重置密码

2023-08-11 17:39:18 +08:00
parent 9664271474
commit ae07370214
16 changed files with 275 additions and 55 deletions
--- a/server/auth/internal/handler/routes.go
+++ b/server/auth/internal/handler/routes.go
@@ -33,10 +33,20 @@ func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) {
 				Handler: UserEmailConfirmationHandler(serverCtx),
 			},
 			{
-				Method:  http.MethodGet,
+				Method:  http.MethodPost,
 				Path:    "/api/auth/oauth2/register",
 				Handler: UserEmailRegisterHandler(serverCtx),
 			},
+			{
+				Method:  http.MethodGet,
+				Path:    "/api/auth/reset/token",
+				Handler: UserResetTokenHandler(serverCtx),
+			},
+			{
+				Method:  http.MethodPost,
+				Path:    "/api/auth/reset/password",
+				Handler: UserResetPasswordHandler(serverCtx),
+			},
 		},
 	)
 }
--- a/server/auth/internal/handler/userresetpasswordhandler.go
+++ b/server/auth/internal/handler/userresetpasswordhandler.go
@@ -0,0 +1,35 @@
+package handler
+
+import (
+	"net/http"
+	"reflect"
+
+	"fusenapi/utils/basic"
+
+	"fusenapi/server/auth/internal/logic"
+	"fusenapi/server/auth/internal/svc"
+	"fusenapi/server/auth/internal/types"
+)
+
+func UserResetPasswordHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		var req types.RequestUserLogin
+		userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
+		if err != nil {
+			return
+		}
+
+		// 创建一个业务逻辑层实例
+		l := logic.NewUserResetPasswordLogic(r.Context(), svcCtx)
+
+		rl := reflect.ValueOf(l)
+		basic.BeforeLogic(w, r, rl)
+
+		resp := l.UserResetPassword(&req, userinfo)
+
+		if !basic.AfterLogic(w, r, rl, resp) {
+			basic.NormalAfterLogic(w, r, resp)
+		}
+	}
+}
--- a/server/auth/internal/handler/userresettokenhandler.go
+++ b/server/auth/internal/handler/userresettokenhandler.go
@@ -0,0 +1,35 @@
+package handler
+
+import (
+	"net/http"
+	"reflect"
+
+	"fusenapi/utils/basic"
+
+	"fusenapi/server/auth/internal/logic"
+	"fusenapi/server/auth/internal/svc"
+	"fusenapi/server/auth/internal/types"
+)
+
+func UserResetTokenHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		var req types.Request
+		userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
+		if err != nil {
+			return
+		}
+
+		// 创建一个业务逻辑层实例
+		l := logic.NewUserResetTokenLogic(r.Context(), svcCtx)
+
+		rl := reflect.ValueOf(l)
+		basic.BeforeLogic(w, r, rl)
+
+		resp := l.UserResetToken(&req, userinfo)
+
+		if !basic.AfterLogic(w, r, rl, resp) {
+			basic.NormalAfterLogic(w, r, resp)
+		}
+	}
+}
--- a/server/auth/internal/logic/useremailconfirmationlogic.go
+++ b/server/auth/internal/logic/useremailconfirmationlogic.go
@@ -36,7 +36,7 @@ func (l *UserEmailConfirmationLogic) UserEmailConfirmation(req *types.RequestEma
 	// 返回值必须调用Set重新返回, resp可以空指针调用 resp.SetStatus(basic.CodeOK, data)
 	// userinfo 传入值时, 一定不为null

-	token, err := l.svcCtx.TokenManger.Decrypt(req.Token)
+	token, err := l.svcCtx.RegisterTokenManger.Decrypt(req.Token)
 	if err != nil {
 		logx.Error(err)
 		return resp.SetStatus(basic.CodeOAuthRegisterTokenErr)
--- a/server/auth/internal/logic/useremailregisterlogic.go
+++ b/server/auth/internal/logic/useremailregisterlogic.go
@@ -47,7 +47,7 @@ func (l *UserEmailRegisterLogic) UserEmailRegister(req *types.RequestEmailRegist
 		return resp.SetStatus(basic.CodeOAuthEmailErr)
 	}

