diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..86a6493 --- /dev/null +++ b/Makefile @@ -0,0 +1,19 @@ +#goctl api plugin -plugin goctl-swagger="swagger -filename gateway.json -host dev-api.30cm.net" -api ./generate/api/gateway.api -dir . +#goctl api go -api ./generate/api/gateway.api -dir . -style go_zero + +GOFMT ?= gofmt +GOFILES := $(shell find . -name "*.go") + +.PHONY: fmt +fmt: # 格式優化 + $(GOFMT) -s -w $(GOFILES) + goimports -w ./ + + +.PHONY: gen-doc +gen-doc: # 格式優化 + goctl api plugin -plugin goctl-swagger="swagger -filename gateway.json -host dev-api.30cm.net" -api ./generate/api/gateway.api -dir . + +.PHONY: gen-api +gen-api: # 格式優化 + goctl api go -api ./generate/api/gateway.api -dir . -style go_zero diff --git a/etc/gateway.yaml b/etc/gateway.yaml new file mode 100644 index 0000000..283ff76 --- /dev/null +++ b/etc/gateway.yaml @@ -0,0 +1,27 @@ +Name: gateway +Host: 0.0.0.0 +Port: 8888 +AccountRpc: + Etcd: + Hosts: + - 127.0.0.1:2379 + Key: member.rpc +NotificationRpc: + Etcd: + Hosts: + - 127.0.0.1:2379 + Key: notification.rpc +PermissionRpc: + Etcd: + Hosts: + - 127.0.0.1:2379 + Key: permission.rpc +Token: + Secret: kupiHowBonBon + Expired: 300s + +RedisCluster: + Host: 127.0.0.1:7001 + Type: cluster + +MailSender: noreply@code.30cm.net \ No newline at end of file diff --git a/gateway.go b/gateway.go new file mode 100644 index 0000000..7f23875 --- /dev/null +++ b/gateway.go @@ -0,0 +1,29 @@ +package main + +import ( + "app-cloudep-portal-api-gateway/internal/config" + "app-cloudep-portal-api-gateway/internal/handler" + "app-cloudep-portal-api-gateway/internal/svc" + "flag" + "fmt" + + "github.com/zeromicro/go-zero/core/conf" + "github.com/zeromicro/go-zero/rest" +) + +var configFile = flag.String("f", "etc/gateway.yaml", "the config file") + +func main() { + flag.Parse() + + var c config.Config + conf.MustLoad(*configFile, &c) + + server := rest.MustNewServer(c.RestConf) + defer server.Stop() + + ctx := svc.NewServiceContext(c) + handler.RegisterHandlers(server, ctx) + fmt.Printf("Starting server at %s:%d...\n", c.Host, c.Port) + server.Start() +} diff --git a/gateway.json b/gateway.json new file mode 100644 index 0000000..5ca67a2 --- /dev/null +++ b/gateway.json @@ -0,0 +1,814 @@ +{ + "swagger": "2.0", + "info": { + "title": "", + "version": "" + }, + "host": "dev-api.30cm.net", + "schemes": [ + "http", + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "paths": { + "/api/v1/member": { + "post": { + "summary": "創建新會員", + "description": "創建一個全新的帳號", + "operationId": "createAccount", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/CreateAccountResp" + } + }, + "400": { + "description": "輸入的參數錯誤", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "500": { + "description": "伺服器出錯", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + } + }, + "parameters": [ + { + "name": "device_id", + "in": "header", + "required": true, + "type": "string" + }, + { + "name": "ip_address", + "in": "header", + "required": true, + "type": "string" + }, + { + "name": "brewser", + "in": "header", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/CreateAccountRequest" + } + } + ], + "tags": [ + "gateway/member" + ] + } + }, + "/api/v1/member/check-verify-code": { + "get": { + "summary": "確認驗證碼是否有效", + "description": "確認驗證碼是否有效", + "operationId": "CheckVerifyCode", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "400": { + "description": "輸入的參數錯誤", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "403": { + "description": "無效的驗證碼", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "500": { + "description": "伺服器出錯", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + } + }, + "parameters": [ + { + "name": "account", + "description": "帳號名稱", + "in": "query", + "required": true, + "type": "string" + }, + { + "name": "verify_code", + "description": "驗證碼,長度為6", + "in": "query", + "required": true, + "type": "string" + } + ], + "tags": [ + "gateway/member" + ] + } + }, + "/api/v1/member/forget-password-code": { + "post": { + "summary": "發送忘記密碼驗證", + "description": "發送忘記密碼驗證(三分鐘內只能發一次信)", + "operationId": "ForgetPasswordCode", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "400": { + "description": "輸入的參數錯誤", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "500": { + "description": "伺服器出錯", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ForgetPasswordCodeReq" + } + } + ], + "tags": [ + "gateway/member" + ] + } + }, + "/api/v1/member/info": { + "get": { + "summary": "取得會員資訊", + "operationId": "Info", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/UserInfoResp" + } + }, + "400": { + "description": "輸入的參數錯誤", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "403": { + "description": "無效的Token", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "500": { + "description": "伺服器出錯", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + } + }, + "parameters": [ + { + "name": "token", + "in": "header", + "required": true, + "type": "string" + } + ], + "tags": [ + "gateway/member" + ] + } + }, + "/api/v1/member/login": { + "post": { + "summary": "登入", + "description": "會員登入", + "operationId": "Login", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/LoginResp" + } + }, + "400": { + "description": "輸入的參數錯誤", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "500": { + "description": "伺服器出錯", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + } + }, + "parameters": [ + { + "name": "device_id", + "in": "header", + "required": true, + "type": "string" + }, + { + "name": "ip_address", + "in": "header", + "required": true, + "type": "string" + }, + { + "name": "brewser", + "in": "header", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/LoginReq" + } + } + ], + "tags": [ + "gateway/member" + ] + } + }, + "/api/v1/member/logout": { + "get": { + "summary": "會員登出", + "operationId": "Logout", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "400": { + "description": "輸入的參數錯誤", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "403": { + "description": "無效的Token", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "500": { + "description": "伺服器出錯", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + } + }, + "parameters": [ + { + "name": "token", + "in": "header", + "required": true, + "type": "string" + } + ], + "tags": [ + "gateway/member" + ] + } + }, + "/api/v1/member/refresh_access_token": { + "put": { + "summary": "更新Token", + "description": "用 RefreshToken 換取 AccessToken", + "operationId": "RefreshAccessToken", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/LoginResp" + } + }, + "400": { + "description": "輸入的參數錯誤", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "403": { + "description": "無效的驗證碼", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "500": { + "description": "伺服器出錯", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + } + }, + "parameters": [ + { + "name": "device_id", + "in": "header", + "required": true, + "type": "string" + }, + { + "name": "ip_address", + "in": "header", + "required": true, + "type": "string" + }, + { + "name": "brewser", + "in": "header", + "required": true, + "type": "string" + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/UpdateTokenReq" + } + } + ], + "tags": [ + "gateway/member" + ] + } + }, + "/api/v1/member/update-password": { + "put": { + "summary": "更新密碼", + "description": "更新密碼", + "operationId": "UpadtePassword", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "400": { + "description": "輸入的參數錯誤", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "403": { + "description": "無效的驗證碼", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + }, + "500": { + "description": "伺服器出錯", + "schema": { + "$ref": "#/definitions/BaseResponse" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/UpdatePasswordReq" + } + } + ], + "tags": [ + "gateway/member" + ] + } + } + }, + "definitions": { + "BaseResponse": { + "type": "object", + "properties": { + "status": { + "$ref": "#/definitions/Status", + "description": "狀態" + } + }, + "title": "BaseResponse", + "required": [ + "status" + ] + }, + "CheckoutVerifyReq": { + "type": "object", + "properties": { + "account": { + "type": "string", + "description": "帳號名稱" + }, + "verify_code": { + "type": "string", + "description": "驗證碼,長度為6" + } + }, + "title": "CheckoutVerifyReq", + "required": [ + "account", + "verify_code" + ] + }, + "CreateAccountItem": { + "type": "object", + "properties": { + "uid": { + "type": "string", + "description": "使用者UID" + }, + "access_token": { + "type": "string", + "description": "訪問令牌 預設 5 分鐘過期" + }, + "refresh_token": { + "type": "string", + "description": "刷新令牌 (預設一天過期,只能用一次),當呼叫更新token api 時,會自動把舊的失效,變成新的 refresh_token ,前端要記得過其實協助刷新,刷新不過表示全失效了(重新登入)" + }, + "token_type": { + "type": "string", + "description": "Bearer" + } + }, + "title": "CreateAccountItem", + "required": [ + "uid", + "access_token", + "refresh_token", + "token_type" + ] + }, + "CreateAccountRequest": { + "type": "object", + "properties": { + "account": { + "type": "string", + "description": "帳號名稱" + }, + "token": { + "type": "string", + "description": "密碼或平台token,密碼請 sha256 轉碼" + }, + "token_check": { + "type": "string", + "description": "密碼或平台token,密碼請 