admin_user.go 9.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406
  1. package service
  2. import (
  3. "gadmin/config"
  4. "gadmin/internal/admin/consts"
  5. "gadmin/internal/admin/forms"
  6. "gadmin/internal/gorm/model"
  7. "gadmin/internal/gorm/query"
  8. "gadmin/utility/serializer"
  9. "gadmin/utility/token"
  10. "time"
  11. "github.com/gin-gonic/gin"
  12. "github.com/sirupsen/logrus"
  13. "golang.org/x/crypto/bcrypt"
  14. )
  15. // User 管理员服务
  16. var User = NewsUser()
  17. type LoginStats struct {
  18. FailNum int
  19. BanTs int64
  20. }
  21. type sUser struct {
  22. BanIps map[string]*LoginStats
  23. }
  24. func NewsUser() *sUser {
  25. user := new(sUser)
  26. user.BanIps = make(map[string]*LoginStats)
  27. return user
  28. }
  29. // 一次登录,清空错误次数
  30. func (s *sUser) AddSucessNum(ip string) {
  31. delete(s.BanIps, ip)
  32. }
  33. // 增加错误登录次数,超过10次,不再进行密码验证
  34. func (s *sUser) AddFailNum(ip string) {
  35. stats, ok := s.BanIps[ip]
  36. if !ok {
  37. stats = new(LoginStats)
  38. s.BanIps[ip] = stats
  39. }
  40. if stats.BanTs > 0 {
  41. return
  42. }
  43. if stats.FailNum > 10 {
  44. curTs := time.Now().Unix()
  45. stats.BanTs = curTs
  46. // 清理错误登录
  47. for k, v := range s.BanIps {
  48. if v.BanTs+24*60*60 < curTs {
  49. delete(s.BanIps, k)
  50. }
  51. }
  52. return
  53. }
  54. stats.FailNum += 1
  55. }
  56. // 检查是否允许登录
  57. func (s *sUser) CheckLoginAllow(ip string) bool {
  58. stats, ok := s.BanIps[ip]
  59. if !ok {
  60. return true
  61. }
  62. cur := time.Now().Unix()
  63. if stats.BanTs+1*60*60 > cur {
  64. return false
  65. }
  66. stats.BanTs = 0
  67. stats.FailNum = 0
  68. return true
  69. }
  70. // GetUser 用ID获取用户
  71. func (s *sUser) GetUser(ID interface{}) (u *model.AdminUser, err error) {
  72. result := config.DB.First(&u, ID)
  73. return u, result.Error
  74. }
  75. // SetPassword 设置密码
  76. func (s *sUser) SetPassword(password string) (string, error) {
  77. bytes, err := bcrypt.GenerateFromPassword([]byte(password), consts.PassWordCost)
  78. if err != nil {
  79. return "", err
  80. }
  81. return string(bytes), nil
  82. }
  83. // CheckPassword 校验密码
  84. func (s *sUser) CheckPasswordRight(passwordDigest, password string) bool {
  85. err := bcrypt.CompareHashAndPassword([]byte(passwordDigest), []byte(password))
  86. return err == nil
  87. }
  88. func (s *sUser) Login(req forms.UserLoginReq, ip string) serializer.Response {
  89. var (
  90. u model.AdminUser
  91. )
  92. if ok := s.CheckLoginAllow(ip); !ok {
  93. return serializer.ParamErr("账号已被禁止登录", nil)
  94. }
  95. if err := config.AdminDB.Where("user_name = ?", req.UserName).First(&u).Error; err != nil {
  96. s.AddFailNum(ip)
  97. logrus.Warnf("sUser %v Login req error %v.", req.UserName, ip)
  98. return serializer.ParamErr("账号错误或不存在,请检查", nil)
  99. }
  100. //p, _ := s.SetPassword(req.Password)
  101. //fmt.Println("pass:", p)
  102. if u.Status != 1 {
  103. return serializer.ParamErr("账号已被禁用", nil)
  104. }
  105. if s.CheckPasswordRight(u.PasswordDigest, req.Password) == false {
  106. s.AddFailNum(ip)
  107. logrus.Warnf("sUser %v Login req error. ip: %v.", req.UserName, ip)
  108. return serializer.ParamErr("密码不正确,如忘记了密码请联系管理员!", nil)
  109. }
  110. s.AddSucessNum(ip)
  111. //if os.Getenv("GIN_MODE") == "release" && u.UserName == "mojun" {
  112. // return serializer.ParamErr("该账号只允许在测试服登录!", nil)
  113. //}
  114. t, err := token.GenerateToken(&token.UserClaims{
  115. ID: u.ID,
  116. UserName: u.UserName,
