user_login.go 26 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906
  1. package controllers
  2. import (
  3. "encoding/base64"
  4. "encoding/json"
  5. "eta/eta_mobile/models"
  6. "eta/eta_mobile/models/company"
  7. "eta/eta_mobile/models/system"
  8. "eta/eta_mobile/services"
  9. "eta/eta_mobile/utils"
  10. "fmt"
  11. "github.com/mojocn/base64Captcha"
  12. "image/color"
  13. "strings"
  14. "time"
  15. )
  16. // UserLoginController 登录-无需Token
  17. type UserLoginController struct {
  18. BaseCommonController
  19. }
  20. // UserLoginAuthController 登录-需Token
  21. type UserLoginAuthController struct {
  22. BaseAuthController
  23. }
  24. // GenerateCaptcha
  25. // @Title 生成图形验证码
  26. // @Description 生成图形验证码
  27. // @Success 200 Ret=200 获取成功
  28. // @router /get_captcha [get]
  29. func (this *UserLoginController) GenerateCaptcha() {
  30. br := new(models.BaseResponse).Init()
  31. defer func() {
  32. if br.ErrMsg == "" {
  33. br.IsSendEmail = false
  34. }
  35. this.Data["json"] = br
  36. this.ServeJSON()
  37. }()
  38. //driver := base64Captcha.DefaultDriverDigit
  39. // 自定义验证码样式
  40. var driver base64Captcha.Driver
  41. driverString := base64Captcha.DriverString{
  42. Height: 60, //高度
  43. Width: 120, //宽度
  44. NoiseCount: 0, //干扰数
  45. ShowLineOptions: 2 | 4, //展示个数
  46. Length: 4, //长度
  47. //Source: "1234567890qwertyuioplkjhgfdsazxcvbnm", //验证码随机字符串来源
  48. Source: "1234567890", //验证码随机字符串来源
  49. BgColor: &color.RGBA{ // 背景颜色
  50. R: 0,
  51. G: 0,
  52. B: 0,
  53. A: 0,
  54. },
  55. Fonts: []string{"wqy-microhei.ttc"}, // 字体
  56. }
  57. driver = driverString.ConvertFonts()
  58. // 生成验证码
  59. store := services.CaptchaRedis{}
  60. captcha := base64Captcha.NewCaptcha(driver, store)
  61. id, b64s, err := captcha.Generate()
  62. if err != nil {
  63. br.Msg = "生成失败"
  64. br.ErrMsg = "生成验证码失败, Err: " + err.Error()
  65. return
  66. }
  67. type CaptchaResult struct {
  68. Id string
  69. Base64Blob string
  70. }
  71. res := new(CaptchaResult)
  72. res.Id = id
  73. res.Base64Blob = b64s
  74. br.Ret = 200
  75. br.Success = true
  76. br.Msg = "获取成功"
  77. br.Data = res
  78. }
  79. // GetVerifyCode
  80. // @Title 获取短信/邮箱验证码
  81. // @Description 获取短信/邮箱验证码
  82. // @Param request body VerifyCodeReq true "type json string"
  83. // @Success 200 Ret=200 获取成功
  84. // @router /verify_code [post]
  85. func (this *UserLoginController) GetVerifyCode() {
  86. br := new(models.BaseResponse).Init()
  87. defer func() {
  88. if br.ErrMsg == "" {
  89. br.IsSendEmail = false
  90. }
  91. this.Data["json"] = br
  92. this.ServeJSON()
  93. }()
  94. type VerifyCodeReq struct {
  95. VerifyType int `description:"验证方式: 1-手机号; 2-邮箱"`
  96. CaptchaId string `description:"验证码ID"`
  97. CaptchaCode string `description:"图形验证码"`
  98. Mobile string `description:"手机号"`
  99. TelAreaCode string `description:"手机区号"`
  100. Email string `description:"邮箱"`
  101. Source int `description:"来源:1-登录;2-异常登录校验;3-忘记密码"`
  102. }
  103. var req VerifyCodeReq
  104. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  105. if err != nil {
  106. br.Msg = "参数解析异常!"
