fix

server/auth/internal/handler/routes.go

@@ -52,6 +52,11 @@ func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) {
 				Path:    "/api/auth/reset/password",
 				Handler: UserResetPasswordHandler(serverCtx),
 			},
+			{
+				Method:  http.MethodPost,
+				Path:    "/api/auth/reset/password/html",
+				Handler: UserResetPasswordHtmlHandler(serverCtx),
+			},
 			{
 				Method:  http.MethodPost,
 				Path:    "/api/auth/debug/delete",

server/auth/internal/handler/userresetpasswordhtmlhandler.go

@@ -0,0 +1,35 @@
+package handler
+
+import (
+	"net/http"
+	"reflect"
+
+	"fusenapi/utils/basic"
+
+	"fusenapi/server/auth/internal/logic"
+	"fusenapi/server/auth/internal/svc"
+	"fusenapi/server/auth/internal/types"
+)
+
+func UserResetPasswordHtmlHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		var req types.RequestUserResetHtml
+		userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
+		if err != nil {
+			return
+		}
+
+		// 创建一个业务逻辑层实例
+		l := logic.NewUserResetPasswordHtmlLogic(r.Context(), svcCtx)
+
+		rl := reflect.ValueOf(l)
+		basic.BeforeLogic(w, r, rl)
+
+		resp := l.UserResetPasswordHtml(&req, userinfo)
+
+		if !basic.AfterLogic(w, r, rl, resp) {
+			basic.NormalAfterLogic(w, r, resp)
+		}
+	}
+}

server/auth/internal/logic/useremailconfirmationlogic.go

@@ -144,6 +144,10 @@ func (l *UserEmailConfirmationLogic) UserEmailConfirmation(req *types.RequestEma
 			return resp.SetStatus(basic.CodeOAuthResetTokenDecryptErr, err.Error())
 		}
 
+		if time.Since(rt.CreateAt) > 30*time.Minute {
+			return resp.SetStatusWithMessage(basic.CodeOAuthConfirmationTimeoutErr, "Verification links expire after 30 minute.")
+		}
+
 		// TODO: 存储
 		if rt.OperateType != auth.OpTypeResetToken {
 			return resp.SetStatus(basic.CodeOAuthTypeErr, "error OperateType: rt.OperateType != auth.OpTypeResetToken")

server/auth/internal/logic/userregisterlogic.go

@@ -58,7 +58,7 @@ func (l *UserRegisterLogic) UserRegister(req *types.RequestUserRegister, userinf
 		Password:    req.Password,
 		Platform:    string(auth.PLATFORM_FUSEN),
 		TraceId:     uuid.NewString(),
-		CreateAt:    time.Now(),
+		CreateAt:    time.Now().UTC(),
 		Extend: map[string]interface{}{
 			"first_name":  req.FirstName,
 			"last_name":   req.LastName,

server/auth/internal/logic/userresetpasswordhtmllogic.go

@@ -0,0 +1,61 @@
+package logic
+
+import (
+	"fusenapi/utils/auth"
+	"fusenapi/utils/basic"
+	"net/http"
+
+	"context"
+
+	"fusenapi/server/auth/internal/svc"
+	"fusenapi/server/auth/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+	"github.com/zeromicro/go-zero/rest/httpx"
+)
+
+type UserResetPasswordHtmlLogic struct {
+	logx.Logger
+	ctx        context.Context
+	svcCtx     *svc.ServiceContext
+	ResetToken string
+}
+
+func NewUserResetPasswordHtmlLogic(ctx context.Context, svcCtx *svc.ServiceContext) *UserResetPasswordHtmlLogic {
+	return &UserResetPasswordHtmlLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+// 处理进入前逻辑w,r
+// func (l *UserResetPasswordHtmlLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
+// }
+
+func (l *UserResetPasswordHtmlLogic) UserResetPasswordHtml(req *types.RequestUserResetHtml, userinfo *auth.UserInfo) (resp *basic.Response) {
+	// 返回值必须调用Set重新返回, resp可以空指针调用 resp.SetStatus(basic.CodeOK, data)
+	// userinfo 传入值时, 一定不为null
+
+	if len(req.ResetToken) <= 16 {
+		return resp.SetStatus(basic.CodeOAuthResetTokenDecryptErr)
+	}
+
+	l.ResetToken = req.ResetToken
+
+	return resp.SetStatus(basic.CodeOK)
+}
+
+// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
+func (l *UserResetPasswordHtmlLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
+
+	err := tpls.ExecuteTemplate(w, "reset_confirm.tpl", map[string]string{
+		"ResetToken":        l.ResetToken,
+		"ResetPasswordLink": l.svcCtx.Config.MainAddress + "/api/auth/reset/password",
+	})
+	if err != nil {
+		httpx.OkJsonCtx(l.ctx, w, resp.SetStatusWithMessage(basic.CodeTemplateErr, err.Error()))
+	} else {
+		httpx.Ok(w)
+	}
+}

