user_login.go 25 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888
  1. package controllers
  2. import (
  3. "encoding/base64"
  4. "encoding/json"
  5. "fmt"
  6. "github.com/mojocn/base64Captcha"
  7. "hongze/hongze_ETA_mobile_api/models"
  8. "hongze/hongze_ETA_mobile_api/models/company"
  9. "hongze/hongze_ETA_mobile_api/models/system"
  10. "hongze/hongze_ETA_mobile_api/services"
  11. "hongze/hongze_ETA_mobile_api/utils"
  12. "image/color"
  13. "strings"
  14. "time"
  15. )
  16. // UserLoginController 登录-无需Token
  17. type UserLoginController struct {
  18. BaseCommonController
  19. }
  20. // UserLoginAuthController 登录-需Token
  21. type UserLoginAuthController struct {
  22. BaseAuthController
  23. }
  24. // GenerateCaptcha
  25. // @Title 生成图形验证码
  26. // @Description 生成图形验证码
  27. // @Success 200 Ret=200 获取成功
  28. // @router /get_captcha [get]
  29. func (this *UserLoginController) GenerateCaptcha() {
  30. br := new(models.BaseResponse).Init()
  31. defer func() {
  32. if br.ErrMsg == "" {
  33. br.IsSendEmail = false
  34. }
  35. this.Data["json"] = br
  36. this.ServeJSON()
  37. }()
  38. //driver := base64Captcha.DefaultDriverDigit
  39. // 自定义验证码样式
  40. var driver base64Captcha.Driver
  41. driverString := base64Captcha.DriverString{
  42. Height: 60, //高度
  43. Width: 120, //宽度
  44. NoiseCount: 0, //干扰数
  45. ShowLineOptions: 2 | 4, //展示个数
  46. Length: 4, //长度
  47. //Source: "1234567890qwertyuioplkjhgfdsazxcvbnm", //验证码随机字符串来源
  48. Source: "1234567890", //验证码随机字符串来源
  49. BgColor: &color.RGBA{ // 背景颜色
  50. R: 0,
  51. G: 0,
  52. B: 0,
  53. A: 0,
  54. },
  55. Fonts: []string{"wqy-microhei.ttc"}, // 字体
  56. }
  57. driver = driverString.ConvertFonts()
  58. // 生成验证码
  59. store := services.CaptchaRedis{}
  60. captcha := base64Captcha.NewCaptcha(driver, store)
  61. id, b64s, err := captcha.Generate()
  62. if err != nil {
  63. br.Msg = "生成失败"
  64. br.ErrMsg = "生成验证码失败, Err: " + err.Error()
  65. return
  66. }
  67. type CaptchaResult struct {
  68. Id string
  69. Base64Blob string
  70. }
  71. res := new(CaptchaResult)
  72. res.Id = id
  73. res.Base64Blob = b64s
  74. br.Ret = 200
  75. br.Success = true
  76. br.Msg = "获取成功"
  77. br.Data = res
  78. }
  79. // GetVerifyCode
  80. // @Title 获取短信/邮箱验证码
  81. // @Description 获取短信/邮箱验证码
  82. // @Param request body VerifyCodeReq true "type json string"
  83. // @Success 200 Ret=200 获取成功
  84. // @router /verify_code [post]
  85. func (this *UserLoginController) GetVerifyCode() {
  86. br := new(models.BaseResponse).Init()
  87. defer func() {
  88. if br.ErrMsg == "" {
  89. br.IsSendEmail = false
  90. }
  91. this.Data["json"] = br
  92. this.ServeJSON()
  93. }()
  94. type VerifyCodeReq struct {
  95. VerifyType int `description:"验证方式: 1-手机号; 2-邮箱"`
  96. CaptchaId string `description:"验证码ID"`
  97. CaptchaCode string `description:"图形验证码"`
  98. Mobile string `description:"手机号"`
  99. TelAreaCode string `description:"手机区号"`
  100. Email string `description:"邮箱"`
  101. Source int `description:"来源:1-登录;2-异常登录校验;3-忘记密码"`
  102. }
  103. var req VerifyCodeReq
  104. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  105. if err != nil {
  106. br.Msg = "参数解析异常!"