  107. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  108. return
  109. }
  110. if req.VerifyType != 1 && req.VerifyType != 2 {
  111. br.Msg = "验证方式有误"
  112. br.ErrMsg = "验证方式有误"
  113. return
  114. }
  115. if req.Source != 1 && req.Source != 2 && req.Source != 3 {
  116. br.Msg = "来源有误"
  117. br.ErrMsg = "来源有误"
  118. return
  119. }
  120. // 忘记密码图形校验在前一步, 这一步不再校验图形验证码
  121. if req.Source != 3 {
  122. if req.CaptchaId == "" || req.CaptchaCode == "" {
  123. br.Msg = "请输入图形验证码"
  124. return
  125. }
  126. }
  127. if req.VerifyType == 1 {
  128. if req.TelAreaCode == "" {
  129. br.Msg = "请选择区号"
  130. return
  131. }
  132. if req.Mobile == "" {
  133. br.Msg = "请输入手机号"
  134. return
  135. }
  136. if req.TelAreaCode == "86" && !utils.ValidateMobileFormatat(req.Mobile) {
  137. br.Msg = "您的手机号输入有误, 请检查"
  138. return
  139. }
  140. _, e := system.GetSysUserByMobile(req.Mobile)
  141. if e != nil {
  142. if e.Error() == utils.ErrNoRow() {
  143. br.Msg = "您的手机号未绑定账号, 请检查"
  144. return
  145. }
  146. br.Msg = "您的手机号未绑定账号, 请检查"
  147. br.ErrMsg = "手机号获取用户失败, Err:" + e.Error()
  148. return
  149. }
  150. }
  151. if req.VerifyType == 2 {
  152. if req.Email == "" {
  153. br.Msg = "请输入邮箱"
  154. return
  155. }
  156. if !utils.ValidateEmailFormatat(req.Email) {
  157. br.Msg = "您的邮箱输入有误, 请检查"
  158. return
  159. }
  160. _, e := system.GetSysUserByEmail(req.Email)
  161. if e != nil {
  162. if e.Error() == utils.ErrNoRow() {
  163. br.Msg = "您的邮箱未绑定账号, 请检查"
  164. return
  165. }
  166. br.Msg = "您的邮箱未绑定账号, 请检查"
  167. br.ErrMsg = "邮箱获取用户失败, Err:" + e.Error()
  168. return
  169. }
  170. }
  171. if req.Source != 3 {
  172. store := services.CaptchaRedis{}
  173. ok := store.Verify(req.CaptchaId, req.CaptchaCode, true)
  174. if !ok {
  175. br.Msg = "图形验证码错误, 请重新输入"
  176. return
  177. }
  178. }
  179. // 限制最多60s获取一次
  180. var lockKey string
  181. if req.VerifyType == 1 {
  182. lockKey = fmt.Sprint(utils.CaptchaCachePrefix, req.Mobile)
  183. }
  184. if req.VerifyType == 2 {
  185. lockKey = fmt.Sprint(utils.CaptchaCachePrefix, req.Email)
  186. }
  187. locked := utils.Rc.SetNX(lockKey, 1, time.Minute)
  188. if !locked {
  189. br.Msg = "请勿频繁发送"
  190. return
  191. }
  192. // 发送验证码
  193. sendRes := false
  194. if req.VerifyType == 1 {
  195. r, e := services.SendAdminMobileVerifyCode(req.Source, req.Mobile, req.TelAreaCode)
  196. if e != nil {
  197. br.Msg = "发送失败"
  198. br.ErrMsg = "发送短信验证码失败, Err: " + e.Error()
  199. return
  200. }
  201. sendRes = r
  202. }
  203. if req.VerifyType == 2 {
  204. r, e := services.SendAdminEmailVerifyCode(req.Source, req.Email)
  205. if e != nil {
  206. br.Msg = "发送失败"
  207. br.ErrMsg = "发送邮箱验证码失败, Err: " + e.Error()
  208. return
  209. }
  210. sendRes = r
  211. }
  212. if !sendRes {
  213. br.Msg = "发送失败"
  214. br.ErrMsg = "发送短信验证码失败"
  215. return
  216. }
  217. br.Ret = 200
  218. br.Success = true
  219. br.Msg = "发送成功"
  220. }
  221. // Login
  222. // @Title 用户登录
  223. // @Description 用户登录
  224. // @Param request body UserLoginReq true "type json string"
  225. // @Success 200 {object} models.LoginResp
  226. // @router /login [post]
  227. func (this *UserLoginController) Login() {
  228. br := new(models.BaseResponse).Init()
  229. defer func() {
  230. if br.ErrMsg == "" {
  231. br.IsSendEmail = false
  232. }
  233. this.Data["json"] = br
  234. this.ServeJSON()
  235. }()
  236. // 入参
  237. type UserLoginReq struct {
  238. LoginType int `description:"登录方式: 1-账号; 2-手机号; 3-邮箱"`
  239. Username string `description:"账号"`
  240. Password string `description:"密码"`
  241. Mobile string `description:"手机号"`
  242. Email string `description:"邮箱"`
  243. VerifyCode string `description:"验证码"`
  244. ReqTime string `description:"登录时间戳"`
  245. }
  246. var req UserLoginReq
  247. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  248. if err != nil {
  249. br.Msg = "参数解析异常!"