server/auth/internal/logic/userresetpasswordlogic.go

@@ -1,8 +1,11 @@
 package logic
 
 import (
+	"fmt"
+	"fusenapi/model/gmodel"
 	"fusenapi/utils/auth"
 	"fusenapi/utils/basic"
+	"fusenapi/utils/wevent"
 	"time"
 
 	"context"
@@ -10,8 +13,8 @@ import (
 	"fusenapi/server/auth/internal/svc"
 	"fusenapi/server/auth/internal/types"
 
-	"github.com/google/uuid"
 	"github.com/zeromicro/go-zero/core/logx"
+	"gorm.io/gorm"
 )
 
 type UserResetPasswordLogic struct {
@@ -36,43 +39,75 @@ func (l *UserResetPasswordLogic) UserResetPassword(req *types.RequestUserResetPa
 	// 返回值必须调用Set重新返回, resp可以空指针调用 resp.SetStatus(basic.CodeOK, data)
 	// userinfo 传入值时, 一定不为null
 
-	user, err := l.svcCtx.AllModels.FsUser.FindUserByEmail(context.TODO(), req.Email)
+	rt, err := l.svcCtx.ResetTokenManger.Decrypt(req.ResetToken) // ResetToken
 	if err != nil {
 		logx.Error(err)
-		return resp.SetStatus(basic.CodeRequestParamsErr, err.Error())
+		return resp.SetStatus(basic.CodeOAuthResetTokenDecryptErr, err.Error())
 	}
 
-	token := &auth.ResetToken{
-		// 操作的类型, 验证的token 必须要继承这个
-		OperateType: auth.OpTypeResetToken,
-		UserId:      userinfo.UserId,
-		Wid:         req.Wid,
-		Email:       req.Email,
-		OldPassword: *user.PasswordHash,
-		TraceId:     uuid.NewString(),
-		CreateAt:    time.Now().UTC(),
+	// TODO: 存储
+	if rt.OperateType != auth.OpTypeResetToken {
+		return resp.SetStatus(basic.CodeOAuthTypeErr, "error OperateType: rt.OperateType != auth.OpTypeResetToken")
 	}
 
-	clurl, err := l.svcCtx.ResetTokenManger.Encrypt(token)
+	if time.Since(rt.CreateAt) > 30*time.Minute {
+		return resp.SetStatusWithMessage(basic.CodeOAuthConfirmationTimeoutErr, "Verification links expire after 30 minute.")
+	}
+
+	err = l.svcCtx.AllModels.FsUser.Transaction(l.ctx, func(tx *gorm.DB) error {
+		user := &gmodel.FsUser{Id: int64(rt.UserId)}
+		err := tx.Take(user).Error
+		if err != nil {
+			return err
+		}
+		if *user.PasswordHash != rt.OldPassword {
+			return fmt.Errorf("password had been reset")
+		}
+		return tx.Update("PasswordHash", rt.NewPassword).Error
+	})
+
 	if err != nil {
-		logx.Error(err)
-		return resp.SetStatus(basic.CodeOAuthResetTokenEncryptErr, err.Error())
+		return resp.SetStatus(basic.CodeDbSqlErr, err.Error())
 	}
 
