fix

server/ldap-admin/internal/handler/ldapuserloginhandler.go

@@ -0,0 +1,35 @@
+package handler
+
+import (
+	"net/http"
+	"reflect"
+
+	"fusenapi/utils/basic"
+
+	"fusenapi/server/ldap-admin/internal/logic"
+	"fusenapi/server/ldap-admin/internal/svc"
+	"fusenapi/server/ldap-admin/internal/types"
+)
+
+func LdapUserLoginHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		var req types.LdapUserLoginReq
+		userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
+		if err != nil {
+			return
+		}
+
+		// 创建一个业务逻辑层实例
+		l := logic.NewLdapUserLoginLogic(r.Context(), svcCtx)
+
+		rl := reflect.ValueOf(l)
+		basic.BeforeLogic(w, r, rl)
+
+		resp := l.LdapUserLogin(&req, userinfo)
+
+		if !basic.AfterLogic(w, r, rl, resp) {
+			basic.NormalAfterLogic(w, r, resp)
+		}
+	}
+}

server/ldap-admin/internal/handler/routes.go

@@ -147,6 +147,11 @@ func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) {
 				Path:    "/api/ldap-admin/get_ldap_users",
 				Handler: GetLdapUsersHandler(serverCtx),
 			},
+			{
+				Method:  http.MethodPost,
+				Path:    "/api/ldap-admin/ldap_user_login",
+				Handler: LdapUserLoginHandler(serverCtx),
+			},
 		},
 	)
 }

server/ldap-admin/internal/logic/ldapuserloginlogic.go

@@ -0,0 +1,82 @@
+package logic
+
+import (
+	"fmt"
+	"fusenapi/utils/auth"
+	"fusenapi/utils/basic"
+	"fusenapi/utils/email"
+	"fusenapi/utils/encryption_decryption"
+	"fusenapi/utils/ldap_lib"
+	"strings"
+
+	"context"
+
+	"fusenapi/server/ldap-admin/internal/svc"
+	"fusenapi/server/ldap-admin/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type LdapUserLoginLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewLdapUserLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *LdapUserLoginLogic {
+	return &LdapUserLoginLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+// 处理进入前逻辑w,r
+// func (l *LdapUserLoginLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
+// }
+
+func (l *LdapUserLoginLogic) LdapUserLogin(req *types.LdapUserLoginReq, userinfo *auth.UserInfo) (resp *basic.Response) {
+	req.Email = strings.Trim(req.Email, " ")
+	req.Password = strings.Trim(req.Password, " ")
+	if !email.IsEmailValid(req.Email) {
+		return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "邮箱格式不正确")
+	}
+	userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN)
+	//查询dn
+	ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
+	ldapUserInfo, err := ldapServer.GetLdapUserInfo(userDN)
+	if err != nil {
+		logx.Error(err)
+		return resp.SetStatusWithMessage(basic.CodeServiceErr, "获取用户信息失败,"+err.Error())
+	}
+	if ldapUserInfo.Status != 1 {
+		return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限登录")
+	}
+	if len(ldapUserInfo.Password) <= 7 {
+		return resp.SetStatusWithMessage(basic.CodeUnAuth, "该帐号密码异常")
+	}
+	//解密密码
+	ldapPwd, err := encryption_decryption.CBCDecrypt(ldapUserInfo.Password[7:])
+	if err != nil {
+		logx.Error(err)
+		return resp.SetStatusWithMessage(basic.CodeServiceErr, "验证密码出错了!")
+	}
+	//比较密码
+	if ldapPwd != req.Password {
+		return resp.SetStatusWithMessage(basic.CodeServiceErr, "密码错误!")
+	}
+	//生成token
+	token, err := ldapServer.GenJwtToken(ldapUserInfo.UserId, 36000, ldapUserInfo.UserDN, ldapUserInfo.Password)
+	if err != nil {
+		logx.Error(err)
+		return resp.SetStatusWithMessage(basic.CodeServiceErr, "生成登录凭证失败")
+	}
+	return resp.SetStatusWithMessage(basic.CodeOK, "success", types.LdapUserLoginRsp{
+		Token: token,
+	})
+}
+
+// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
+// func (l *LdapUserLoginLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
+// // httpx.OkJsonCtx(r.Context(), w, resp)
+// }

server/ldap-admin/internal/types/types.go

@@ -225,6 +225,15 @@ type GetLdapUsersItem struct {
 	Status       int64  `json:"status,options=0|1"` //状态 1正常0离职
 }
 
+type LdapUserLoginReq struct {
+	Email    string `json:"email"`
+	Password string `json:"password"`
+}
+
+type LdapUserLoginRsp struct {
+	Token string `json:"token"`
+}
+
 type Request struct {
 }