hz_crm_eta/controller/auth.go

package controller

import (
	"encoding/base64"
	"fmt"
	"github.com/gin-gonic/gin"
	"github.com/go-playground/validator/v10"
	"hongze/hz_crm_eta/controller/resp"
	"hongze/hz_crm_eta/global"
	"hongze/hz_crm_eta/models/crm"
	"hongze/hz_crm_eta/models/eta"
	"hongze/hz_crm_eta/models/rddp"
	"hongze/hz_crm_eta/models/request"
	"hongze/hz_crm_eta/models/response"
	"hongze/hz_crm_eta/services"
	"hongze/hz_crm_eta/utils"
	"time"
)

type AuthController struct{}

// CreateAuthCode
// @Description 生成编码
// @Success 200 {string} string "获取成功"
// @Router /auth/auth_code [post]
func (a *AuthController) CreateAuthCode(c *gin.Context) {
	var req request.CreateAuthCodeReq
	err := c.Bind(&req)
	if err != nil {
		errs, ok := err.(validator.ValidationErrors)
		if !ok {
			resp.FailData("参数解析失败", "Err:"+err.Error(), c)
			return
		}
		resp.FailData("参数解析失败", errs.Translate(global.Trans), c)
		return
	}

	prefix := map[int]string{
		utils.SOURCE_CRM_FLAG: utils.CACHE_ETA_AUTH_CODE_PREFIX,
		utils.SOURCE_ETA_FLAG: utils.CACHE_CRM_AUTH_CODE_PREFIX,
	}
	str := base64.URLEncoding.EncodeToString([]byte(req.AdminName))
	key := fmt.Sprint(prefix[req.Source], str)

	// 是否已生成但未消费
	exist, _ := global.Rc.RedisString(key)
	if exist != "" {
		resp.OkData("获取成功", str, c)
		return
	}
	if global.Rc.SetNX(key, req.AdminName, utils.GetTodayLastSecond()) {
		resp.OkData("获取成功", str, c)
		return
	}
	return
}

// GetEtaToken
// @Description 换取ETA系统Token
// @Success 200 {string} string "操作成功"
// @Router /auth/eta_token [post]
func (a *AuthController) GetEtaToken(c *gin.Context) {
	var req request.TokenLoginReq
	err := c.Bind(&req)
	if err != nil {
		errs, ok := err.(validator.ValidationErrors)
		if !ok {
			resp.FailData("参数解析失败", "Err:"+err.Error(), c)
			return
		}
		resp.FailData("参数解析失败", errs.Translate(global.Trans), c)
		return
	}

	key := fmt.Sprint(utils.CACHE_ETA_AUTH_CODE_PREFIX, req.AuthCode)
	adminName, e := global.Rc.RedisString(key)
	if e != nil {
		resp.FailMsg("获取失败", "获取失败, Redis Err: "+e.Error(), c)
		return
	}
	if adminName == "" {
		resp.Fail("获取失败, 无效编码", c)
		return
	}
	// 清除AuthCode
	defer func() {
		_ = global.Rc.Delete(key)
	}()

	// 获取用户信息
	sysUser, e := eta.GetSysUserByAdminName(adminName)
	if e != nil {
		if e == utils.ErrNoRow {
			resp.Fail("用户不存在", c)
			return
		}
		resp.FailMsg("获取失败", "获取用户信息失败, err: "+e.Error(), c)
		return
	}

	var token string
	account := utils.MD5(adminName)
	token = utils.GenToken(account)
	sysSession := new(eta.SysSession)
	sysSession.UserName = adminName
	sysSession.SysUserId = sysUser.AdminId
	sysSession.ExpiredTime = time.Now().Add(time.Hour) // token有效期现在均为1h
	sysSession.IsRemember = 0
	sysSession.CreatedTime = time.Now()
	sysSession.LastUpdatedTime = time.Now()
	sysSession.AccessToken = token
	if e := eta.AddSysSession(sysSession); e != nil {
		resp.FailMsg("获取失败", "新增session失败, err: "+e.Error(), c)
		return
	}

	login := new(response.LoginResp)
	login.Authorization = token
	login.Authorization = "authorization=" + token + "$account=" + account
	login.RealName = sysUser.RealName
	login.AdminId = sysUser.AdminId
	login.AdminName = sysUser.AdminName
	login.RoleName = sysUser.RoleName
	login.SysRoleTypeCode = sysUser.RoleTypeCode //系统角色编码
	login.RoleTypeCode = sysUser.RoleTypeCode
	login.Authority = sysUser.Authority

	// 判断实际的角色类型
	if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_GROUP {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
	}
	if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_TEAM {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
	}
	if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_DEPARTMENT {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
	}
	if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_GROUP {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
	}
	if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_DEPARTMENT {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
	}
	if sysUser.RoleName == utils.ROLE_NAME_FICC_DIRECTOR {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
	}

	// 角色产品ID
	productId := services.GetProductId(sysUser.RoleTypeCode)
	productIdName := map[int]string{
		0:                             "admin",
		utils.COMPANY_PRODUCT_FICC_ID: utils.COMPANY_PRODUCT_FICC_NAME,
		utils.COMPANY_PRODUCT_RAI_ID:  utils.COMPANY_PRODUCT_RAI_NAME,
	}
	login.ProductName = productIdName[productId]