  107. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  108. return
  109. }
  110. if req.VerifyType != 1 && req.VerifyType != 2 {
  111. br.Msg = "验证方式有误"
  112. br.ErrMsg = "验证方式有误"
  113. return
  114. }
  115. if req.Source != 1 && req.Source != 2 && req.Source != 3 {
  116. br.Msg = "来源有误"
  117. br.ErrMsg = "来源有误"
  118. return
  119. }
  120. // 忘记密码图形校验在前一步, 这一步不再校验图形验证码
  121. if req.Source != 3 {
  122. if req.CaptchaId == "" || req.CaptchaCode == "" {
  123. br.Msg = "请输入图形验证码"
  124. return
  125. }
  126. }
  127. if req.VerifyType == 1 {
  128. if req.TelAreaCode == "" {
  129. br.Msg = "请选择区号"
  130. return
  131. }
  132. if req.Mobile == "" {
  133. br.Msg = "请输入手机号"
  134. return
  135. }
  136. if req.TelAreaCode == "86" && !utils.ValidateMobileFormatat(req.Mobile) {
  137. br.Msg = "您的手机号输入有误, 请检查"
  138. return
  139. }
  140. _, e := system.GetSysUserByMobile(req.Mobile)
  141. if e != nil {
  142. if e.Error() == utils.ErrNoRow() {
  143. br.Msg = "您的手机号未绑定账号, 请检查"
  144. return
  145. }
  146. br.Msg = "您的手机号未绑定账号, 请检查"
  147. br.ErrMsg = "手机号获取用户失败, Err:" + e.Error()
  148. return
  149. }
  150. }
  151. if req.VerifyType == 2 {
  152. if req.Email == "" {
  153. br.Msg = "请输入邮箱"
  154. return
  155. }
  156. if !utils.ValidateEmailFormatat(req.Email) {
  157. br.Msg = "您的邮箱输入有误, 请检查"
  158. return
  159. }
  160. _, e := system.GetSysUserByEmail(req.Email)
  161. if e != nil {
  162. if e.Error() == utils.ErrNoRow() {
  163. br.Msg = "您的邮箱未绑定账号, 请检查"
  164. return
  165. }
  166. br.Msg = "您的邮箱未绑定账号, 请检查"
  167. br.ErrMsg = "邮箱获取用户失败, Err:" + e.Error()
  168. return
  169. }
  170. }
  171. if req.Source != 3 {
  172. store := services.CaptchaRedis{}
  173. ok := store.Verify(req.CaptchaId, req.CaptchaCode, true)
  174. if !ok {
  175. br.Msg = "图形验证码错误, 请重新输入"
  176. return
  177. }
  178. }
  179. // 限制最多60s获取一次
  180. var lockKey string
  181. if req.VerifyType == 1 {
  182. lockKey = fmt.Sprint(utils.CaptchaCachePrefix, req.Mobile)
  183. }
  184. if req.VerifyType == 2 {
  185. lockKey = fmt.Sprint(utils.CaptchaCachePrefix, req.Email)
  186. }
  187. locked := utils.Rc.SetNX(lockKey, 1, time.Minute)
  188. if !locked {
  189. br.Msg = "请勿频繁发送"
  190. return
  191. }
  192. // 发送验证码
  193. sendRes := false
  194. if req.VerifyType == 1 {
  195. r, e := services.SendAdminMobileVerifyCode(req.Source, req.Mobile, req.TelAreaCode)
  196. if e != nil {
  197. br.Msg = "发送失败"
  198. br.ErrMsg = "发送短信验证码失败, Err: " + e.Error()
  199. return
  200. }
  201. sendRes = r
  202. }
  203. if req.VerifyType == 2 {
  204. r, e := services.SendAdminEmailVerifyCode(req.Source, req.Email)
  205. if e != nil {
  206. br.Msg = "发送失败"
  207. br.ErrMsg = "发送邮箱验证码失败, Err: " + e.Error()
  208. return
  209. }
  210. sendRes = r
  211. }
  212. if !sendRes {
  213. br.Msg = "发送失败"
  214. br.ErrMsg = "发送短信验证码失败"
  215. return
  216. }
  217. br.Ret = 200
  218. br.Success = true
  219. br.Msg = "发送成功"
  220. }
  221. // Login
  222. // @Title 用户登录
  223. // @Description 用户登录
  224. // @Param request body UserLoginReq true "type json string"
  225. // @Success 200 {object} models.LoginResp
  226. // @router /login [post]
  227. func (this *UserLoginController) Login() {
  228. br := new(models.BaseResponse).Init()
  229. defer func() {
  230. if br.ErrMsg != "" {
  231. br.IsSendEmail = false
  232. }
  233. this.Data["json"] = br
  234. this.ServeJSON()
  235. }()
  236. // 入参
  237. type UserLoginReq struct {
  238. LoginType int `description:"登录方式: 1-账号; 2-手机号; 3-邮箱"`
  239. Username string `description:"账号"`
  240. Password string `description:"密码"`
  241. Mobile string `description:"手机号"`
  242. Email string `description:"邮箱"`
  243. VerifyCode string `description:"验证码"`
  244. }
  245. var req UserLoginReq
  246. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  247. if err != nil {
  248. br.Msg = "参数解析异常!"