-	token, err := l.svcCtx.TokenManger.Decrypt(req.RegisterToken)
+	token, err := l.svcCtx.RegisterTokenManger.Decrypt(req.RegisterToken)
 	if err != nil {
 		logx.Error(err)
 		return resp.SetStatus(basic.CodeOAuthRegisterTokenErr)
@@ -59,10 +59,10 @@ func (l *UserEmailRegisterLogic) UserEmailRegister(req *types.RequestEmailRegist

 	// 确认email 重新序列化
 	token.Email = req.Email
-	token.WId = req.Wid
+	token.Wid = req.Wid
 	token.GuestId = req.GuestId

-	clurl, err := l.svcCtx.TokenManger.Generate(token)
+	clurl, err := l.svcCtx.RegisterTokenManger.Generate(token)
 	if err != nil {
 		logx.Error(err)
 		return resp.SetStatus(basic.CodeOAuthRegisterTokenErr)
--- a/server/auth/internal/logic/usergoogleloginlogic.go
+++ b/server/auth/internal/logic/usergoogleloginlogic.go
@@ -114,7 +114,7 @@ func (l *UserGoogleLoginLogic) UserGoogleLogin(req *types.RequestGoogleLogin, us
 		}

 		l.isRegistered = false
-		token, err := l.svcCtx.TokenManger.Encrypt(l.registerInfo)
+		token, err := l.svcCtx.RegisterTokenManger.Encrypt(l.registerInfo)
 		if err != nil {
 			logx.Error(err)
 			return resp.SetStatus(basic.CodeOAuthRegisterTokenErr)
--- a/server/auth/internal/logic/userresetpasswordlogic.go
+++ b/server/auth/internal/logic/userresetpasswordlogic.go
@@ -0,0 +1,43 @@
+package logic
+
+import (
+	"fusenapi/utils/auth"
+	"fusenapi/utils/basic"
+
+	"context"
+
+	"fusenapi/server/auth/internal/svc"
+	"fusenapi/server/auth/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type UserResetPasswordLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewUserResetPasswordLogic(ctx context.Context, svcCtx *svc.ServiceContext) *UserResetPasswordLogic {
+	return &UserResetPasswordLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+// 处理进入前逻辑w,r
+// func (l *UserResetPasswordLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
+// }
+
+func (l *UserResetPasswordLogic) UserResetPassword(req *types.RequestUserLogin, userinfo *auth.UserInfo) (resp *basic.Response) {
+	// 返回值必须调用Set重新返回, resp可以空指针调用 resp.SetStatus(basic.CodeOK, data)
+	// userinfo 传入值时, 一定不为null
+
+	return resp.SetStatus(basic.CodeOK)
+}
+
+// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
+// func (l *UserResetPasswordLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
+// // httpx.OkJsonCtx(r.Context(), w, resp)
+// }
--- a/server/auth/internal/logic/userresettokenlogic.go
+++ b/server/auth/internal/logic/userresettokenlogic.go
@@ -0,0 +1,65 @@
+package logic
+
+import (
+	"fusenapi/utils/auth"
+	"fusenapi/utils/basic"
+	"time"
+
+	"context"
+
+	"fusenapi/server/auth/internal/svc"
+	"fusenapi/server/auth/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type UserResetTokenLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewUserResetTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *UserResetTokenLogic {
+	return &UserResetTokenLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+// 处理进入前逻辑w,r
+// func (l *UserResetTokenLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
+// }
+
+func (l *UserResetTokenLogic) UserResetToken(req *types.RequestUserResetToken, userinfo *auth.UserInfo) (resp *basic.Response) {
+	// 返回值必须调用Set重新返回, resp可以空指针调用 resp.SetStatus(basic.CodeOK, data)
+	// userinfo 传入值时, 一定不为null
+	if !userinfo.IsUser() {
+		return resp.SetStatus(basic.CodeUnAuth)
+	}
+
+	user, err := l.svcCtx.AllModels.FsUser.FindUserById(context.TODO(), userinfo.UserId)
+	if err != nil {
+		logx.Error(err)
+		return resp.SetStatus(basic.CodeRequestParamsErr, err.Error())
+	}
+
+	token := &auth.ResetToken{
+		// 操作的类型, 验证的token 必须要继承这个
+		OperateType: auth.OpTypeResetToken,
+		UserId:      uint64(userinfo.UserId),
+		Wid:         req.Wid,
+		Email:       *user.Email,
+		Password:    *user.PasswordHash,
+		CreateAt:    time.Now(),
+	}
+
+	l.svcCtx.ResetTokenManger.Encrypt(token)
+
+	return resp.SetStatus(basic.CodeOK)
+}
+
+// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
+// func (l *UserResetTokenLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
+// // httpx.OkJsonCtx(r.Context(), w, resp)
+// }
--- a/server/auth/internal/svc/servicecontext.go
+++ b/server/auth/internal/svc/servicecontext.go
@@ -22,7 +22,8 @@ type ServiceContext struct {
 	MysqlConn *gorm.DB
 	AllModels *gmodel.AllModelsGen

