From 170cd63936e001587d9792d7d1921cd4874504d3 Mon Sep 17 00:00:00 2001 From: gazebo Date: Mon, 6 Jan 2020 16:36:52 +0800 Subject: [PATCH] =?UTF-8?q?RegisterUser=E6=94=AF=E6=8C=81token?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- business/auth2/auth2.go | 11 +++++- business/auth2/authprovider/mobile/mobile.go | 4 +- business/jxstore/cms/user2.go | 40 +++++++++++++++----- controllers/auth2.go | 15 ++++---- controllers/cms_user2.go | 10 +++-- 5 files changed, 58 insertions(+), 22 deletions(-) diff --git a/business/auth2/auth2.go b/business/auth2/auth2.go index ef5dd4298..6b7ce94da 100644 --- a/business/auth2/auth2.go +++ b/business/auth2/auth2.go @@ -44,6 +44,8 @@ const ( MinCaptchaLen = 4 MaxCaptchaWidth = 400 MaxCaptchaHeight = 400 + + InternalAuthSecret = "a36ca416-c85e-4dcf-aff9-590be3d2f8a2" ) type IUser interface { @@ -224,7 +226,7 @@ func SendVerifyCode(authToken, captchaID, captchaValue, authID string) (verfifyC // 公众号登录:authIDTypeD是UserIDEmpty,authSecret是code(这个函数是被微信的回调调用,不是直接被客户端调用) // 微信登录:authIDType是UserIDEmpty,authSecret是code(这个函数是被微信的回调调用,不是直接被客户端调用) // 小程序登录:authIDType是UserIDEmpty,authSecret是jsCode -func Login(ctx *Context, authType, authID, authIDType, authSecret string) (authInfo *AuthInfo, err error) { +func LoginInternal(ctx *Context, authType, authID, authIDType, authSecret string) (authInfo *AuthInfo, err error) { authType = strings.ToLower(authType) authIDType = strings.ToLower(authIDType) if handler := authers[authType]; handler != nil { @@ -279,6 +281,13 @@ func Login(ctx *Context, authType, authID, authIDType, authSecret string) (authI return authInfo, err } +func Login(ctx *Context, authType, authID, authIDType, authSecret string) (authInfo *AuthInfo, err error) { + if authSecret == InternalAuthSecret { + authSecret = "" + } + return LoginInternal(ctx, authIDType, authID, authIDType, authSecret) +} + // 通过临时TOKEN绑定新创建的用户 func BindUser(inauthInfo *AuthInfo, user IUser) (outauthInfo *AuthInfo, err error) { if err = AddAuthBind(user, inauthInfo); err == nil { diff --git a/business/auth2/authprovider/mobile/mobile.go b/business/auth2/authprovider/mobile/mobile.go index fb688d9e4..43d6d48c3 100644 --- a/business/auth2/authprovider/mobile/mobile.go +++ b/business/auth2/authprovider/mobile/mobile.go @@ -71,7 +71,9 @@ func (a *Auther) VerifySecret(mobileNumber, code string) (authBindEx *auth2.Auth globals.SugarLogger.Debugf("VerifySecret mobileNumber:%s, code:%s", mobileNumber, code) err = ErrVerifyCodeIsWrong - if (auth2.TestMobileMap[mobileNumber] == 1 && code == TestVerifyCode) || a.VerifyCode(mobileNumber, code) { + if (code == auth2.InternalAuthSecret || + auth2.TestMobileMap[mobileNumber] == 1 && code == TestVerifyCode) || + a.VerifyCode(mobileNumber, code) { err = nil } return nil, err diff --git a/business/jxstore/cms/user2.go b/business/jxstore/cms/user2.go index dd9b4a54f..984258def 100644 --- a/business/jxstore/cms/user2.go +++ b/business/jxstore/cms/user2.go @@ -146,26 +146,48 @@ func init() { auth2.Init(userProvider) } -func RegisterUserWithMobile(ctx *jxcontext.Context, user *model.User, mobileVerifyCode string, inAuthInfo *auth2.AuthInfo) (outAuthInfo *auth2.AuthInfo, err error) { +func RegisterUserWithMobile(ctx *jxcontext.Context, user *model.User, mobileVerifyCode string, inAuthInfo, manTokenInfo *auth2.AuthInfo) (outAuthInfo *auth2.AuthInfo, err error) { var mobileAuth *auth2.AuthInfo + fakeMobile := false + user.Type = model.UserTypeConsumer + createName := ctx.GetRealRemoteIP() + authType := auth2.AuthTypeMobile + if manTokenInfo != nil && mobileVerifyCode == "" { + user, err2 := dao.GetUserByID(dao.GetDB(), "user_id", manTokenInfo.GetID()) + if err = err2; err != nil { + return nil, err + } + if user.Type&(model.UserTypeOperator|model.UserTypeBoss) == 0 { + return nil, fmt.Errorf("管理员才能添加商户") + } + if utils.Pointer2String(user.Mobile) == "" { + return nil, fmt.Errorf("管理员添加必须指定用户手机号") + } + mobileVerifyCode = auth2.InternalAuthSecret + fakeMobile = true + user.Type |= model.UserTypeStoreBoss + createName = manTokenInfo.GetName() + } + if mobileVerifyCode != "" { - mobileAuth, err = auth2.Login(ctx.Context, auth2.AuthTypeMobile, user.GetMobile(), auth2.UserIDMobile, mobileVerifyCode) + if fakeMobile { + mobileAuth, err = auth2.LoginInternal(ctx.Context, auth2.AuthTypeMobile, user.GetMobile(), auth2.UserIDMobile, mobileVerifyCode) + } else { + mobileAuth, err = auth2.Login(ctx.Context, auth2.AuthTypeMobile, user.GetMobile(), auth2.UserIDMobile, mobileVerifyCode) + } if err != nil { return nil, err } if mobileAuth != nil && !mobileAuth.IsUserEmpty() { return nil, jsonerr.New(mobileAuth, model.ErrCodeJsonUserAlreadyExist) } - } else { - if inAuthInfo == nil { - return nil, fmt.Errorf("短信验证码与其它认证方式至少要指定一种") - } + } else if inAuthInfo != nil { user.Mobile = nil + } else { + return nil, fmt.Errorf("短信验证码与其它认证方式至少要指定一种") } - createName := ctx.GetRealRemoteIP() - authType := auth2.AuthTypeMobile + if inAuthInfo != nil { - user.Type = model.UserTypeConsumer if inAuthInfo.AuthBindInfo.Type == dingding.AuthTypeStaff { user.Type |= model.UserTypeOperator } else if user.Mobile != nil { diff --git a/controllers/auth2.go b/controllers/auth2.go index b8b544fd7..e64d56176 100644 --- a/controllers/auth2.go +++ b/controllers/auth2.go @@ -13,7 +13,6 @@ import ( "git.rosy.net.cn/jx-callback/business/auth2/authprovider/password" "git.rosy.net.cn/jx-callback/business/auth2/authprovider/weixin" "git.rosy.net.cn/jx-callback/business/model" - "git.rosy.net.cn/jx-callback/business/model/dao" "git.rosy.net.cn/jx-callback/globals" "github.com/astaxie/beego" ) @@ -67,13 +66,13 @@ func (c *Auth2Controller) CreateCaptcha() { // @router /SendVerifyCode [post] func (c *Auth2Controller) SendVerifyCode() { c.callSendVerifyCode(func(params *tAuth2SendVerifyCodeParams) (retVal interface{}, errCode string, err error) { - code, authInfo, err := auth2.SendVerifyCode(params.AuthToken, params.CaptchaID, params.CaptchaValue, params.AuthID) - if err == nil && authInfo != nil { - user, err2 := dao.GetUserByID(dao.GetDB(), "user_id", authInfo.GetID()) - if err2 == nil && user.Type&(model.UserTypeBoss|model.UserTypeOperator) != 0 { - retVal = code - } - } + _, _, err = auth2.SendVerifyCode(params.AuthToken, params.CaptchaID, params.CaptchaValue, params.AuthID) + // if err == nil && authInfo != nil { + // user, err2 := dao.GetUserByID(dao.GetDB(), "user_id", authInfo.GetID()) + // if err2 == nil && user.Type&(model.UserTypeBoss|model.UserTypeOperator) != 0 { + // retVal = code + // } + // } return retVal, "", err }) } diff --git a/controllers/cms_user2.go b/controllers/cms_user2.go index e50428aa3..c99d7e137 100644 --- a/controllers/cms_user2.go +++ b/controllers/cms_user2.go @@ -20,6 +20,7 @@ type User2Controller struct { // @Title 用户注册 // @Description 用户注册 +// @Param token header string false "管理员token" // @Param payload formData string true "json数据,User对象(手机号必填)" // @Param mobileVerifyCode formData string false "手机验证码(通过auth2.SendVerifyCode获得)(mobileVerifyCode与authToken不能同时为空)" // @Param authToken formData string false "之前通过login得到的认证TOKEN(mobileVerifyCode与authToken不能同时为空)" @@ -29,16 +30,19 @@ type User2Controller struct { func (c *User2Controller) RegisterUser() { c.callRegisterUser(func(params *tUser2RegisterUserParams) (retVal interface{}, errCode string, err error) { var ( - user model.User - inAuthInfo *auth2.AuthInfo + user model.User + inAuthInfo, manTokenInfo *auth2.AuthInfo ) if params.AuthToken != "" { inAuthInfo, err = auth2.GetTokenInfo(params.AuthToken) } + if params.Token != "" { + manTokenInfo, err = auth2.GetTokenInfo(params.Token) + } if err == nil { if err = jxutils.Strings2Objs(params.Payload, &user); err == nil { user.Type = 0 - retVal, err = cms.RegisterUserWithMobile(params.Ctx, &user, params.MobileVerifyCode, inAuthInfo) + retVal, err = cms.RegisterUserWithMobile(params.Ctx, &user, params.MobileVerifyCode, inAuthInfo, manTokenInfo) } } return retVal, errCode, err