  117. RoleId: int64(u.RoleID),
  118. Avatar: u.Avatar,
  119. Nickname: u.Nickname,
  120. })
  121. if err != nil {
  122. return serializer.ParamErr(err.Error(), nil)
  123. }
  124. return serializer.Suc(forms.UserLoginRes{
  125. ID: u.ID,
  126. UserName: u.UserName,
  127. Nickname: u.Nickname,
  128. Status: u.Status,
  129. Avatar: u.Avatar,
  130. Token: t,
  131. })
  132. }
  133. func (s *sUser) Register(req forms.UserRegisterReq) serializer.Response {
  134. user := model.AdminUser{
  135. Nickname: req.Nickname,
  136. UserName: req.UserName,
  137. Status: consts.StatusNormal,
  138. }
  139. count := int64(0)
  140. config.DB.Model(&model.AdminUser{}).Where("nickname = ?", req.Nickname).Count(&count)
  141. if count > 0 {
  142. return serializer.Response{
  143. Code: 40001,
  144. Msg: "昵称被占用",
  145. }
  146. }
  147. config.DB.Model(&model.AdminUser{}).Where("user_name = ?", req.UserName).Count(&count)
  148. if count > 0 {
  149. return serializer.Response{
  150. Code: 40001,
  151. Msg: "用户名已经注册",
  152. }
  153. }
  154. // 加密密码
  155. password, err := s.SetPassword(req.Password)
  156. if err != nil {
  157. return serializer.Err(
  158. consts.CodeEncryptError,
  159. "密码加密失败",
  160. err,
  161. )
  162. }
  163. user.PasswordDigest = password
  164. if err = config.DB.Create(&user).Error; err != nil {
  165. return serializer.ParamErr("注册失败", err)
  166. }
  167. user.PasswordDigest = ""
  168. return serializer.Suc(user)
  169. }
  170. func (s *sUser) List(ctx *gin.Context, req forms.AdminUserListReq) serializer.Response {
  171. var (
  172. q = query.Use(config.AdminDB).AdminUser
  173. r = query.Use(config.AdminDB).AdminRole
  174. m = q.WithContext(ctx)
  175. offset int64 = 0
  176. models forms.UserAccountListRes
  177. lists []*forms.AdminUserListModel
  178. )
  179. m = m.Order(q.ID.Desc())
  180. req.Page, req.PerPage, offset = forms.CalculatePage(req.Page, req.PerPage)
  181. count, err := m.Count()
  182. if err != nil {
  183. return serializer.Err(consts.CodeParamErr, "查询出错 count", err)
  184. }
  185. if count > 0 {
  186. if err = m.Limit(int(req.PerPage)).Offset(int(offset)).Scan(&lists); err != nil {
  187. return serializer.Err(consts.CodeParamErr, "查询出错 lists", err)
  188. }
  189. }
  190. for _, v := range lists {
  191. role, err := r.WithContext(ctx).Where(r.ID.Eq(v.RoleID)).First()
  192. //if err != nil {
  193. // return serializer.Err(consts.CodeParamErr, "查询 role 出错", err)
  194. //}
  195. v.RoleName = "未绑定角色"
  196. if role != nil && err == nil {
  197. v.RoleName = role.Name
  198. }
  199. }
  200. models.List = lists
  201. models.Page = req.Page
  202. models.PerPage = req.PerPage
  203. models.PageCount = (count + req.PerPage - 1) / req.PerPage
  204. return serializer.Suc(models)
  205. }
  206. func (s *sUser) Edit(ctx *gin.Context, req forms.AdminUserEditReq) serializer.Response {
  207. q := query.Use(config.AdminDB).AdminUser
  208. logrus.Warnf("sUser Edit req:%+v", req)
  209. if req.RoleID <= 0 {
  210. return serializer.ParamErr("角色不能为空", nil)
  211. }
  212. if req.UserName == "" {
  213. return serializer.ParamErr("用户名不能为空", nil)
  214. }
  215. // 修改
  216. if req.ID > 0 {
  217. update := &model.AdminUser{
  218. UserName: req.UserName,
  219. RoleID: int32(req.RoleID),
  220. Nickname: req.Nickname,
  221. Status: req.Status,
  222. UpdatedAt: time.Now(),
  223. }
  224. _, err := q.WithContext(ctx).Where(q.ID.Eq(req.ID)).Updates(update)
  225. if err != nil {
  226. return serializer.Err(consts.CodeParamErr, "更新出错", err)
