791. br.ErrMsg = "重置密码异常, 验证码校验已失效"
  792. return
  793. }
  794. sysUser, e := system.GetSysAdminByName(req.UserName)
  795. if e != nil {
  796. if e.Error() == utils.ErrNoRow() {
  797. br.Msg = "用户不存在, 请检查"
  798. return
  799. }
  800. br.Msg = "操作失败"
  801. br.ErrMsg = "密码找回获取用户失败, Err:" + e.Error()
  802. return
  803. }
  804. b, e := base64.StdEncoding.DecodeString(req.Password)
  805. if e != nil {
  806. br.Msg = "操作失败"
  807. br.ErrMsg = "解析密码失败, Err:" + e.Error()
  808. return
  809. }
  810. pwd := string(b)
  811. pwd = utils.MD5(pwd)
  812. sysUser.Password = pwd
  813. sysUser.LastUpdatedPasswordTime = time.Now().Format(utils.FormatDateTime)
  814. // 重置密码后更新一下登录时间, 不然账号密码登录如果超过60天还会被异常校验再校验一次, 影响体验
  815. sysUser.LastLoginTime = time.Now().Format(utils.FormatDateTime)
  816. sysUser.LastUpdatedTime = time.Now().Format(utils.FormatDateTime)
  817. if e = sysUser.Update([]string{"Password", "LastUpdatedPasswordTime", "LastLoginTime", "LastUpdatedTime"}); e != nil {
  818. br.Msg = "操作失败"
  819. br.ErrMsg = "更新密码失败, Err: " + e.Error()
  820. return
  821. }
  822. // 如果有异常标记也清除掉
  823. abnormalKey := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, req.UserName)
  824. _ = utils.Rc.Delete(abnormalKey)
  825. _ = utils.Rc.Delete(successKey)
  826. // 同步ETA用户缓存
  827. if utils.BusinessCode == utils.BusinessCodeRelease || utils.BusinessCode == utils.BusinessCodeSandbox {
  828. var syncData system.SyncAdminData
  829. syncData.Source = utils.SOURCE_ETA_FLAG
  830. syncData.AdminName = sysUser.AdminName
  831. _ = utils.Rc.LPush(utils.CACHE_SYNC_ADMIN, syncData)
  832. }
  833. br.Data = true
  834. br.Ret = 200
  835. br.Success = true
  836. br.Msg = "操作成功"
  837. }
  838. // AreaCodeList
  839. // @Title 手机号区号列表
  840. // @Description 手机号区号列表
  841. // @Success 200 Ret=200 获取成功
  842. // @router /area_code/list [get]
  843. func (this *UserLoginController) AreaCodeList() {
  844. br := new(models.BaseResponse).Init()
  845. defer func() {
  846. if br.ErrMsg == "" {
  847. br.IsSendEmail = false
  848. }
  849. this.Data["json"] = br
  850. this.ServeJSON()
  851. }()
  852. type AreaCodeListResp struct {
  853. Name string `description:"地区"`
  854. Value string `description:"区号"`
  855. }
  856. resp := make([]AreaCodeListResp, 0)
  857. confAuth, e := company.GetConfigDetailByCode(company.ConfAreaCodeListKey)
  858. if e != nil {
  859. br.Msg = "获取失败"
  860. br.ErrMsg = "获取手机号区号配置失败, Err: " + e.Error()
  861. return
  862. }
  863. if confAuth.ConfigValue == "" {
  864. br.Msg = "获取失败"
  865. br.ErrMsg = "手机号区号配置为空"
  866. return
  867. }
  868. if e := json.Unmarshal([]byte(confAuth.ConfigValue), &resp); e != nil {
  869. br.Msg = "获取失败"
  870. br.ErrMsg = "手机号区号配置有误"
  871. return
  872. }
  873. br.Data = resp
  874. br.Ret = 200
  875. br.Success = true
  876. br.Msg = "获取成功"
  877. }
  878. // CheckUserLdap
  879. // @Title 校验用户是否为域用户
  880. // @Description 校验用户是否为域用户
  881. // @Param request body CheckUserLdapReq true "type json string"
  882. // @Success 200 Ret=200 获取成功
  883. // @router /ldap/user_check [post]
  884. func (this *UserLoginController) CheckUserLdap() {
  885. br := new(models.BaseResponse).Init()
  886. defer func() {
  887. if br.ErrMsg == "" {
  888. br.IsSendEmail = false
  889. }
  890. this.Data["json"] = br
  891. this.ServeJSON()
  892. }()
  893. type CheckUserLdapReq struct {
  894. UserName string `description:"用户名"`
  895. }
  896. var req CheckUserLdapReq
  897. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  898. if err != nil {
  899. br.Msg = "参数解析异常!"
