增加了token的授权

xuzhenhao
Commit a003fc97 authored Dec 07, 2017 by xuzhenhao
Showing with 105 additions and 19 deletions
src/loginserver/apis/loginserver.go
src/loginserver/models/user.go
--- a/src/loginserver/apis/loginserver.go
+++ b/src/loginserver/apis/loginserver.go
@@ -42,6 +42,13 @@ func UserLoginApi(c *gin.Context) {
 		ReturnRespones(c, result.(string), err.Error())
 		return
 	}
+	cookie := &http.Cookie{
+		Name:     "icesimbaToken",
+		Value:    result.(map[string]interface{})["token"].(string),
+		Path:     "/",
+		HttpOnly: true,
+	}
+	http.SetCookie(c.Writer, cookie)
 	ReturnRespones(c, "0", result)
 	return
 }

--- a/src/loginserver/models/user.go
+++ b/src/loginserver/models/user.go
@@ -4,30 +4,39 @@ import (
 	"crypto/md5"
 	"encoding/hex"
 	"errors"
+	"github.com/satori/go.uuid"
 	"log"
 	db "loginserver/database"
 )
 type UserLoginInfo struct {
-	Type     string
+	Type     string `json:"login_type"`
-	Name     string
+	Name     string `json:"login_name"`
-	Password string
+	Password string `json:"login_password"`
 }
 type UserRegisterInfo struct {
-	Type     string
+	Type     string `json:"register_type"`
-	Name     string
+	Name     string `json:"register_name"`
-	Password string
+	Password string `json:"register_password"`
+}
+type UserInfo struct {
+	Id           int
+	UserPassword string
+	UserName     string
 }
 func (u *UserLoginInfo) UserLogin() (result interface{}, err error) {
+	var userInfo UserInfo
 	switch u.Type {
 	case "normal":
-		password, err := GetPasswordByUserName(u.Name)
+		r, err := GetUserInfoByUserName(u.Name)
 		if err != nil {
-			return password, err
+			return r, err
 		}
-		if password != MD5(u.Password) {
+		userInfo = r.(UserInfo)
+		if userInfo.UserPassword != MD5(u.Password) {
 			err = errors.New("密码错误")
 			return "105004", err
 		}
@@ -36,8 +45,15 @@ func (u *UserLoginInfo) UserLogin() (result interface{}, err error) {
 		err = errors.New("不存在的登陆类型")
 		return "105000", err
 	}
+	res := make(map[string]interface{}, 0)
+	res["user_id"] = userInfo.Id
+	token, err := GetUserAccessToken(userInfo.UserName)
+	if err != nil {
+		return token, err
+	}
+	res["token"] = token
 	log.Println(u.Name, " login success")
-	return nil, nil
+	return res, nil
 }
 func (u *UserRegisterInfo) UserRegister() (result interface{}, err error) {
@@ -76,32 +92,39 @@ func CheckUserNameRepeat(userName string) (result interface{}, err error) {
 }
-//获取用户密码
+//获取用户信息
-func GetPasswordByUserName(userName string) (result interface{}, err error) {
+func GetUserInfoByUserName(userName string) (result interface{}, err error) {
-	sql := ` select user_password from icesimba_polysdk_user where  user_name = ?`
+	u := make([]UserInfo, 0)
-	r, err := db.Engine.Query(sql, userName)
+	sql := ` select id,user_name,user_password from icesimba_polysdk_user where  user_name = ?`
+	err = db.Engine.Sql(sql, userName).Find(&u)
 	if err != nil {
 		return "104001", err
 	}
-	if len(r) == 0 {
+	if len(u) == 0 {
 		err = errors.New("不存在的用户名")
 		return "105003", err
 	}
-	return string(r[0]["user_password"]), nil
+	return u, nil
 }
 //修改用户密码
 func ChangeUserPassword(userName string, originPassword string, newPassword string) (result interface{}, err error) {
-	r, err := GetPasswordByUserName(userName)
+	r, err := GetUserInfoByUserName(userName)
 	if err != nil {
 		return r, err
 	}
-	if MD5(newPassword) == originPassword {
+	password := r.(UserInfo).UserPassword
+	if MD5(originPassword) != password {
+		err = errors.New("密码错误，无法修改！")
+		return "105004", err
+	}
+	if newPassword == originPassword {
 		err = errors.New("新旧密码一致！无法修改")
 		return "105002", err
 	}
-	password := MD5(newPassword)
+	password = MD5(newPassword)
 	sql := ` update icesimba_polysdk_user set user_password = ? where user_name = ?`
 	_, err = db.Engine.Exec(sql, password, userName)
 	if err != nil {
@@ -122,10 +145,66 @@ func InsertUser(userName string, userPassword string) (result interface{}, err e
 }
+//授权
+func GetUserAccessToken(userName string) (result string, err error) {
+	userInfo, err := GetUserInfoByUserName(userName)
+	if err != nil {
+		return userInfo.(string), err
+	}
+	userId := userInfo.(UserInfo).Id
+	uuid := uuid.NewV4().String()
+	sql := ` replace into icesimba_user_token(user_id,user_token) values(?,?)`
+	_, err = db.Engine.Exec(sql, userId, uuid)
+	if err != nil {
+		return "104002", err
+	}
+	return "", nil
+}
+//验证授权
+func CheckUserAccessToken(token string) (result string, err error) {
+	sql := ` select user_id from icesimba_user_token where user_token = ? limit 1`
+	r, err := db.Engine.Query(sql, token)
+	if err != nil {
+		return "104002", err
+	}
+	if len(r) == 0 {
+		err = errors.New("token已失效")
+		return "false", nil
+	}
+	return "true", nil
+}
+//生成外部应用授权
+func GetThirdpartAccessToken(userId int) (result string, err error) {
+	uuid := uuid.NewV4().String()
+	sql := ` replace into icesimba_thirdpart_token(user_id,user_thirdpart_token) values(?,?)`
+	_, err = db.Engine.Exec(sql, userId, uuid)
+	if err != nil {
+		return "104002", err
+	}
+	return "", nil
+}
+//验证外部应用授权
+func CheckThirdpartAccessToken(token string) (result string, err error) {
+	sql := ` select user_id from icesimba_user_thirdpart_token where user_thirdpart_token = ? limit 1`
+	r, err := db.Engine.Query(sql, token)
+	if err != nil {
+		return "104002", err
+	}
+	if len(r) == 0 {
+		err = errors.New("token已失效")
+		return "false", nil
+	}
+	return "true", nil
+}
 func MD5(str string) string {
 	w := md5.New()
 	w.Write([]byte(str))
 	has := w.Sum(nil)
 	str = hex.EncodeToString(has)
 	return str
 }