  250. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  251. return
  252. }
  253. req.Username = strings.TrimSpace(req.Username)
  254. req.Mobile = strings.TrimSpace(req.Mobile)
  255. if req.Mobile != "" {
  256. if !utils.ValidateMobileFormatat(req.Mobile) {
  257. br.Msg = "您的手机号输入有误, 请检查"
  258. return
  259. }
  260. }
  261. req.Email = strings.TrimSpace(req.Email)
  262. if req.Email != "" {
  263. if !utils.ValidateEmailFormatat(req.Email) {
  264. br.Msg = "您的邮箱输入有误, 请检查"
  265. return
  266. }
  267. }
  268. req.VerifyCode = strings.TrimSpace(req.VerifyCode)
  269. if req.LoginType != 1 && req.LoginType != 2 && req.LoginType != 3 {
  270. br.Msg = "登录方式有误"
  271. br.ErrMsg = fmt.Sprintf("登录方式有误, Type: %d", req.LoginType)
  272. return
  273. }
  274. sysUser := new(system.Admin)
  275. // 账号密码登录
  276. if req.LoginType == 1 {
  277. if req.Username == "" {
  278. br.Msg = "请输入账号"
  279. return
  280. }
  281. if req.Password == "" {
  282. br.Msg = "请输入密码"
  283. return
  284. }
  285. // 判断账号是否为异常登录, 算作异常的话就需要换另外的方式去做登录了
  286. abnormalKey := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, req.Username)
  287. isAbnormal, _ := utils.Rc.RedisString(abnormalKey)
  288. if isAbnormal != "" {
  289. br.Ret = models.BaseRespCodeAbnormalLogin
  290. br.Msg = "账号异常, 请进行手机号/邮箱校验"
  291. return
  292. }
  293. // 查询账号信息
  294. errPassKey := fmt.Sprint(utils.CACHE_LOGIN_ERR_PASS, req.Username)
  295. accountUser, e := system.GetSysUserByAdminName(req.Username)
  296. if e != nil {
  297. br.Ret = models.BaseRespCodeLoginErr
  298. br.Msg = "登录失败, 账号或密码错误"
  299. // 账号查询异常均进行标记, 避免一直尝试进行登录
  300. if !utils.Rc.IsExist(errPassKey) {
  301. _ = utils.Rc.Put(errPassKey, 1, utils.GetTodayLastSecond())
  302. return
  303. }
  304. errNum, _ := utils.Rc.RedisInt(errPassKey)
  305. errNum += 1
  306. if errNum < 6 {
  307. _ = utils.Rc.Put(errPassKey, errNum, utils.GetTodayLastSecond())
  308. return
  309. }
  310. // 标记异常登录, 重置计数
  311. br.Ret = models.BaseRespCodeAbnormalLogin
  312. br.Msg = "账号异常, 请进行手机号/邮箱校验"
  313. _ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
  314. _ = utils.Rc.Delete(errPassKey)
  315. return
  316. }
  317. // 账号密码校验
  318. dbPass := utils.MD5(fmt.Sprintf("%s%s%s", accountUser.Password, utils.UserLoginSalt, req.ReqTime))
  319. if req.Password != dbPass {
  320. br.Ret = models.BaseRespCodeLoginErr
  321. br.Msg = "登录失败, 账号或密码错误"
  322. // 错误密码计数, 超过6次标记异常
  323. if !utils.Rc.IsExist(errPassKey) {
  324. _ = utils.Rc.Put(errPassKey, 1, utils.GetTodayLastSecond())
  325. return
  326. }
  327. errNum, _ := utils.Rc.RedisInt(errPassKey)
  328. errNum += 1
  329. if errNum < 6 {
  330. _ = utils.Rc.Put(errPassKey, errNum, utils.GetTodayLastSecond())
  331. return
  332. }
  333. // 标记异常登录, 重置计数
  334. br.Ret = models.BaseRespCodeAbnormalLogin
  335. br.Msg = "账号异常, 请进行手机号/邮箱校验"
  336. _ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
  337. _ = utils.Rc.Delete(errPassKey)
  338. return
  339. }
  340. if accountUser.Enabled == 0 {
  341. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  342. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录账号: %s, 账户名称: %s", accountUser.AdminName, accountUser.RealName)
  343. return
  344. }
  345. // 异常登录-是否登录间隔大于60天
  346. if isAbnormal == "" {
  347. abnormalTime := time.Now().AddDate(0, 0, -60)
  348. lastLogin, _ := time.ParseInLocation(utils.FormatDateTime, accountUser.LastLoginTime, time.Local)