  900. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  901. return
  902. }
  903. req.UserName = strings.TrimSpace(req.UserName)
  904. if req.UserName == "" {
  905. br.Msg = "请输入账号"
  906. return
  907. }
  908. isLdap := false
  909. accountUser, e := system.GetSysUserByAdminName(req.UserName)
  910. if e != nil {
  911. // 无该用户视作普通用户
  912. if e.Error() == utils.ErrNoRow() {
  913. br.Data = false
  914. br.Success = true
  915. br.Msg = "操作成功"
  916. return
  917. }
  918. br.Msg = "操作失败"
  919. br.ErrMsg = "获取用户信息失败, Err: " + e.Error()
  920. return
  921. }
  922. if accountUser.IsLdap == 1 {
  923. isLdap = true
  924. }
  925. br.Data = isLdap
  926. br.Ret = 200
  927. br.Success = true
  928. br.Msg = "操作成功"
  929. }
  930. // BaseInfo
  931. // @Title 基础信息
  932. // @Description 基础信息
  933. // @Success 200 Ret=200 获取成功
  934. // @router /base_info [get]
  935. func (this *UserLoginController) BaseInfo() {
  936. br := new(models.BaseResponse).Init()
  937. defer func() {
  938. if br.ErrMsg == "" {
  939. br.IsSendEmail = false
  940. }
  941. this.Data["json"] = br
  942. this.ServeJSON()
  943. }()
  944. icp, e := models.GetBusinessConfByKey("ICPLicense")
  945. if e != nil {
  946. br.Msg = "获取失败"
  947. br.ErrMsg = "获取商家配置失败, Err: " + e.Error()
  948. return
  949. }
  950. title, e := models.GetBusinessConfByKey("ETATitle")
  951. if e != nil {
  952. br.Msg = "获取失败"
  953. br.ErrMsg = "获取商家配置失败, Err: " + e.Error()
  954. return
  955. }
  956. tabName, e := models.GetBusinessConfByKey("TabName")
  957. if e != nil {
  958. br.Msg = "获取失败"
  959. br.ErrMsg = "获取商家配置失败, Err: " + e.Error()
  960. return
  961. }
  962. logoCn, e := models.GetBusinessConfByKey("LogoCN")
  963. if e != nil {
  964. br.Msg = "获取失败"
  965. br.ErrMsg = "获取商家配置失败, Err: " + e.Error()
  966. return
  967. }
  968. logoEn, e := models.GetBusinessConfByKey("LogoEN")
  969. if e != nil {
  970. br.Msg = "获取失败"
  971. br.ErrMsg = "获取商家配置失败, Err: " + e.Error()
  972. return
  973. }
  974. type BaseInfoResp struct {
  975. Icp *models.BusinessConf `description:"Icp信息"`
  976. ETATitle *models.BusinessConf `description:"eta系统名称"`
  977. TabName *models.BusinessConf `description:"tab页名称"`
  978. LogoCn *models.BusinessConf `description:"中文logo"`
  979. LogoEn *models.BusinessConf `description:"英文logo"`
  980. }
  981. resp := BaseInfoResp{
  982. Icp: icp,
  983. ETATitle: title,
  984. TabName: tabName,
  985. LogoCn: logoCn,
  986. LogoEn: logoEn,
  987. }
  988. br.Data = resp
  989. br.Ret = 200
  990. br.Success = true
  991. br.Msg = "获取成功"
  992. }