sha256 轉碼" + }, + "platform": { + "type": "string", + "enum": [ + "digimon", + "google", + "twitter" + ], + "description": "平台名稱 digimon, google, twitter" + }, + "account_type": { + "type": "integer", + "format": "int64", + "enum": [ + "1", + "2", + "3" + ], + "description": "帳號類型 1 手機 2 信箱 3 自定義帳號" + } + }, + "title": "CreateAccountRequest", + "required": [ + "account", + "token", + "token_check", + "platform", + "account_type" + ] + }, + "CreateAccountResp": { + "type": "object", + "properties": { + "status": { + "$ref": "#/definitions/Status", + "description": "狀態" + }, + "data": { + "$ref": "#/definitions/CreateAccountItem" + } + }, + "title": "CreateAccountResp", + "required": [ + "status", + "data" + ] + }, + "ForgetPasswordCodeReq": { + "type": "object", + "properties": { + "account": { + "type": "string", + "description": "帳號名稱" + }, + "account_type": { + "type": "integer", + "format": "int32", + "enum": [ + "1", + "2", + "3" + ], + "description": "帳號類型 1 手機 2 信箱 3 自定義帳號" + } + }, + "title": "ForgetPasswordCodeReq", + "required": [ + "account", + "account_type" + ] + }, + "GetMemberHeader": { + "type": "object", + "properties": {}, + "title": "GetMemberHeader" + }, + "Header": { + "type": "object", + "properties": {}, + "title": "Header" + }, + "LoginItem": { + "type": "object", + "properties": { + "uid": { + "type": "string", + "description": "Account" + }, + "access_token": { + "type": "string", + "description": "訪問令牌 預設 5 分鐘過期" + }, + "refresh_token": { + "type": "string", + "description": "刷新令牌 (預設一天過期,只能用一次),當呼叫更新token api 時,會自動把舊的失效,變成新的 refresh_token ,前端要記得過其實協助刷新,刷新不過表示全失效了(重新登入)" + }, + "token_type": { + "type": "string", + "description": "Bearer" + } + }, + "title": "LoginItem", + "required": [ + "uid", + "access_token", + "refresh_token", + "token_type" + ] + }, + "LoginReq": { + "type": "object", + "properties": { + "account": { + "type": "string", + "description": "帳號名稱" + }, + "token": { + "type": "string", + "description": "密碼或平台token,密碼請 sha256 轉碼" + }, + "platform": { + "type": "string", + "enum": [ + "digimon", + "google", + "twitter" + ], + "description": "平台名稱 digimon, google, twitter" + }, + "account_type": { + "type": "integer", + "format": "int64", + "enum": [ + "1", + "2", + "3" + ], + "description": "帳號類型 1 手機 2 信箱 3 自定義帳號" + } + }, + "title": "LoginReq", + "required": [ + "account", + "token", + "platform", + "account_type" + ] + }, + "LoginResp": { + "type": "object", + "properties": { + "status": { + "$ref": "#/definitions/Status", + "description": "狀態" + }, + "data": { + "$ref": "#/definitions/LoginItem" + } + }, + "title": "LoginResp", + "required": [ + "status", + "data" + ] + }, + "MemberLoginHeader": { + "type": "object", + "properties": {}, + "title": "MemberLoginHeader" + }, + "Status": { + "type": "object", + "properties": { + "code": { + "type": "integer", + "format": "int64", + "description": "狀態碼" + }, + "message": { + "type": "string", + "description": "訊息" + }, + "data": { + "type": "object", + "description": "可選的數據,當有返回時才出現" + }, + "error": { + "type": "object", + "description": "可選的錯誤信息" + } + }, + "title": "Status", + "required": [ + "code", + "message" + ] + }, + "UpdatePasswordReq": { + "type": "object", + "properties": { + "account": { + "type": "string", + "description": "帳號名稱" + }, + "verify_code": { + "type": "string", + "description": "驗證碼,長度為6" + }, + "token": { + "type": "string", + "description": "密碼或平台token,密碼請 sha256 轉碼" + }, + "token_check": { + "type": "string", + "description": "密碼或平台token,密碼請 sha256 轉碼" + } + }, + "title": "UpdatePasswordReq", + "required": [ + "account", + "verify_code", + "token", + "token_check" + ] + }, + "UpdateTokenReq": { + "type": "object", + "properties": { + "uid": { + "type": "string", + "description": "uid" + }, + "token": { + "type": "string", + "description": "refresh token" + } + }, + "title": "UpdateTokenReq", + "required": [ + "uid", + "token" + ] + }, + "UserInfo": { + "type": "object", + "properties": { + "uid": { + "type": "string" + }, + "verify_type": { + "type": "string" + }, + "alarm_type": { + "type": "string" + }, + "status": { + "type": "string" + }, + "language": { + "type": "string" + }, + "currency": { + "type": "string" + }, + "avatar": { + "type": "string" + }, + "curreate_time": { + "type": "string" + }, + "update_time": { + "type": "string" + }, + "nick_name": { + "type": "string" + } + }, + "title": "UserInfo", + "required": [ + "uid", + "verify_type", + "alarm_type", + "status", + "language", + "currency", + "avatar", + "curreate_time", + "update_time" + ] + }, + "UserInfoResp": { + "type": "object", + "properties": { + "status": { + "$ref": "#/definitions/Status", + "description": "狀態" + }, + "data": { + "$ref": "#/definitions/UserInfo" + } + }, + "title": "UserInfoResp", + "required": [ + "status", + "data" + ] + } + }, + "securityDefinitions": { + "apiKey": { + "type": "apiKey", + "description": "Enter JWT Bearer token **_only_**", + "name": "Authorization", + "in": "header" + } + } +} diff --git a/generate/api/gateway.api b/generate/api/gateway.api new file mode 100644 index 0000000..8e15b81 --- /dev/null +++ b/generate/api/gateway.api @@ -0,0 +1 @@ +import "member.api" \ No newline at end of file diff --git a/generate/api/member.api b/generate/api/member.api new file mode 100644 index 0000000..3e6acb7 --- /dev/null +++ b/generate/api/member.api @@ -0,0 +1,218 @@ +syntax = "v1" + +info( + title: "Portal-Api-Gateway (PGW)" + desc: "digimon web portal api gateway" + author: "daniel Wang" + email: "igs170911@gmail.com" + version: "0.0.1" +) + +type Status { + Code int64 `json:"code"` // 狀態碼 + Message string `json:"message"` // 訊息 + Data interface{} `json:"data,omitempty"` // 可選的數據,當有返回時才出現 + Error interface{} `json:"error,omitempty"` // 可選的錯誤信息 +} + +type BaseResponse { + Status Status `json:"status"` // 狀態 +} + +// ------------------------------------------- + +type MemberLoginHeader { + DeviceID string `header:"device_id"` + IpAddress string `header:"ip_address"` + Brewser string `header:"brewser"` +} + +type CreateAccountRequest { + Account string `json:"account" validate:"required, account"` // 帳號名稱 + Token string `json:"token"` // 密碼或平台token,密碼請 sha256 轉碼 + TokenCheck string `json:"token_check"` // 密碼或平台token,密碼請 sha256 轉碼 + Platform string `json:"platform" validate:"oneof=digimon google twitter"` // 平台名稱 digimon, google, twitter + AccountType int64 `json:"account_type" validate:"oneof=1 2 3"`// 帳號類型 1 手機 2 信箱 3 自定義帳號 + MemberLoginHeader +} + +// CreateAccountItem 建立帳號也幫忙登入 +type CreateAccountItem { + UID string `json:"uid"` // 使用者UID + AccessToken string `json:"access_token"` // 訪問令牌 預設 5 分鐘過期 + RefreshToken string `json:"refresh_token"` // 刷新令牌 (預設一天過期,只能用一次),當呼叫更新token api 時,會自動把舊的失效,變成新的 refresh_token ,前端要記得過其實協助刷新,刷新不過表示全失效了(重新登入) + TokenType string `json:"token_type"` // Bearer +} + +type CreateAccountResp { + Status Status `json:"status"` // 狀態 + Data CreateAccountItem `json:"data"` +} +// ------------------------------------------- + +type LoginResp { + Status Status `json:"status"` // 狀態 + Data LoginItem `json:"data"` +} + +type LoginItem { + UID string `json:"uid"` // Account + AccessToken string `json:"access_token"` // 訪問令牌 預設 5 分鐘過期 + RefreshToken string `json:"refresh_token"` // 刷新令牌 (預設一天過期,只能用一次),當呼叫更新token api 時,會自動把舊的失效,變成新的 refresh_token ,前端要記得過其實協助刷新,刷新不過表示全失效了(重新登入) + TokenType string `json:"token_type"` // Bearer +} + +type LoginReq { + Account string `json:"account" validate:"required, account"` // 帳號名稱 + Token string `json:"token"` // 密碼或平台token,密碼請 sha256 轉碼 + Platform string `json:"platform" validate:"oneof=digimon google twitter"` // 平台名稱 digimon, google, twitter + AccountType int64 `json:"account_type" validate:"oneof=1 2 3"` // 帳號類型 1 手機 2 信箱 3 自定義帳號 + MemberLoginHeader +} +// ------------------------------------------- + +type ForgetPasswordCodeReq { + Account string `json:"account" validate:"required, account"` // 帳號名稱 + AccountType int32 `json:"account_type" validate:"oneof=1 2 3"` // 帳號類型 1 手機 2 信箱 3 自定義帳號 +} +// ------------------------------------------- + +type CheckoutVerifyReq { + Account string `form:"account"m:"account" validate:"required, account"` // 帳號名稱 + VerifyCode string `form:"verify_code" validate:"required,len=6"` // 驗證碼,長度為6 +} +// ------------------------------------------- +type UpdatePasswordReq { + Account string `json:"account" validate:"required, account"` // 帳號名稱 + VerifyCode string `json:"verify_code" validate:"required,len=6"` // 驗證碼,長度為6 + Token string `json:"token" validate:"required"` // 密碼或平台token,密碼請 sha256 轉碼 + TokenCheck string `json:"token_check" validate:"required"` // 密碼或平台token,密碼請 sha256 轉碼 +} +// ------------------------------------------- +type UpdateTokenReq { + UID string `json:"uid" validate:"required"` // uid + Token string `json:"token" validate:"required"` // refresh token + MemberLoginHeader +} + +@server( + group: member + prefix: /api/v1 + schemes: https + timeout: 3s +) +service gateway { + /* @respdoc-400 (BaseResponse) // 輸入的參數錯誤 */ + /* @respdoc-500 (BaseResponse) // 伺服器出錯 */ + @doc( + summary:"創建新會員" + description: "創建一個全新的帳號" + ) + @handler createAccount + post /member (CreateAccountRequest) returns (CreateAccountResp) + + /* @respdoc-400 (BaseResponse) // 輸入的參數錯誤 */ + /* @respdoc-500 (BaseResponse) // 伺服器出錯 */ + @doc( + summary:"登入" + description: "會員登入" + ) + @handler Login + post /member/login (LoginReq) returns (LoginResp) + + /* @respdoc-400 (BaseResponse) // 輸入的參數錯誤 */ + /* @respdoc-500 (BaseResponse) // 伺服器出錯 */ + @doc( + summary:"發送忘記密碼驗證" + description: "發送忘記密碼驗證(三分鐘內只能發一次信)" + ) + @handler ForgetPasswordCode + post /member/forget-password-code (ForgetPasswordCodeReq) returns (BaseResponse) + + /* @respdoc-400 (BaseResponse) // 輸入的參數錯誤 */ + /* @respdoc-403 (BaseResponse) // 無效的驗證碼 */ + /* @respdoc-500 (BaseResponse) // 伺服器出錯 */ + @doc( + summary:"確認驗證碼是否有效" + description: "確認驗證碼是否有效" + ) + @handler CheckVerifyCode + get /member/check-verify-code (CheckoutVerifyReq) returns (BaseResponse) + + /* @respdoc-400 (BaseResponse) // 輸入的參數錯誤 */ + /* @respdoc-403 (BaseResponse) // 無效的驗證碼 */ + /* @respdoc-500 (BaseResponse) // 伺服器出錯 */ + @doc( + summary:"更新密碼" + description: "更新密碼" + ) + @handler UpadtePassword + put /member/update-password (UpdatePasswordReq) returns (BaseResponse) + + /* @respdoc-400 (BaseResponse) // 輸入的參數錯誤 */ + /* @respdoc-403 (BaseResponse) // 無效的驗證碼 */ + /* @respdoc-500 (BaseResponse) // 伺服器出錯 */ + @doc( + summary:"更新Token" + description: "用 RefreshToken 換取 AccessToken" + ) + @handler RefreshAccessToken + put /member/refresh_access_token (UpdateTokenReq) returns (LoginResp) + +} + +type Header { + Uid string `header:"uid"` + Token string `header:"token"` +} + +type GetMemberHeader { + Token string `header:"token"` +} + +type UserInfoResp { + Status Status `json:"status"` // 狀態 + Data UserInfo `json:"data"` +} + +type UserInfo { + UID string `json:"uid"` + VerifyType string `json:"verify_type"` + AlarmType string `json:"alarm_type"` + Status string `json:"status"` + Language string `json:"language"` + Currency string `json:"currency"` + Avatar string `json:"avatar"` + CreateTime string `json:"curreate_time"` + UpdateTime string `json:"update_time"` + NickName *string `json:"nick_name,omitempty"` +} + + +@server( + group: member + prefix: /api/v1 + schemes: https + timeout: 3s + middleware: AuthMiddleware +) + +service gateway { + /* @respdoc-400 (BaseResponse) // 輸入的參數錯誤 */ + /* @respdoc-403 (BaseResponse) // 無效的Token */ + /* @respdoc-500 (BaseResponse) // 伺服器出錯 */ + @doc( + summary: "會員登出" + ) + @handler Logout + get /member/logout (GetMemberHeader) returns (BaseResponse) + + /* @respdoc-400 (BaseResponse) // 輸入的參數錯誤 */ + /* @respdoc-403 (BaseResponse) // 無效的Token */ + /* @respdoc-500 (BaseResponse) // 伺服器出錯 */ + @doc( + summary: "取得會員資訊" + ) + @handler Info + get /member/info (GetMemberHeader) returns (UserInfoResp) +} diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..c672259 --- /dev/null +++ b/go.mod @@ -0,0 +1,111 @@ +module app-cloudep-portal-api-gateway + +go 1.22.3 + +require ( + code.30cm.net/digimon/library-go/errors v1.0.1 + code.30cm.net/digimon/library-go/jwt v1.0.0 + code.30cm.net/digimon/proto-all v0.0.0-20240826070029-4a87e93fd2cf + github.com/gogo/protobuf v1.3.2 + github.com/matcornic/hermes/v2 v2.1.0 + github.com/zeromicro/go-zero v1.7.0 +) + +require ( + github.com/Masterminds/semver v1.4.2 // indirect + github.com/Masterminds/sprig v2.16.0+incompatible // indirect + github.com/PuerkitoBio/goquery v1.5.0 // indirect + github.com/andybalholm/cascadia v1.0.0 // indirect + github.com/aokoli/goutils v1.0.1 // indirect + github.com/beorn7/perks v1.0.1 // indirect + github.com/cenkalti/backoff/v4 v4.3.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/coreos/go-semver v0.3.1 // indirect + github.com/coreos/go-systemd/v22 v22.5.0 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect + github.com/emicklei/go-restful/v3 v3.11.0 // indirect + github.com/fatih/color v1.17.0 // indirect + github.com/go-logr/logr v1.4.2 // indirect + github.com/go-logr/stdr v1.2.2 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/swag v0.22.4 // indirect + github.com/golang-jwt/jwt/v4 v4.5.0 // indirect + github.com/golang/mock v1.6.0 // indirect + github.com/golang/protobuf v1.5.4 // indirect + github.com/google/gnostic-models v0.6.8 // indirect + github.com/google/go-cmp v0.6.0 // indirect + github.com/google/gofuzz v1.2.0 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/gorilla/css v1.0.