  249. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  250. return
  251. }
  252. req.Username = strings.TrimSpace(req.Username)
  253. req.Mobile = strings.TrimSpace(req.Mobile)
  254. if req.Mobile != "" {
  255. if !utils.ValidateMobileFormatat(req.Mobile) {
  256. br.Msg = "您的手机号输入有误, 请检查"
  257. return
  258. }
  259. }
  260. req.Email = strings.TrimSpace(req.Email)
  261. if req.Email != "" {
  262. if !utils.ValidateEmailFormatat(req.Email) {
  263. br.Msg = "您的邮箱输入有误, 请检查"
  264. return
  265. }
  266. }
  267. req.VerifyCode = strings.TrimSpace(req.VerifyCode)
  268. if req.LoginType != 1 && req.LoginType != 2 && req.LoginType != 3 {
  269. br.Msg = "登录方式有误"
  270. br.ErrMsg = fmt.Sprintf("登录方式有误, Type: %d", req.LoginType)
  271. return
  272. }
  273. sysUser := new(system.Admin)
  274. // 账号密码登录
  275. if req.LoginType == 1 {
  276. if req.Username == "" {
  277. br.Msg = "请输入账号"
  278. return
  279. }
  280. if req.Password == "" {
  281. br.Msg = "请输入密码"
  282. return
  283. }
  284. // 判断账号是否为异常登录, 算作异常的话就需要换另外的方式去做登录了
  285. abnormalKey := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, req.Username)
  286. isAbnormal, _ := utils.Rc.RedisString(abnormalKey)
  287. if isAbnormal != "" {
  288. br.Ret = models.BaseRespCodeAbnormalLogin
  289. br.Msg = "账号异常, 请进行手机号/邮箱校验"
  290. return
  291. }
  292. // 账号密码校验
  293. errPassKey := fmt.Sprint(utils.CACHE_LOGIN_ERR_PASS, req.Username)
  294. accountUser, e := system.CheckSysUser(req.Username, req.Password)
  295. if e != nil {
  296. br.Ret = models.BaseRespCodeLoginErr
  297. if e.Error() == utils.ErrNoRow() {
  298. br.Msg = "登录失败, 账号或密码错误"
  299. if isAbnormal != "" {
  300. return
  301. }
  302. // 错误密码计数, 超过6次标记异常
  303. if !utils.Rc.IsExist(errPassKey) {
  304. _ = utils.Rc.Put(errPassKey, 1, utils.GetTodayLastSecond())
  305. return
  306. }
  307. errNum, _ := utils.Rc.RedisInt(errPassKey)
  308. errNum += 1
  309. if errNum >= 6 {
  310. br.Ret = models.BaseRespCodeAbnormalLogin
  311. br.Msg = "账号异常, 请进行手机号/邮箱校验"
  312. // 标记异常登录, 重置计数
  313. _ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
  314. _ = utils.Rc.Delete(errPassKey)
  315. return
  316. }
  317. _ = utils.Rc.Put(errPassKey, errNum, utils.GetTodayLastSecond())
  318. return
  319. }
  320. br.Msg = "登录失败, 账号或密码错误"
  321. br.ErrMsg = "登录失败, Err:" + e.Error()
  322. return
  323. }
  324. if accountUser.Enabled == 0 {
  325. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  326. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录账号: %s, 账户名称: %s", accountUser.AdminName, accountUser.RealName)
  327. return
  328. }
  329. // 异常登录-是否登录间隔大于60天
  330. if isAbnormal == "" {
  331. abnormalTime := time.Now().AddDate(0, 0, -60)
  332. lastLogin, _ := time.ParseInLocation(utils.FormatDateTime, accountUser.LastLoginTime, time.Local)
  333. if !lastLogin.IsZero() && lastLogin.Before(abnormalTime) {
  334. br.Msg = "请进行异常登录校验"
  335. br.Ret = models.BaseRespCodeAbnormalLogin
  336. // 标记异常登录
  337. _ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
  338. return
  339. }
  340. }
  341. // 登录成功, 清除异常标记
  342. _ = utils.Rc.Delete(abnormalKey)
  343. _ = utils.Rc.Delete(errPassKey)
  344. sysUser = accountUser
  345. }
  346. // 手机号
  347. if req.LoginType == 2 {