  349. if !lastLogin.IsZero() && lastLogin.Before(abnormalTime) {
  350. br.Msg = "请进行异常登录校验"
  351. br.Ret = models.BaseRespCodeAbnormalLogin
  352. // 标记异常登录
  353. _ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
  354. return
  355. }
  356. }
  357. // 登录成功, 清除异常标记
  358. _ = utils.Rc.Delete(abnormalKey)
  359. _ = utils.Rc.Delete(errPassKey)
  360. sysUser = accountUser
  361. }
  362. // 手机号
  363. if req.LoginType == 2 {
  364. if req.Mobile == "" {
  365. br.Msg = "请输入手机号"
  366. return
  367. }
  368. if !utils.ValidateMobileFormatat(req.Mobile) {
  369. br.Msg = "您的手机号输入有误, 请检查"
  370. return
  371. }
  372. if req.VerifyCode == "" {
  373. br.Msg = "请输入验证码"
  374. return
  375. }
  376. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  377. recordCond := ` AND source = ? AND mobile = ? AND code = ? AND expired_time <= ?`
  378. recordPars := make([]interface{}, 0)
  379. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceLogin, req.Mobile, req.VerifyCode, expiredTime)
  380. recordOb := new(system.AdminVerifyCodeRecord)
  381. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  382. if e != nil {
  383. if e.Error() == utils.ErrNoRow() {
  384. br.Msg = "验证码错误, 请重新输入"
  385. return
  386. }
  387. br.Msg = "验证码错误, 请重新输入"
  388. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  389. return
  390. }
  391. mobileUser, e := system.GetSysUserByMobile(req.Mobile)
  392. if e != nil {
  393. if e.Error() == utils.ErrNoRow() {
  394. br.Msg = "您的手机号未绑定账号, 请检查"
  395. return
  396. }
  397. br.Msg = "您的手机号未绑定账号, 请检查"
  398. br.ErrMsg = "手机号获取用户失败, Err:" + e.Error()
  399. return
  400. }
  401. if mobileUser.Enabled == 0 {
  402. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  403. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录手机号: %s", req.Mobile)
  404. return
  405. }
  406. sysUser = mobileUser
  407. }
  408. // 邮箱登录
  409. if req.LoginType == 3 {
  410. if req.Email == "" {
  411. br.Msg = "请输入邮箱"
  412. return
  413. }
  414. if !utils.ValidateEmailFormatat(req.Email) {
  415. br.Msg = "您的邮箱输入有误, 请检查"
  416. return
  417. }
  418. if req.VerifyCode == "" {
  419. br.Msg = "请输入验证码"
  420. return
  421. }
  422. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  423. recordCond := ` AND source = ? AND email = ? AND code = ? AND expired_time <= ?`
  424. recordPars := make([]interface{}, 0)
  425. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceLogin, req.Email, req.VerifyCode, expiredTime)
  426. recordOb := new(system.AdminVerifyCodeRecord)
  427. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  428. if e != nil {
  429. if e.Error() == utils.ErrNoRow() {
  430. br.Msg = "验证码错误, 请重新输入"
  431. return
  432. }
  433. br.Msg = "验证码错误, 请重新输入"
  434. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  435. return
  436. }
  437. emailUser, e := system.GetSysUserByEmail(req.Email)
  438. if e != nil {
  439. if e.Error() == utils.ErrNoRow() {
  440. br.Msg = "您的邮箱未绑定账号, 请检查"
  441. return
  442. }
  443. br.Msg = "您的邮箱未绑定账号, 请检查"
  444. br.ErrMsg = "邮箱获取用户失败, Err:" + e.Error()
  445. return
  446. }
  447. if emailUser.Enabled == 0 {
  448. br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
  449. br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录邮箱: %s", req.Email)
  450. return
  451. }
  452. sysUser = emailUser
  453. }
  454. // 登录成功(无论哪种方式登录), 清除异常标记