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect + github.com/huandu/xstrings v1.2.0 // indirect + github.com/imdario/mergo v0.3.6 // indirect + github.com/jaytaylor/html2text v0.0.0-20180606194806-57d518f124b0 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-runewidth v0.0.15 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/olekukonko/tablewriter v0.0.5 // indirect + github.com/openzipkin/zipkin-go v0.4.3 // indirect + github.com/pelletier/go-toml/v2 v2.2.2 // indirect + github.com/prometheus/client_golang v1.19.1 // indirect + github.com/prometheus/client_model v0.5.0 // indirect + github.com/prometheus/common v0.48.0 // indirect + github.com/prometheus/procfs v0.12.0 // indirect + github.com/redis/go-redis/v9 v9.6.1 // indirect + github.com/rivo/uniseg v0.2.0 // indirect + github.com/russross/blackfriday/v2 v2.0.1 // indirect + github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect + github.com/spaolacci/murmur3 v1.1.0 // indirect + github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf // indirect + github.com/vanng822/css v0.0.0-20190504095207-a21e860bcd04 // indirect + github.com/vanng822/go-premailer v0.0.0-20191214114701-be27abe028fe // indirect + go.etcd.io/etcd/api/v3 v3.5.15 // indirect + go.etcd.io/etcd/client/pkg/v3 v3.5.15 // indirect + go.etcd.io/etcd/client/v3 v3.5.15 // indirect + go.opentelemetry.io/otel v1.24.0 // indirect + go.opentelemetry.io/otel/exporters/jaeger v1.17.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 // indirect + go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.24.0 // indirect + go.opentelemetry.io/otel/exporters/zipkin v1.24.0 // indirect + go.opentelemetry.io/otel/metric v1.24.0 // indirect + go.opentelemetry.io/otel/sdk v1.24.0 // indirect + go.opentelemetry.io/otel/trace v1.24.0 // indirect + go.opentelemetry.io/proto/otlp v1.3.1 // indirect + go.uber.org/atomic v1.10.0 // indirect + go.uber.org/automaxprocs v1.5.3 // indirect + go.uber.org/multierr v1.9.0 // indirect + go.uber.org/zap v1.24.0 // indirect + golang.org/x/crypto v0.25.0 // indirect + golang.org/x/net v0.27.0 // indirect + golang.org/x/oauth2 v0.20.0 // indirect + golang.org/x/sys v0.22.0 // indirect + golang.org/x/term v0.22.0 // indirect + golang.org/x/text v0.16.0 // indirect + golang.org/x/time v0.5.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240711142825-46eb208f015d // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect + google.golang.org/grpc v1.65.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect + k8s.io/api v0.29.3 // indirect + k8s.io/apimachinery v0.29.4 // indirect + k8s.io/client-go v0.29.3 // indirect + k8s.io/klog/v2 v2.110.1 // indirect + k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect + sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect + sigs.k8s.io/yaml v1.3.0 // indirect +) diff --git a/internal/config/config.go b/internal/config/config.go new file mode 100644 index 0000000..d0b19f6 --- /dev/null +++ b/internal/config/config.go @@ -0,0 +1,24 @@ +package config + +import ( + "time" + + "github.com/zeromicro/go-zero/core/stores/redis" + "github.com/zeromicro/go-zero/rest" + "github.com/zeromicro/go-zero/zrpc" +) + +type Config struct { + rest.RestConf + Token struct { + Secret string + Expired time.Duration + } + // Redis Cluster + RedisCluster redis.RedisConf + + AccountRpc zrpc.RpcClientConf + PermissionRpc zrpc.RpcClientConf + NotificationRpc zrpc.RpcClientConf + MailSender string +} diff --git a/internal/domain/const.go b/internal/domain/const.go new file mode 100644 index 0000000..84111a7 --- /dev/null +++ b/internal/domain/const.go @@ -0,0 +1,22 @@ +package domain + +const ( + DefaultCurrency = "NTD" + DefaultLanguage = "zh-tw" + DefaultGrantType = "client_credentials" + DefaultScope = "gateway" +) + +type GrantType string + +func (g GrantType) ToString() string { + return string(g) +} + +const ( + GrantTypeClientCredentials GrantType = "client_credentials" +) + +const ( + SendVerifyCodeTypeForgetPassword = 3 +) diff --git a/internal/domain/payload.go b/internal/domain/payload.go new file mode 100644 index 0000000..0bd03fc --- /dev/null +++ b/internal/domain/payload.go @@ -0,0 +1,14 @@ +package domain + +type ContextKey string + +func (c ContextKey) ToString() string { + return string(c) +} + +const ( + RoleCode ContextKey = "role" + DeviceIDCode ContextKey = "device_id" + ScopeCode ContextKey = "scope" + UidCode ContextKey = "uid" +) diff --git a/internal/domain/platform.go b/internal/domain/platform.go new file mode 100644 index 0000000..c76f857 --- /dev/null +++ b/internal/domain/platform.go @@ -0,0 +1,31 @@ +package domain + +type Platform int64 + +func (p Platform) ToInt64() int64 { + return int64(p) +} + +const ( + PlatformNone Platform = -1 +) +const ( + PlatformDigimon Platform = iota + 1 + PlatformGoogle + PlatformTwitter +) + +var