  348. if req.Mobile == "" {
  349. br.Msg = "请输入手机号"
  350. return
  351. }
  352. if !utils.ValidateMobileFormatat(req.Mobile) {
  353. br.Msg = "您的手机号输入有误, 请检查"
  354. return
  355. }
  356. if req.VerifyCode == "" {
  357. br.Msg = "请输入验证码"
  358. return
  359. }
  360. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  361. recordCond := ` AND source = ? AND mobile = ? AND code = ? AND expired_time <= ?`
  362. recordPars := make([]interface{}, 0)
  363. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceLogin, req.Mobile, req.VerifyCode, expiredTime)
  364. recordOb := new(system.AdminVerifyCodeRecord)
  365. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  366. if e != nil {
  367. if e.Error() == utils.ErrNoRow() {
  368. br.Msg = "验证码错误, 请重新输入"
  369. return
  370. }
  371. br.Msg = "验证码错误, 请重新输入"
  372. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  373. return
  374. }
  375. mobileUser, e := system.GetSysUserByMobile(req.Mobile)
  376. if e != nil {
  377. if e.Error() == utils.ErrNoRow() {
  378. br.Msg = "您的手机号未绑定账号, 请检查"
  379. return
  380. }
  381. br.Msg = "您的手机号未绑定账号, 请检查"
  382. br.ErrMsg = "手机号获取用户失败, Err:" + e.Error()
  383. return
  384. }
  385. if mobileUser.Enabled == 0 {
  386. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  387. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录手机号: %s", req.Mobile)
  388. return
  389. }
  390. sysUser = mobileUser
  391. }
  392. // 邮箱登录
  393. if req.LoginType == 3 {
  394. if req.Email == "" {
  395. br.Msg = "请输入邮箱"
  396. return
  397. }
  398. if !utils.ValidateEmailFormatat(req.Email) {
  399. br.Msg = "您的邮箱输入有误, 请检查"
  400. return
  401. }
  402. if req.VerifyCode == "" {
  403. br.Msg = "请输入验证码"
  404. return
  405. }
  406. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  407. recordCond := ` AND source = ? AND email = ? AND code = ? AND expired_time <= ?`
  408. recordPars := make([]interface{}, 0)
  409. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceLogin, req.Email, req.VerifyCode, expiredTime)
  410. recordOb := new(system.AdminVerifyCodeRecord)
  411. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  412. if e != nil {
  413. if e.Error() == utils.ErrNoRow() {
  414. br.Msg = "验证码错误, 请重新输入"
  415. return
  416. }
  417. br.Msg = "验证码错误, 请重新输入"
  418. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  419. return
  420. }
  421. emailUser, e := system.GetSysUserByEmail(req.Email)
  422. if e != nil {
  423. if e.Error() == utils.ErrNoRow() {
  424. br.Msg = "您的邮箱未绑定账号, 请检查"
  425. return
  426. }
  427. br.Msg = "您的邮箱未绑定账号, 请检查"
  428. br.ErrMsg = "邮箱获取用户失败, Err:" + e.Error()
  429. return
  430. }
  431. if emailUser.Enabled == 0 {
  432. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  433. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录邮箱: %s", req.Email)
  434. return
  435. }
  436. sysUser = emailUser
  437. }
  438. // 登录成功(无论哪种方式登录), 清除异常标记
  439. abnormalCache := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, sysUser.AdminName)
  440. errPassCache := fmt.Sprint(utils.CACHE_LOGIN_ERR_PASS, sysUser.AdminName)
  441. _ = utils.Rc.Delete(abnormalCache)
  442. _ = utils.Rc.Delete(errPassCache)
  443. account := utils.MD5(sysUser.AdminName)