	// 新增登录记录
	{
		record := new(eta.SysUserLoginRecord)
		record.Uid = sysUser.AdminId
		record.UserName = adminName
		record.Ip = c.RemoteIP()
		record.Stage = "login"
		record.CreateTime = time.Now()
		go eta.AddSysUserLoginRecord(record)
	}

	resp.OkData("获取成功", login, c)
}

// GetCrmToken
// @Description 换取CRM系统Token
// @Success 200 {string} string "操作成功"
// @Router /auth/crm_token [post]
func (a *AuthController) GetCrmToken(c *gin.Context) {
	var req request.TokenLoginReq
	err := c.Bind(&req)
	if err != nil {
		errs, ok := err.(validator.ValidationErrors)
		if !ok {
			resp.FailData("参数解析失败", "Err:"+err.Error(), c)
			return
		}
		resp.FailData("参数解析失败", errs.Translate(global.Trans), c)
		return
	}

	key := fmt.Sprint(utils.CACHE_CRM_AUTH_CODE_PREFIX, req.AuthCode)
	adminName, e := global.Rc.RedisString(key)
	if e != nil {
		resp.FailMsg("获取失败", "获取失败, Redis Err: "+e.Error(), c)
		return
	}
	if adminName == "" {
		resp.Fail("获取失败, 无效编码", c)
		return
	}
	// 清除AuthCode
	defer func() {
		_ = global.Rc.Delete(key)
	}()

	// 获取用户信息
	sysUser, e := crm.GetSysUserByAdminName(adminName)
	if e != nil {
		if e == utils.ErrNoRow {
			resp.Fail("用户不存在", c)
			return
		}
		resp.FailMsg("获取失败", "获取用户信息失败, err: "+e.Error(), c)
		return
	}

	// 是否重新生成token
	var isRegenerate bool

	var token string
	account := utils.MD5(adminName)
	// 获取用户未过期的session, 避免过于频繁生成token
	expired := time.Now().AddDate(0, 0, 1).Format(utils.FormatDateTime)
	session, _ := rddp.GetUserUnexpiredSysSession(adminName, expired)
	if session != nil && session.AccessToken != "" {
		token = session.AccessToken

		// 校验缓存中token是否过期，如果过期了，那么需要重新生成
		loginKey := fmt.Sprint(utils.CACHE_ACCESS_TOKEN_LOGIN, session.Id)
		loginInfo, _ := global.Rc.RedisString(loginKey)
		if loginInfo == `` {
			isRegenerate = true
		}
	} else {
		// 没有获取到用户未过期的session，那么需要重新生成
		isRegenerate = true
	}

	// 重新生成token
	if isRegenerate {
		token = utils.GenToken(account)
		sysSession := new(rddp.SysSession)
		sysSession.UserName = adminName
		sysSession.SysUserId = sysUser.AdminId
		sysSession.ExpiredTime = time.Now().Add(time.Hour) // token有效期现在均为1h
		sysSession.IsRemember = 1
		sysSession.CreatedTime = time.Now()
		sysSession.LastUpdatedTime = time.Now()
		sysSession.AccessToken = token
		if e := rddp.AddSysSession(sysSession); e != nil {
			resp.FailMsg("获取失败", "新增session失败, err: "+e.Error(), c)
			return
		}
	}

	login := new(response.LoginResp)
	login.Authorization = token
	login.Authorization = "authorization=" + token + "$account=" + account
	login.RealName = sysUser.RealName
	login.AdminId = sysUser.AdminId
	login.AdminName = sysUser.AdminName
	login.RoleName = sysUser.RoleName
	login.SysRoleTypeCode = sysUser.RoleTypeCode //系统角色编码
	login.RoleTypeCode = sysUser.RoleTypeCode
	login.Authority = sysUser.Authority

	// 判断实际的角色类型
	if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_GROUP {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
	}
	if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_TEAM {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
	}
	if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_FICC_DEPARTMENT {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
	}
	if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_GROUP {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
	}
	if sysUser.RoleTypeCode == utils.ROLE_TYPE_CODE_RAI_DEPARTMENT {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_RAI_SELLER
	}
	if sysUser.RoleName == utils.ROLE_NAME_FICC_DIRECTOR {
		login.RoleTypeCode = utils.ROLE_TYPE_CODE_FICC_SELLER
	}

	// 角色产品ID
	productId := services.GetProductId(sysUser.RoleTypeCode)
	productIdName := map[int]string{
		0:                             "admin",
		utils.COMPANY_PRODUCT_FICC_ID: utils.COMPANY_PRODUCT_FICC_NAME,
		utils.COMPANY_PRODUCT_RAI_ID:  utils.COMPANY_PRODUCT_RAI_NAME,
	}
	login.ProductName = productIdName[productId]

	// 新增登录记录
	{
		record := new(rddp.SysUserLoginRecord)
		record.Uid = sysUser.AdminId
		record.UserName = adminName
		record.Ip = c.RemoteIP()
		record.Stage = "login"
		record.CreateTime = time.Now()
		go rddp.AddSysUserLoginRecord(record)
	}

	resp.OkData("获取成功", login, c)
}