  455. abnormalCache := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, sysUser.AdminName)
  456. errPassCache := fmt.Sprint(utils.CACHE_LOGIN_ERR_PASS, sysUser.AdminName)
  457. _ = utils.Rc.Delete(abnormalCache)
  458. _ = utils.Rc.Delete(errPassCache)
  459. account := utils.MD5(sysUser.AdminName)
  460. token := utils.GenToken(account)
  461. sysSession := new(system.SysSession)
  462. sysSession.UserName = req.Username
  463. sysSession.SysUserId = sysUser.AdminId
  464. sysSession.ExpiredTime = time.Now().AddDate(0, 0, 90)
  465. sysSession.IsRemember = 0 // 均需要做过期校验
  466. sysSession.CreatedTime = time.Now()
  467. sysSession.LastUpdatedTime = time.Now()
  468. sysSession.AccessToken = token
  469. if e := system.AddSysSession(sysSession); e != nil {
  470. br.Msg = "登录失败"
  471. br.ErrMsg = "新增session信息失败, Err:" + e.Error()
  472. return
  473. }
  474. // 修改最后登录时间
  475. {
  476. sysUser.LastLoginTime = time.Now().Format(utils.FormatDateTime)
  477. sysUser.LastUpdatedTime = time.Now().Format(utils.FormatDateTime)
  478. _ = sysUser.Update([]string{"LastLoginTime", "LastUpdatedTime"})
  479. }
  480. resp := new(system.LoginResp)
  481. resp.Authorization = token
  482. resp.Authorization = "authorization=" + token + "$account=" + account
  483. resp.RealName = sysUser.RealName
  484. resp.AdminName = sysUser.AdminName
  485. resp.RoleName = sysUser.RoleName
  486. resp.SysRoleTypeCode = sysUser.RoleTypeCode //系统角色编码
  487. resp.RoleTypeCode = sysUser.RoleTypeCode
  488. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_GROUP {
  489. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  490. }
  491. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_TEAM {
  492. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  493. }
  494. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_DEPARTMENT {
  495. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  496. }
  497. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_GROUP {
  498. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
  499. }
  500. if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_DEPARTMENT {
  501. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
  502. }
  503. if sysUser.RoleName == utils.ROLE_NAME_FICC_DIRECTOR {
  504. resp.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
  505. }
  506. resp.AdminId = sysUser.AdminId
  507. var productName string
  508. productId := services.GetProductId(sysUser.RoleTypeCode)
  509. if productId == 1 {
  510. productName = utils.COMPANY_PRODUCT_FICC_NAME
  511. } else if productId == 2 {
  512. productName = utils.COMPANY_PRODUCT_RAI_NAME
  513. } else {
  514. productName = "admin"
  515. }
  516. resp.ProductName = productName
  517. resp.Authority = sysUser.Authority
  518. // 设置redis缓存
  519. {
  520. // 获取不可信的登录态,并将该登录态重置掉,不允许多次登录
  521. noTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN_NO_TRUST, sysUser.AdminId)
  522. noTrustLoginId, _ := utils.Rc.RedisString(noTrustLoginKey)
  523. if noTrustLoginId != `` { // 如果存在不可信设备,那么将其下架
  524. oldNoTrustLoginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, noTrustLoginId)
  525. _ = utils.Rc.Put(oldNoTrustLoginKey, "0", utils.LoginCacheTime*time.Minute)
  526. }
  527. // 如果当前是不可信设备,那么将其加入到不可信名单
  528. loginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, sysSession.Id)
  529. _ = utils.Rc.Put(loginKey, "1", utils.LoginCacheTime*time.Minute)
  530. _ = utils.Rc.Put(noTrustLoginKey, sysSession.Id, utils.LoginCacheTime*time.Minute)