  444. token := utils.GenToken(account)
  445. sysSession := new(system.SysSession)
  446. sysSession.UserName = req.Username
  447. sysSession.SysUserId = sysUser.AdminId
  448. sysSession.ExpiredTime = time.Now().AddDate(0, 0, 90)
  449. sysSession.IsRemember = 0 // 均需要做过期校验
  450. sysSession.CreatedTime = time.Now()
  451. sysSession.LastUpdatedTime = time.Now()
  452. sysSession.AccessToken = token
  453. if e := system.AddSysSession(sysSession); e != nil {
  454. br.Msg = "登录失败"
  455. br.ErrMsg = "新增session信息失败, Err:" + e.Error()
  456. return
  457. }
  458. // 修改最后登录时间
  459. {
  460. sysUser.LastLoginTime = time.Now().Format(utils.FormatDateTime)
  461. sysUser.LastUpdatedTime = time.Now().Format(utils.FormatDateTime)
  462. _ = sysUser.Update([]string{"LastLoginTime", "LastUpdatedTime"})
  463. }
  464. resp := new(system.LoginResp)
  465. resp.Authorization = token
  466. resp.Authorization = "authorization=" + token + "$account=" + account
  467. resp.RealName = sysUser.RealName
  468. resp.AdminName = sysUser.AdminName
  469. resp.RoleName = sysUser.RoleName
  470. resp.SysRoleTypeCode = sysUser.RoleTypeCode //系统角色编码
  471. resp.RoleTypeCode = sysUser.RoleTypeCode
  472. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_GROUP {
  473. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  474. }
  475. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_TEAM {
  476. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  477. }
  478. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_DEPARTMENT {
  479. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  480. }
  481. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_GROUP {
  482. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
  483. }
  484. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_DEPARTMENT {
  485. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
  486. }
  487. if sysUser.RoleName == utils.ROLE_NAME_FICC_DIRECTOR {
  488. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  489. }
  490. resp.AdminId = sysUser.AdminId
  491. var productName string
  492. productId := services.GetProductId(sysUser.RoleTypeCode)
  493. if productId == 1 {
  494. productName = utils.COMPANY_PRODUCT_FICC_NAME
  495. } else if productId == 2 {
  496. productName = utils.COMPANY_PRODUCT_RAI_NAME
  497. } else {
  498. productName = "admin"
  499. }
  500. resp.ProductName = productName
  501. resp.Authority = sysUser.Authority
  502. // 设置redis缓存
  503. {
  504. // 获取不可信的登录态,并将该登录态重置掉,不允许多次登录
  505. noTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN_NO_TRUST, sysUser.AdminId)
  506. noTrustLoginId, _ := utils.Rc.RedisString(noTrustLoginKey)
  507. if noTrustLoginId != `` { // 如果存在不可信设备,那么将其下架
  508. oldNoTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, noTrustLoginId)
  509. _ = utils.Rc.Put(oldNoTrustLoginKey, "0", 30*time.Minute)
  510. }
  511. // 如果当前是不可信设备,那么将其加入到不可信名单
  512. loginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, sysSession.Id)
  513. _ = utils.Rc.Put(loginKey, "1", 30*time.Minute)
  514. _ = utils.Rc.Put(noTrustLoginKey, sysSession.Id, 30*time.Minute)
  515. }
  516. // 新增登录记录
  517. go func() {
  518. record := new(system.SysUserLoginRecord)
  519. record.Uid = sysUser.AdminId