  227. }
  228. return serializer.Suc(nil)
  229. }
  230. if req.Password == "" {
  231. return serializer.ParamErr("密码不能为空", nil)
  232. }
  233. // 加密密码
  234. password, err := s.SetPassword(req.Password)
  235. if err != nil {
  236. return serializer.Err(
  237. consts.CodeEncryptError,
  238. "密码加密失败",
  239. err,
  240. )
  241. }
  242. // 新增
  243. create := &model.AdminUser{
  244. UserName: req.UserName,
  245. RoleID: int32(req.RoleID),
  246. Nickname: req.Nickname,
  247. PasswordDigest: password,
  248. Status: req.Status,
  249. UpdatedAt: time.Now(),
  250. CreatedAt: time.Now(),
  251. }
  252. if err = query.Use(config.AdminDB).AdminUser.WithContext(ctx).Create(create); err != nil {
  253. return serializer.DBErr(err.Error(), err)
  254. }
  255. return serializer.Suc(nil)
  256. }
  257. func (s *sUser) ResetPassword(ctx *gin.Context, req forms.AdminUserResetPasswordReq) serializer.Response {
  258. q := query.Use(config.AdminDB).AdminUser
  259. logrus.Warnf("sUser ResetPassword req:%+v", req)
  260. if req.ID <= 0 {
  261. return serializer.ParamErr("用于ID不能为空", nil)
  262. }
  263. if req.Password == "" {
  264. return serializer.ParamErr("密码不能为空", nil)
  265. }
  266. // 加密密码
  267. password, err := s.SetPassword(req.Password)
  268. if err != nil {
  269. return serializer.Err(
  270. consts.CodeEncryptError,
  271. "密码加密失败",
  272. err,
  273. )
  274. }
  275. update := &model.AdminUser{
  276. PasswordDigest: password,
  277. UpdatedAt: time.Now(),
  278. }
  279. _, err = q.WithContext(ctx).Where(q.ID.Eq(req.ID)).Updates(update)
  280. if err != nil {
  281. return serializer.Err(consts.CodeParamErr, "更新出错", err)
  282. }
  283. return serializer.Suc(nil)
  284. }
  285. func (s *sUser) UpdatePassword(ctx *gin.Context, req forms.AdminUserUpdatePasswordReq) serializer.Response {
  286. q := query.Use(config.AdminDB).AdminUser
  287. logrus.Warnf("sUser UpdatePassword req:%+v", req)
  288. userId := token.GetUID(ctx)
  289. if userId <= 0 {
  290. return serializer.ParamErr("用户信息获取失败", nil)
  291. }
  292. models, err := q.WithContext(ctx).Where(q.ID.Eq(userId)).First()
  293. if err != nil {
  294. return serializer.ParamErr(err.Error(), err)
  295. }
  296. if models == nil {
  297. return serializer.ParamErr("用户不存在", nil)
  298. }
  299. if !s.CheckPasswordRight(models.PasswordDigest, req.OldPassword) {
  300. return serializer.ParamErr("老密码不正确", nil)
  301. }
  302. // 加密密码
  303. password, err := s.SetPassword(req.NewPassword)
  304. if err != nil {
  305. return serializer.Err(
  306. consts.CodeEncryptError,
  307. "密码加密失败",
  308. err,
  309. )
  310. }
  311. update := &model.AdminUser{
  312. PasswordDigest: password,
  313. UpdatedAt: time.Now(),
  314. }
  315. _, err = q.WithContext(ctx).Where(q.ID.Eq(userId)).Updates(update)
  316. if err != nil {
  317. return serializer.Err(consts.CodeParamErr, "更新出错", err)
  318. }
  319. return serializer.Suc(nil)
  320. }
  321. func (s *sUser) GetUserInfo(c *gin.Context) (*model.AdminUser, error) {
  322. q := query.Use(config.AdminDB).AdminUser
  323. userId := token.GetUID(c)
  324. if userId <= 0 {
  325. c.JSON(200, serializer.Err(consts.CodeNoPermission, "用户信息获取失败", nil))
  326. c.Abort()
  327. }
  328. return q.WithContext(c).Where(q.ID.Eq(userId)).First()
  329. }
  330. func (s *sUser) GetUserRoleId(c *gin.Context) int64 {
  331. info, err := s.GetUserInfo(c)
  332. if err != nil {
  333. return 0
  334. }
  335. if info == nil {
  336. return 0
  337. }
  338. return int64(info.RoleID)
  339. }