  531. }
  532. // 新增登录记录
  533. go func() {
  534. record := new(system.SysUserLoginRecord)
  535. record.Uid = sysUser.AdminId
  536. record.UserName = req.Username
  537. record.Ip = this.Ctx.Input.IP()
  538. record.Stage = "login"
  539. record.CreateTime = time.Now()
  540. _ = system.AddSysUserLoginRecord(record)
  541. }()
  542. br.Data = resp
  543. br.Ret = 200
  544. br.Success = true
  545. br.Msg = "登录成功"
  546. }
  547. // ForgetAccountGet
  548. // @Title 忘记密码-账号校验
  549. // @Description 忘记密码-账号校验
  550. // @Param request body ForgetAccountGetReq true "type json string"
  551. // @Success 200 Ret=200 获取成功
  552. // @router /forget/account_get [post]
  553. func (this *UserLoginController) ForgetAccountGet() {
  554. br := new(models.BaseResponse).Init()
  555. defer func() {
  556. if br.ErrMsg == "" {
  557. br.IsSendEmail = false
  558. }
  559. this.Data["json"] = br
  560. this.ServeJSON()
  561. }()
  562. type ForgetAccountGetReq struct {
  563. CaptchaId string `description:"验证码ID"`
  564. CaptchaCode string `description:"图形验证码"`
  565. UserName string `description:"用户名"`
  566. }
  567. var req ForgetAccountGetReq
  568. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  569. if err != nil {
  570. br.Msg = "参数解析异常!"
  571. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  572. return
  573. }
  574. req.UserName = strings.TrimSpace(req.UserName)
  575. if req.UserName == "" {
  576. br.Msg = "请输入账号"
  577. return
  578. }
  579. if req.CaptchaId == "" || req.CaptchaCode == "" {
  580. br.Msg = "请输入图形验证码"
  581. return
  582. }
  583. store := services.CaptchaRedis{}
  584. ok := store.Verify(req.CaptchaId, req.CaptchaCode, true)
  585. if !ok {
  586. br.Msg = "验证码错误, 请重新输入"
  587. return
  588. }
  589. sysUser, e := system.GetSysUserByAdminName(req.UserName)
  590. if e != nil {
  591. if e.Error() == utils.ErrNoRow() {
  592. br.Msg = "用户不存在, 请检查"
  593. return
  594. }
  595. br.Msg = "账号错误, 请重新输入"
  596. br.ErrMsg = "用户名获取用户失败, Err: " + e.Error()
  597. return
  598. }
  599. type ForgetAccountCheckResp struct {
  600. Mobile string `description:"手机号"`
  601. Email string `description:"邮箱"`
  602. TelAreaCode string `description:"手机区号"`
  603. }
  604. resp := ForgetAccountCheckResp{
  605. Mobile: sysUser.Mobile,
  606. Email: sysUser.Email,
  607. TelAreaCode: sysUser.TelAreaCode,
  608. }
  609. br.Data = resp
  610. br.Ret = 200
  611. br.Success = true
  612. br.Msg = "获取成功"
  613. }
  614. // ForgetCodeVerify
  615. // @Title 忘记密码-验证码校验
  616. // @Description 忘记密码-验证码校验
  617. // @Param request body ForgetCodeVerifyReq true "type json string"
  618. // @Success 200 Ret=200 获取成功
  619. // @router /forget/code_verify [post]
  620. func (this *UserLoginController) ForgetCodeVerify() {
  621. br := new(models.BaseResponse).Init()
  622. defer func() {
  623. if br.ErrMsg == "" {
  624. br.IsSendEmail = false
  625. }
  626. this.Data["json"] = br
  627. this.ServeJSON()
  628. }()
  629. type ForgetCodeVerifyReq struct {
  630. FindType int `description:"密码找回方式: 1-手机号; 2-邮箱"`
  631. VerifyCode string `description:"验证码"`
  632. UserName string `description:"用户名"`
  633. Mobile string `description:"手机号"`
  634. Email string `description:"邮箱"`
  635. }
  636. var req ForgetCodeVerifyReq
  637. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  638. if err != nil {
  639. br.Msg = "参数解析异常!"