-	userName := *user.FirstName + " " + *user.LastName
-	// 进入发送邮箱的系统
-	EmailManager.EmailTasks <- &EmailFormat{
-		TemplateName:     "reset_password.tpl",
-		UniqueKey:        "register-" + req.Email,
-		TargetEmail:      req.Email,
-		CompanyName:      "fusen",
-		ConfirmationLink: clurl,
-		SenderName:       "support@fusenpack.com",
-		SenderTitle:      "register-valid",
-		Extend: map[string]string{
-			"UserName": userName,
-		},
-	} // email进入队
+	event := wevent.NewWebsocketEventSuccess(wevent.UserResetToken, rt.TraceId)
+	err = CommonNotify(l.svcCtx.Config.MainAddress, rt.Wid, event)
+	if err != nil {
+		logx.Error(err, rt.TraceId)
+		return resp.SetStatus(basic.CodeResetPasswordErr, err.Error())
+	}
+
+	// token := &auth.ResetToken{
+	// 	// 操作的类型, 验证的token 必须要继承这个
+	// 	OperateType: auth.OpTypeResetToken,
+	// 	UserId:      userinfo.UserId,
+	// 	Wid:         rt.Wid,
+	// 	Email:       rt.Email,
+	// 	OldPassword: *user.PasswordHash,
+	// 	TraceId:     uuid.NewString(),
+	// 	CreateAt:    time.Now().UTC(),
+	// }
+
+	// clurl, err := l.svcCtx.ResetTokenManger.Encrypt(token)
+	// if err != nil {
+	// 	logx.Error(err)
+	// 	return resp.SetStatus(basic.CodeOAuthResetTokenEncryptErr, err.Error())
+	// }
+
+	// userName := *user.FirstName + " " + *user.LastName
+	// // 进入发送邮箱的系统
+	// EmailManager.EmailTasks <- &EmailFormat{
+	// 	TemplateName:     "reset_password.tpl",
+	// 	UniqueKey:        "register-" + req.Email,
+	// 	TargetEmail:      req.Email,
+	// 	CompanyName:      "fusen",
+	// 	ConfirmationLink: clurl,
+	// 	SenderName:       "support@fusenpack.com",
+	// 	SenderTitle:      "register-valid",
+	// 	Extend: map[string]string{
+	// 		"UserName": userName,
+	// 	},
+	// } // email进入队
 
 	return resp.SetStatus(basic.CodeOK)
 

server/auth/internal/logic/userresettokenlogic.go

@@ -36,8 +36,6 @@ func (l *UserResetTokenLogic) UserResetToken(req *types.RequestUserResetToken, u
 	// 返回值必须调用Set重新返回, resp可以空指针调用 resp.SetStatus(basic.CodeOK, data)
 	// userinfo 传入值时, 一定不为null
 
-	return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "废弃")
-
 	user, err := l.svcCtx.AllModels.FsUser.FindUserByEmail(context.TODO(), req.Email)
 	if err != nil {
 		logx.Error(err)
@@ -47,7 +45,7 @@ func (l *UserResetTokenLogic) UserResetToken(req *types.RequestUserResetToken, u
 	token := &auth.ResetToken{
 		// 操作的类型, 验证的token 必须要继承这个
 		OperateType: auth.OpTypeResetToken,
-		UserId:      userinfo.UserId,
+		UserId:      user.Id,
 		Wid:         req.Wid,
 		Email:       req.Email,
 		OldPassword: *user.PasswordHash,
@@ -55,17 +53,60 @@ func (l *UserResetTokenLogic) UserResetToken(req *types.RequestUserResetToken, u
 		CreateAt:    time.Now().UTC(),
 	}
 