  520. record.UserName = req.Username
  521. record.Ip = this.Ctx.Input.IP()
  522. record.Stage = "login"
  523. record.CreateTime = time.Now()
  524. _ = system.AddSysUserLoginRecord(record)
  525. }()
  526. br.Data = resp
  527. br.Ret = 200
  528. br.Success = true
  529. br.Msg = "登录成功"
  530. }
  531. // ForgetAccountGet
  532. // @Title 忘记密码-账号校验
  533. // @Description 忘记密码-账号校验
  534. // @Param request body ForgetAccountGetReq true "type json string"
  535. // @Success 200 Ret=200 获取成功
  536. // @router /forget/account_get [post]
  537. func (this *UserLoginController) ForgetAccountGet() {
  538. br := new(models.BaseResponse).Init()
  539. defer func() {
  540. if br.ErrMsg == "" {
  541. br.IsSendEmail = false
  542. }
  543. this.Data["json"] = br
  544. this.ServeJSON()
  545. }()
  546. type ForgetAccountGetReq struct {
  547. CaptchaId string `description:"验证码ID"`
  548. CaptchaCode string `description:"图形验证码"`
  549. UserName string `description:"用户名"`
  550. }
  551. var req ForgetAccountGetReq
  552. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  553. if err != nil {
  554. br.Msg = "参数解析异常!"
  555. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  556. return
  557. }
  558. req.UserName = strings.TrimSpace(req.UserName)
  559. if req.UserName == "" {
  560. br.Msg = "请输入账号"
  561. return
  562. }
  563. if req.CaptchaId == "" || req.CaptchaCode == "" {
  564. br.Msg = "请输入图形验证码"
  565. return
  566. }
  567. store := services.CaptchaRedis{}
  568. ok := store.Verify(req.CaptchaId, req.CaptchaCode, true)
  569. if !ok {
  570. br.Msg = "验证码错误, 请重新输入"
  571. return
  572. }
  573. sysUser, e := system.GetSysUserByAdminName(req.UserName)
  574. if e != nil {
  575. if e.Error() == utils.ErrNoRow() {
  576. br.Msg = "用户不存在, 请检查"
  577. return
  578. }
  579. br.Msg = "账号错误, 请重新输入"
  580. br.ErrMsg = "用户名获取用户失败, Err: " + e.Error()
  581. return
  582. }
  583. type ForgetAccountCheckResp struct {
  584. Mobile string `description:"手机号"`
  585. Email string `description:"邮箱"`
  586. TelAreaCode string `description:"手机区号"`
  587. }
  588. resp := ForgetAccountCheckResp{
  589. Mobile: sysUser.Mobile,
  590. Email: sysUser.Email,
  591. TelAreaCode: sysUser.TelAreaCode,
  592. }
  593. br.Data = resp
  594. br.Ret = 200
  595. br.Success = true
  596. br.Msg = "获取成功"
  597. }
  598. // ForgetCodeVerify
  599. // @Title 忘记密码-验证码校验
  600. // @Description 忘记密码-验证码校验
  601. // @Param request body ForgetCodeVerifyReq true "type json string"
  602. // @Success 200 Ret=200 获取成功
  603. // @router /forget/code_verify [post]
  604. func (this *UserLoginController) ForgetCodeVerify() {
  605. br := new(models.BaseResponse).Init()
  606. defer func() {
  607. if br.ErrMsg == "" {
  608. br.IsSendEmail = false
  609. }
  610. this.Data["json"] = br
  611. this.ServeJSON()
  612. }()
  613. type ForgetCodeVerifyReq struct {
  614. FindType int `description:"密码找回方式: 1-手机号; 2-邮箱"`
  615. VerifyCode string `description:"验证码"`
  616. UserName string `description:"用户名"`
  617. Mobile string `description:"手机号"`
  618. Email string `description:"邮箱"`
  619. }
  620. var req ForgetCodeVerifyReq
  621. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  622. if err != nil {
  623. br.Msg = "参数解析异常!"