  640. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  641. return
  642. }
  643. req.UserName = strings.TrimSpace(req.UserName)
  644. if req.UserName == "" {
  645. br.Msg = "请输入账号"
  646. return
  647. }
  648. if req.VerifyCode == "" {
  649. br.Msg = "请输入验证码"
  650. return
  651. }
  652. // 手机号找回
  653. var verifyRes bool
  654. if req.FindType == 1 {
  655. req.Mobile = strings.TrimSpace(req.Mobile)
  656. if req.Mobile == "" {
  657. br.Msg = "请输入手机号"
  658. return
  659. }
  660. if !utils.ValidateMobileFormatat(req.Mobile) {
  661. br.Msg = "您的手机号输入有误, 请检查"
  662. return
  663. }
  664. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  665. recordCond := ` AND source = ? AND mobile = ? AND code = ? AND expired_time <= ?`
  666. recordPars := make([]interface{}, 0)
  667. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceForget, req.Mobile, req.VerifyCode, expiredTime)
  668. recordOb := new(system.AdminVerifyCodeRecord)
  669. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  670. if e != nil {
  671. if e.Error() == utils.ErrNoRow() {
  672. br.Msg = "验证码错误, 请重新输入"
  673. return
  674. }
  675. br.Msg = "验证码错误, 请重新输入"
  676. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  677. return
  678. }
  679. verifyRes = true
  680. }
  681. // 邮箱找回
  682. if req.FindType == 2 {
  683. req.Email = strings.TrimSpace(req.Email)
  684. if req.Email == "" {
  685. br.Msg = "请输入邮箱"
  686. return
  687. }
  688. if !utils.ValidateEmailFormatat(req.Email) {
  689. br.Msg = "您的邮箱输入有误, 请检查"
  690. return
  691. }
  692. expiredTime := time.Now().Add(utils.VerifyCodeExpireMinute * time.Minute).Format(utils.FormatDateTime)
  693. recordCond := ` AND source = ? AND email = ? AND code = ? AND expired_time <= ?`
  694. recordPars := make([]interface{}, 0)
  695. recordPars = append(recordPars, system.AdminVerifyCodeRecordSourceForget, req.Email, req.VerifyCode, expiredTime)
  696. recordOb := new(system.AdminVerifyCodeRecord)
  697. _, e := recordOb.GetItemByCondition(recordCond, recordPars)
  698. if e != nil {
  699. if e.Error() == utils.ErrNoRow() {
  700. br.Msg = "验证码错误, 请重新输入"
  701. return
  702. }
  703. br.Msg = "验证码错误, 请重新输入"
  704. br.ErrMsg = "获取手机号登陆验证码失败, Err: " + e.Error()
  705. return
  706. }
  707. verifyRes = true
  708. }
  709. if verifyRes {
  710. successKey := fmt.Sprint(utils.CACHE_FIND_PASS_VERIFY, req.UserName)
  711. _ = utils.Rc.Put(successKey, "true", utils.GetTodayLastSecond())
  712. }
  713. br.Data = verifyRes
  714. br.Ret = 200
  715. br.Success = true
  716. br.Msg = "操作成功"
  717. }
  718. // ForgetResetPass
  719. // @Title 忘记密码-重置密码
  720. // @Description 忘记密码-重置密码
  721. // @Param request body ForgetResetPassReq true "type json string"
  722. // @Success 200 Ret=200 获取成功
  723. // @router /forget/reset_pass [post]
  724. func (this *UserLoginController) ForgetResetPass() {
  725. br := new(models.BaseResponse).Init()
  726. defer func() {
  727. if br.ErrMsg == "" {
  728. br.IsSendEmail = false
  729. }
  730. this.Data["json"] = br
  731. this.ServeJSON()
  732. }()
  733. type ForgetResetPassReq struct {
  734. UserName string `description:"用户名"`
  735. Password string `description:"密码"`
  736. RePassword string `description:"重复密码"`
  737. }
  738. var req ForgetResetPassReq
  739. err := json.Unmarshal(this.Ctx.Input.RequestBody, &req)
  740. if err != nil {
  741. br.Msg = "参数解析异常!"