-	rtoken, err := l.svcCtx.ResetTokenManger.Encrypt(token)
+	resetToken, err := l.svcCtx.ResetTokenManger.Encrypt(token)
 	if err != nil {
 		logx.Error(err)
 		return resp.SetStatus(basic.CodeOAuthResetTokenEncryptErr, err.Error())
 	}
 
-	data := types.DataResetToken{
-		ResetToken: rtoken,
-	}
+	userName := *user.FirstName + " " + *user.LastName
+	// 进入发送邮箱的系统
+	EmailManager.EmailTasks <- &EmailFormat{
+		TemplateName:     "reset_password.tpl",
+		UniqueKey:        "reset_password-" + req.Email,
+		TargetEmail:      req.Email,
+		CompanyName:      "fusen",
+		ConfirmationLink: resetToken, // 跳转连接
+		SenderName:       "support@fusenpack.com",
+		SenderTitle:      "register-valid",
+		Extend: map[string]string{
+			"UserName":   userName,
+			"ResetToken": resetToken,
+		},
+	} // email进入队
 
-	return resp.SetStatus(basic.CodeOK, data)
+	return resp.SetStatus(basic.CodeOK)
+
+	// return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "废弃")
+
+	// user, err := l.svcCtx.AllModels.FsUser.FindUserByEmail(context.TODO(), req.Email)
+	// if err != nil {
+	// 	logx.Error(err)
+	// 	return resp.SetStatus(basic.CodeRequestParamsErr, err.Error())
+	// }
+
+	// token := &auth.ResetToken{
+	// 	// 操作的类型, 验证的token 必须要继承这个
+	// 	OperateType: auth.OpTypeResetToken,
+	// 	UserId:      userinfo.UserId,
+	// 	Wid:         req.Wid,
+	// 	Email:       req.Email,
+	// 	OldPassword: *user.PasswordHash,
+	// 	TraceId:     uuid.NewString(),
+	// 	CreateAt:    time.Now().UTC(),
+	// }
+
+	// rtoken, err := l.svcCtx.ResetTokenManger.Encrypt(token)
+	// if err != nil {
+	// 	logx.Error(err)
+	// 	return resp.SetStatus(basic.CodeOAuthResetTokenEncryptErr, err.Error())
+	// }
+
+	// data := types.DataResetToken{
+	// 	ResetToken: rtoken,
+	// }
+
+	// return resp.SetStatus(basic.CodeOK, data)
 }
 
 // 处理逻辑后 w,r 如:重定向, resp 必须重新处理

server/auth/internal/logic/websocket_test.go

@@ -4,14 +4,32 @@ import (
 	"bytes"
 	"fmt"
 	"fusenapi/utils/wevent"
+	"io"
 	"log"
+	"net/http"
 	"testing"
 
 	"github.com/474420502/requests"
 	"github.com/google/uuid"
+	"github.com/gorilla/mux"
+	"github.com/rs/cors"
 	"github.com/zeromicro/go-zero/core/logx"
 )
 
+func TestPost(t *testing.T) {
+	r := mux.NewRouter()
+
+	r.HandleFunc("/aaa", func(w http.ResponseWriter, r *http.Request) {
+		d, _ := io.ReadAll(r.Body)
+		log.Println(string(d))
+	}).Methods("POST")
+
+	handler := cors.Default().Handler(r)
+
+	log.Println("Server listening on :2223")
+	log.Fatal(http.ListenAndServe(":2223", handler))
+}
+
 func TestEmailTpl(t *testing.T) {
 	data := map[string]string{
 		"CompanyName":      "companyName",

server/auth/internal/types/types.go

@@ -36,9 +36,13 @@ type DataResetToken struct {
 	ResetToken string `json:"reset_token"` // 获取重置的token
 }
 
+type RequestUserResetHtml struct {
+	ResetToken string `json:"reset_token"`
+}
+
 type RequestUserResetPassword struct {
-	Wid   string `json:"wid"`
-	Email string `json:"email"` // email
+	ResetToken  string `json:"reset_token"`
+	NewPassword string `json:"new_password"`
 }
 
 type RequestGoogleLogin struct {