  624. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  625. return
  626. }
  627. req.UserName = strings.TrimSpace(req.UserName)
  628. if req.UserName == "" {
  629. br.Msg = "请输入账号"
  630. return
  631. }
  632. if req.VerifyCode == "" {
  633. br.Msg = "请输入验证码"
  634. return
  635. }
  636. // 手机号找回
  637. var verifyRes bool
  638. if req.FindType == 1 {
  639. req.Mobile = strings.TrimSpace(req.Mobile)
  640. if req.Mobile == "" {
  641. br.Msg = "请输入手机号"
  642. return
  643. }
  644. if !utils.ValidateMobileFormatat(req.Mobile) {
  645. br.Msg = "您的手机号输入有误, 请检查"
  646. return
  647. }
  648. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  649. recordCond := ` AND source = ? AND mobile = ? AND code = ? AND expired_time <= ?`
  650. recordPars := make([]interface{}, 0)
  651. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceForget, req.Mobile, req.VerifyCode, expiredTime)
  652. recordOb := new(system.AdminVerifyCodeRecord)
  653. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  654. if e != nil {
  655. if e.Error() == utils.ErrNoRow() {
  656. br.Msg = "验证码错误, 请重新输入"
  657. return
  658. }
  659. br.Msg = "验证码错误, 请重新输入"
  660. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  661. return
  662. }
  663. verifyRes = true
  664. }
  665. // 邮箱找回
  666. if req.FindType == 2 {
  667. req.Email = strings.TrimSpace(req.Email)
  668. if req.Email == "" {
  669. br.Msg = "请输入邮箱"
  670. return
  671. }
  672. if !utils.ValidateEmailFormatat(req.Email) {
  673. br.Msg = "您的邮箱输入有误, 请检查"
  674. return
  675. }
  676. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  677. recordCond := ` AND source = ? AND email = ? AND code = ? AND expired_time <= ?`
  678. recordPars := make([]interface{}, 0)
  679. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceForget, req.Email, req.VerifyCode, expiredTime)
  680. recordOb := new(system.AdminVerifyCodeRecord)
  681. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  682. if e != nil {
  683. if e.Error() == utils.ErrNoRow() {
  684. br.Msg = "验证码错误, 请重新输入"
  685. return
  686. }
  687. br.Msg = "验证码错误, 请重新输入"
  688. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  689. return
  690. }
  691. verifyRes = true
  692. }
  693. if verifyRes {
  694. successKey := fmt.Sprint(utils.CACHE_FIND_PASS_VERIFY, req.UserName)
  695. _ = utils.Rc.Put(successKey, "true", utils.GetTodayLastSecond())
  696. }
  697. br.Data = verifyRes
  698. br.Ret = 200
  699. br.Success = true
  700. br.Msg = "操作成功"
  701. }
  702. // ForgetResetPass
  703. // @Title 忘记密码-重置密码
  704. // @Description 忘记密码-重置密码
  705. // @Param request body ForgetResetPassReq true "type json string"
  706. // @Success 200 Ret=200 获取成功
  707. // @router /forget/reset_pass [post]
  708. func (this *UserLoginController) ForgetResetPass() {
  709. br := new(models.BaseResponse).Init()
  710. defer func() {
  711. if br.ErrMsg == "" {
  712. br.IsSendEmail = false
  713. }
  714. this.Data["json"] = br
  715. this.ServeJSON()
  716. }()
  717. type ForgetResetPassReq struct {
  718. UserName string `description:"用户名"`
  719. Password string `description:"密码"`
  720. RePassword string `description:"重复密码"`
  721. }
  722. var req ForgetResetPassReq
  723. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  724. if err != nil {
  725. br.Msg = "参数解析异常!"