-	TokenManger *auth.ConfirmationLink[auth.RegisterToken]
+	RegisterTokenManger *auth.ConfirmationLink[auth.RegisterToken]
+	ResetTokenManger    *auth.ConfirmationLink[auth.ResetToken]
 }

 func NewServiceContext(c config.Config) *ServiceContext {
@@ -30,11 +31,12 @@ func NewServiceContext(c config.Config) *ServiceContext {
 	// StateServer := shared.StartNode(c.ReplicaId, autoconfig.AutoGetAllServerConfig(), conn)

 	return &ServiceContext{
-		Config:      c,
-		MysqlConn:   conn,
-		SharedState: nil,
-		AllModels:   gmodel.NewAllModels(initalize.InitMysql(c.SourceMysql)),
-		TokenManger: auth.NewConfirmationLink[auth.RegisterToken](c.Auth.AccessSecret, "http://localhost:9900/api/auth/oauth2/register"),
+		Config:              c,
+		MysqlConn:           conn,
+		SharedState:         nil,
+		AllModels:           gmodel.NewAllModels(initalize.InitMysql(c.SourceMysql)),
+		RegisterTokenManger: auth.NewConfirmationLink[auth.RegisterToken](c.Auth.AccessSecret, "http://localhost:9900/api/auth/oauth2/register"),
+		ResetTokenManger:    auth.NewConfirmationLink[auth.ResetToken](c.Auth.AccessSecret, "http://localhost:9900/api/auth/oauth2/register"),
 	}
 }

--- a/server/auth/internal/types/types.go
+++ b/server/auth/internal/types/types.go
@@ -10,6 +10,23 @@ type RequestUserLogin struct {
 	Password string `json:"password"`
 }

+type DataUserLogin struct {
+	Token string `json:"token"` // 登录jwt token
+}
+
+type RequestUserResetToken struct {
+	Wid string `json:"wid"`
+}
+
+type DataResetToken struct {
+	ResetToken string `json:"reset_token"` // 获取重置的token
+}
+
+type RequestUserResetPassword struct {
+	ResetToken string `json:"reset_token"` // 附带重置token, 确保流程唯一
+	Password   string `json:"password"`    // 附带的hash密码
+}
+
 type RequestGoogleLogin struct {
 	Code     string `form:"code"`
 	Scope    string `form:"scope"`
@@ -28,10 +45,6 @@ type RequestEmailRegister struct {
 	RegisterToken string `json:"register_token"`
 }

-type DataUserLogin struct {
-	Token string `json:"token"` // 登录jwt token
-}
-
 type DataGuest struct {
 	Token string `json:"token"` // 登录jwt token
 }