-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.go
117 lines (103 loc) 路 3.58 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
package service
import (
"context"
"time"
"github.com/xh-polaris/meowchat-core-api/biz/adaptor"
"github.com/xh-polaris/meowchat-core-api/biz/infrastructure/consts"
"github.com/xh-polaris/meowchat-core-api/biz/infrastructure/rpc/meowchat_content"
"github.com/golang-jwt/jwt/v4"
"github.com/google/wire"
"github.com/xh-polaris/service-idl-gen-go/kitex_gen/basic"
"github.com/xh-polaris/service-idl-gen-go/kitex_gen/platform/sts"
"github.com/xh-polaris/meowchat-core-api/biz/application/dto/meowchat/core_api"
"github.com/xh-polaris/meowchat-core-api/biz/infrastructure/config"
"github.com/xh-polaris/meowchat-core-api/biz/infrastructure/rpc/platform_sts"
"github.com/xh-polaris/meowchat-core-api/biz/infrastructure/util"
"github.com/xh-polaris/meowchat-core-api/biz/infrastructure/util/log"
)
type IAuthService interface {
SignIn(ctx context.Context, req *core_api.SignInReq) (*core_api.SignInResp, error)
SetPassword(ctx context.Context, req *core_api.SetPasswordReq) (*core_api.SetPasswordResp, error)
SendVerifyCode(ctx context.Context, req *core_api.SendVerifyCodeReq) (*core_api.SendVerifyCodeResp, error)
}
type AuthService struct {
Config *config.Config
Sts platform_sts.IPlatformSts
Content meowchat_content.IMeowchatContent
}
var AuthServiceSet = wire.NewSet(
wire.Struct(new(AuthService), "*"),
wire.Bind(new(IAuthService), new(*AuthService)),
)
func (s *AuthService) SignIn(ctx context.Context, req *core_api.SignInReq) (*core_api.SignInResp, error) {
resp := new(core_api.SignInResp)
rpcResp, err := s.Sts.SignIn(ctx, &sts.SignInReq{
AuthType: req.GetAuthType(),
AuthId: req.GetAuthId(),
Password: req.Password,
VerifyCode: req.VerifyCode,
})
if err != nil {
return nil, err
}
auth := s.Config.Auth
resp.AccessToken, resp.AccessExpire, err = generateJwtToken(req, rpcResp, auth.SecretKey, auth.AccessExpire)
if err != nil {
log.CtxError(ctx, "[generateJwtToken] fail, err=%v, config=%s, resp=%s", err, util.JSONF(s.Config.Auth), util.JSONF(rpcResp))
return nil, err
}
resp.UserId = rpcResp.GetUserId()
return resp, nil
}
func generateJwtToken(req *core_api.SignInReq, resp *sts.SignInResp, secret string, expire int64) (string, int64, error) {
key, err := jwt.ParseECPrivateKeyFromPEM([]byte(secret))
if err != nil {
return "", 0, err
}
iat := time.Now().Unix()
exp := iat + expire
claims := make(jwt.MapClaims)
claims["exp"] = exp
claims["iat"] = iat
claims["userId"] = resp.GetUserId()
claims["appId"] = req.GetAppId()
claims["deviceId"] = req.GetDeviceId()
claims["wechatUserMeta"] = &basic.WechatUserMeta{
AppId: resp.GetAppId(),
OpenId: resp.GetOpenId(),
UnionId: resp.GetUnionId(),
}
token := jwt.New(jwt.SigningMethodES256)
token.Claims = claims
tokenString, err := token.SignedString(key)
if err != nil {
return "", 0, err
}
return tokenString, exp, nil
}
func (s *AuthService) SetPassword(ctx context.Context, req *core_api.SetPasswordReq) (*core_api.SetPasswordResp, error) {
user := adaptor.ExtractUserMeta(ctx)
if user.GetUserId() == "" {
return nil, consts.ErrNotAuthentication
}
resp := new(core_api.SetPasswordResp)
_, err := s.Sts.SetPassword(ctx, &sts.SetPasswordReq{
UserId: user.UserId,
Password: req.Password,
})
if err != nil {
return nil, err
}
return resp, nil
}
func (s *AuthService) SendVerifyCode(ctx context.Context, req *core_api.SendVerifyCodeReq) (*core_api.SendVerifyCodeResp, error) {
resp := new(core_api.SendVerifyCodeResp)
_, err := s.Sts.SendVerifyCode(ctx, &sts.SendVerifyCodeReq{
AuthType: req.AuthType,
AuthId: req.AuthId,
})
if err != nil {
return nil, err
}
return resp, nil
}