  742. br.ErrMsg = "参数解析失败,Err:" + err.Error()
  743. return
  744. }
  745. req.UserName = strings.TrimSpace(req.UserName)
  746. if req.UserName == "" {
  747. br.Msg = "请输入账号"
  748. return
  749. }
  750. req.Password = strings.TrimSpace(req.Password)
  751. if req.Password == "" {
  752. br.Msg = "请输入新密码"
  753. return
  754. }
  755. req.RePassword = strings.TrimSpace(req.RePassword)
  756. if req.RePassword == "" {
  757. br.Msg = "请确认新密码"
  758. return
  759. }
  760. if req.Password != req.RePassword {
  761. br.Msg = "两次密码输入不一致, 请检查"
  762. return
  763. }
  764. // 接上一步-验证码校验成功后才允许修改
  765. successKey := fmt.Sprint(utils.CACHE_FIND_PASS_VERIFY, req.UserName)
  766. verifyOk, _ := utils.Rc.RedisString(successKey)
  767. if verifyOk != "true" {
  768. br.Msg = "验证码校验失效, 请重新验证"
  769. br.ErrMsg = "重置密码异常, 验证码校验已失效"
  770. return
  771. }
  772. sysUser, e := system.GetSysAdminByName(req.UserName)
  773. if e != nil {
  774. if e.Error() == utils.ErrNoRow() {
  775. br.Msg = "用户不存在, 请检查"
  776. return
  777. }
  778. br.Msg = "操作失败"
  779. br.ErrMsg = "密码找回获取用户失败, Err:" + e.Error()
  780. return
  781. }
  782. b, e := base64.StdEncoding.DecodeString(req.Password)
  783. if e != nil {
  784. br.Msg = "操作失败"
  785. br.ErrMsg = "解析密码失败, Err:" + e.Error()
  786. return
  787. }
  788. pwd := string(b)
  789. pwd = utils.MD5(pwd)
  790. sysUser.Password = pwd
  791. sysUser.LastUpdatedPasswordTime = time.Now().Format(utils.FormatDateTime)
  792. // 重置密码后更新一下登录时间, 不然账号密码登录如果超过60天还会被异常校验再校验一次, 影响体验
  793. sysUser.LastLoginTime = time.Now().Format(utils.FormatDateTime)
  794. sysUser.LastUpdatedTime = time.Now().Format(utils.FormatDateTime)
  795. if e = sysUser.Update([]string{"Password", "LastUpdatedPasswordTime", "LastLoginTime", "LastUpdatedTime"}); e != nil {
  796. br.Msg = "操作失败"
  797. br.ErrMsg = "更新密码失败, Err: " + e.Error()
  798. return
  799. }
  800. // 如果有异常标记也清除掉
  801. abnormalKey := fmt.Sprint(utils.CACHE_ABNORMAL_LOGIN, req.UserName)
  802. _ = utils.Rc.Delete(abnormalKey)
  803. _ = utils.Rc.Delete(successKey)
  804. br.Data = true
  805. br.Ret = 200
  806. br.Success = true
  807. br.Msg = "操作成功"
  808. }
  809. // AreaCodeList
  810. // @Title 手机号区号列表
  811. // @Description 手机号区号列表
  812. // @Success 200 Ret=200 获取成功
  813. // @router /area_code/list [get]
  814. func (this *UserLoginController) AreaCodeList() {
  815. br := new(models.BaseResponse).Init()
  816. defer func() {
  817. if br.ErrMsg == "" {
  818. br.IsSendEmail = false
  819. }
  820. this.Data["json"] = br
  821. this.ServeJSON()
  822. }()
  823. type AreaCodeListResp struct {
  824. Name string `description:"地区"`
  825. Value string `description:"区号"`
  826. }
  827. resp := make([]AreaCodeListResp, 0)
  828. confAuth, e := company.GetConfigDetailByCode(company.ConfAreaCodeListKey)
  829. if e != nil {
  830. br.Msg = "获取失败"
  831. br.ErrMsg = "获取手机号区号配置失败, Err: " + e.Error()
  832. return
  833. }
  834. if confAuth.ConfigValue == "" {
  835. br.Msg = "获取失败"
  836. br.ErrMsg = "手机号区号配置为空"
  837. return
  838. }
  839. if e := json.Unmarshal([]byte(confAuth.ConfigValue), &resp); e != nil {
  840. br.Msg = "获取失败"
  841. br.ErrMsg = "手机号区号配置有误"
  842. return
  843. }
  844. br.Data = resp
  845. br.Ret = 200
  846. br.Success = true
  847. br.Msg = "获取成功"
  848. }