  726. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  727. return
  728. }
  729. req.UserName = strings.TrimSpace(req.UserName)
  730. if req.UserName == "" {
  731. br.Msg = "请输入账号"
  732. return
  733. }
  734. req.Password = strings.TrimSpace(req.Password)
  735. if req.Password == "" {
  736. br.Msg = "请输入新密码"
  737. return
  738. }
  739. req.RePassword = strings.TrimSpace(req.RePassword)
  740. if req.RePassword == "" {
  741. br.Msg = "请确认新密码"
  742. return
  743. }
  744. if req.Password != req.RePassword {
  745. br.Msg = "两次密码输入不一致, 请检查"
  746. return
  747. }
  748. // 接上一步-验证码校验成功后才允许修改
  749. successKey := fmt.Sprint(utils.CACHE_FIND_PASS_VERIFY, req.UserName)
  750. verifyOk, _ := utils.Rc.RedisString(successKey)
  751. if verifyOk != "true" {
  752. br.Msg = "验证码校验失效, 请重新验证"
  753. br.ErrMsg = "重置密码异常, 验证码校验已失效"
  754. return
  755. }
  756. sysUser, e := system.GetSysAdminByName(req.UserName)
  757. if e != nil {
  758. if e.Error() == utils.ErrNoRow() {
  759. br.Msg = "用户不存在, 请检查"
  760. return
  761. }
  762. br.Msg = "操作失败"
  763. br.ErrMsg = "密码找回获取用户失败, Err:" + e.Error()
  764. return
  765. }
  766. b, e := base64.StdEncoding.DecodeString(req.Password)
  767. if e != nil {
  768. br.Msg = "操作失败"
  769. br.ErrMsg = "解析密码失败, Err:" + e.Error()
  770. return
  771. }
  772. pwd := string(b)
  773. pwd = utils.MD5(pwd)
  774. sysUser.Password = pwd
  775. sysUser.LastUpdatedPasswordTime = time.Now().Format(utils.FormatDateTime)
  776. // 重置密码后更新一下登录时间, 不然账号密码登录如果超过60天还会被异常校验再校验一次, 影响体验
  777. sysUser.LastLoginTime = time.Now().Format(utils.FormatDateTime)
  778. sysUser.LastUpdatedTime = time.Now().Format(utils.FormatDateTime)
  779. if e = sysUser.Update([]string{"Password", "LastUpdatedPasswordTime", "LastLoginTime", "LastUpdatedTime"}); e != nil {
  780. br.Msg = "操作失败"
  781. br.ErrMsg = "更新密码失败, Err: " + e.Error()
  782. return
  783. }
  784. // 如果有异常标记也清除掉
  785. abnormalKey := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, req.UserName)
  786. _ = utils.Rc.Delete(abnormalKey)
  787. _ = utils.Rc.Delete(successKey)
  788. br.Data = true
  789. br.Ret = 200
  790. br.Success = true
  791. br.Msg = "操作成功"
  792. }
  793. // AreaCodeList
  794. // @Title 手机号区号列表
  795. // @Description 手机号区号列表
  796. // @Success 200 Ret=200 获取成功
  797. // @router /area_code/list [get]
  798. func (this *UserLoginController) AreaCodeList() {
  799. br := new(models.BaseResponse).Init()
  800. defer func() {
  801. if br.ErrMsg == "" {
  802. br.IsSendEmail = false
  803. }
  804. this.Data["json"] = br
  805. this.ServeJSON()
  806. }()
  807. type AreaCodeListResp struct {
  808. Name string `description:"地区"`
  809. Value string `description:"区号"`
  810. }
  811. resp := make([]AreaCodeListResp, 0)
  812. confAuth, e := company.GetConfigDetailByCode(company.ConfAreaCodeListKey)
  813. if e != nil {
  814. br.Msg = "获取失败"
  815. br.ErrMsg = "获取手机号区号配置失败, Err: " + e.Error()
  816. return
  817. }
  818. if confAuth.ConfigValue == "" {
  819. br.Msg = "获取失败"
  820. br.ErrMsg = "手机号区号配置为空"
  821. return
  822. }
  823. if e := json.Unmarshal([]byte(confAuth.ConfigValue), &resp); e != nil {
  824. br.Msg = "获取失败"
  825. br.ErrMsg = "手机号区号配置有误"
  826. return
  827. }
  828. br.Data = resp
  829. br.Ret = 200
  830. br.Success = true
  831. br.Msg = "获取成功"
  832. }