convPlatformCode = map[string]Platform{ + "digimon": PlatformDigimon, + "google": PlatformGoogle, + "twitter": PlatformTwitter, +} + +func GetPlatformByPlatformCode(code string) Platform { + result, ok := convPlatformCode[code] + if !ok { + return PlatformNone + } + + return result +} diff --git a/internal/domain/redis.go b/internal/domain/redis.go new file mode 100644 index 0000000..c99f5ad --- /dev/null +++ b/internal/domain/redis.go @@ -0,0 +1,19 @@ +package domain + +import "strings" + +type RedisKey string + +const ( + GenerateVerifyCodeRedisKey RedisKey = "rf_code" +) + +func (key RedisKey) ToString() string { + return "gateway:" + string(key) +} + +func (key RedisKey) With(s ...string) RedisKey { + parts := append([]string{string(key)}, s...) + + return RedisKey(strings.Join(parts, ":")) +} diff --git a/internal/domain/status.go b/internal/domain/status.go new file mode 100644 index 0000000..1d37157 --- /dev/null +++ b/internal/domain/status.go @@ -0,0 +1,6 @@ +package domain + +const ( + SuccessMsg = "success" + SuccessCode = 102000 +) diff --git a/internal/handler/member/check_verify_code_handler.go b/internal/handler/member/check_verify_code_handler.go new file mode 100644 index 0000000..cfa37a1 --- /dev/null +++ b/internal/handler/member/check_verify_code_handler.go @@ -0,0 +1,38 @@ +package member + +import ( + "net/http" + + ers "code.30cm.net/digimon/library-go/errors" + + "app-cloudep-portal-api-gateway/internal/logic/member" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/rest/httpx" +) + +func CheckVerifyCodeHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.CheckoutVerifyReq + if err := httpx.Parse(r, &req); err != nil { + httpx.ErrorCtx(r.Context(), w, err) + return + } + + l := member.NewCheckVerifyCodeLogic(r.Context(), svcCtx) + resp, err := l.CheckVerifyCode(&req) + if err != nil { + e := ers.FromGRPCError(err) + httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{ + Status: types.Status{ + Code: int64(e.FullCode()), + Message: e.Error(), + }, + }) + return + } else { + httpx.OkJsonCtx(r.Context(), w, resp) + } + } +} diff --git a/internal/handler/member/create_account_handler.go b/internal/handler/member/create_account_handler.go new file mode 100644 index 0000000..c7dce13 --- /dev/null +++ b/internal/handler/member/create_account_handler.go @@ -0,0 +1,36 @@ +package member + +import ( + "app-cloudep-portal-api-gateway/internal/logic/member" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + "net/http" + + ers "code.30cm.net/digimon/library-go/errors" + "github.com/zeromicro/go-zero/rest/httpx" +) + +func CreateAccountHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.CreateAccountRequest + if err := httpx.Parse(r, &req); err != nil { + httpx.ErrorCtx(r.Context(), w, err) + return + } + + l := member.NewCreateAccountLogic(r.Context(), svcCtx) + resp, err := l.CreateAccount(&req) + if err != nil { + e := ers.FromGRPCError(err) + httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{ + Status: types.Status{ + Code: int64(e.FullCode()), + Message: e.Error(), + }, + }) + return + } else { + httpx.OkJsonCtx(r.Context(), w, resp) + } + } +} diff --git a/internal/handler/member/forget_password_code_handler.go b/internal/handler/member/forget_password_code_handler.go new file mode 100644 index 0000000..0b3de4c --- /dev/null +++ b/internal/handler/member/forget_password_code_handler.go @@ -0,0 +1,38 @@ +package member + +import ( + "net/http" + + ers "code.30cm.net/digimon/library-go/errors" + + "app-cloudep-portal-api-gateway/internal/logic/member" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/rest/httpx" +) + +func ForgetPasswordCodeHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.ForgetPasswordCodeReq + if err := httpx.Parse(r, &req); err != nil { + httpx.ErrorCtx(r.Context(), w, err) + return + } + + l := member.NewForgetPasswordCodeLogic(r.Context(), svcCtx) + resp, err := l.ForgetPasswordCode(&req) + if err != nil { + e := ers.FromGRPCError(err) + httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{ + Status: types.Status{ + Code: int64(e.FullCode()), + Message: e.Error(), + }, + }) + return + } else { + httpx.OkJsonCtx(r.Context(), w, resp) + } + } +} diff --git a/internal/handler/member/info_handler.go b/internal/handler/member/info_handler.go new file mode 100644 index 0000000..6463664 --- /dev/null +++ b/internal/handler/member/info_handler.go @@ -0,0 +1,38 @@ +package member + +import ( + "net/http" + + ers "code.30cm.net/digimon/library-go/errors" + + "app-cloudep-portal-api-gateway/internal/logic/member" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/rest/httpx" +) + +func InfoHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.GetMemberHeader + if err := httpx.Parse(r, &req); err != nil { + httpx.ErrorCtx(r.Context(), w, err) + return + } + + l := member.NewInfoLogic(r.Context(), svcCtx) + resp, err := l.Info(&req) + if err != nil { + e := ers.FromGRPCError(err) + httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{ + Status: types.Status{ + Code: int64(e.FullCode()), + Message: e.Error(), + }, + }) + return + } else { + httpx.OkJsonCtx(r.Context(), w, resp) + } + } +} diff --git a/internal/handler/member/login_handler.go b/internal/handler/member/login_handler.go new file mode 100644 index 0000000..a64cadc --- /dev/null +++ b/internal/handler/member/login_handler.go @@ -0,0 +1,38 @@ +package member + +import ( + "net/http" + + ers "code.30cm.net/digimon/library-go/errors" + + "app-cloudep-portal-api-gateway/internal/logic/member" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/rest/httpx" +) + +func LoginHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.LoginReq + if err := httpx.Parse(r, &req); err != nil { + httpx.ErrorCtx(r.Context(), w, err) + return + } + + l := member.NewLoginLogic(r.Context(), svcCtx) + resp, err := l.Login(&req) + if err != nil { + e := ers.FromGRPCError(err) + httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{ + Status: types.Status{ + Code: int64(e.FullCode()), + Message: e.Error(), + }, + }) + return + } else { + httpx.OkJsonCtx(r.Context(), w, resp) + } + } +} diff --git a/internal/handler/member/logout_handler.go b/internal/handler/member/logout_handler.go new file mode 100644 index 0000000..8eead1d --- /dev/null +++ b/internal/handler/member/logout_handler.go @@ -0,0 +1,38 @@ +package member + +import ( + "net/http" + + ers "code.30cm.net/digimon/library-go/errors" + + "app-cloudep-portal-api-gateway/internal/logic/member" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/rest/httpx" +) + +func LogoutHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.GetMemberHeader + if err := httpx.Parse(r, &req); err != nil { + httpx.ErrorCtx(r.Context(), w, err) + return + } + + l := member.NewLogoutLogic(r.Context(), svcCtx) + resp, err := l.Logout(&req) + if err != nil { + e := ers.FromGRPCError(err) + httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{ + Status: types.Status{ + Code: int64(e.FullCode()), + Message: e.Error(), + }, + }) + return + } else { + httpx.OkJsonCtx(r.Context(), w, resp) + } + } +} diff --git a/internal/handler/member/refresh_access_token_handler.go b/internal/handler/member/refresh_access_token_handler.go new file mode 100644 index 0000000..14e107f --- /dev/null +++ b/internal/handler/member/refresh_access_token_handler.go @@ -0,0 +1,38 @@ +package member + +import ( + "net/http" + + ers "code.30cm.net/digimon/library-go/errors" + + "app-cloudep-portal-api-gateway/internal/logic/member" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/rest/httpx" +) + +func RefreshAccessTokenHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.UpdateTokenReq + if err := httpx.Parse(r, &req); err != nil { + httpx.ErrorCtx(r.Context(), w, err) + return + } + + l := member.NewRefreshAccessTokenLogic(r.Context(), svcCtx) + resp, err := l.RefreshAccessToken(&req) + if err != nil { + e := ers.FromGRPCError(err) + httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{ + Status: types.Status{ + Code: int64(e.FullCode()), + Message: e.Error(), + }, + }) + return + } else { + httpx.OkJsonCtx(r.Context(), w, resp) + } + } +} diff --git a/internal/handler/member/upadte_password_handler.go b/internal/handler/member/upadte_password_handler.go new file mode 100644 index 0000000..edd8cae --- /dev/null +++ b/internal/handler/member/upadte_password_handler.go @@ -0,0 +1,38 @@ +package member + +import ( + "net/http" + + ers "code.30cm.net/digimon/library-go/errors" + + "app-cloudep-portal-api-gateway/internal/logic/member" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/rest/httpx" +) + +func UpadtePasswordHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.UpdatePasswordReq + if err := httpx.Parse(r, &req); err != nil { + httpx.ErrorCtx(r.Context(), w, err) + return + } + + l := member.NewUpadtePasswordLogic(r.Context(), svcCtx) + resp, err := l.UpadtePassword(&req) + if err != nil { + e := ers.FromGRPCError(err) + httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{ + Status: types.Status{ + Code: int64(e.FullCode()), + Message: e.Error(), + }, + }) + return + } else { + httpx.OkJsonCtx(r.Context(), w, resp) + } + } +} diff --git a/internal/handler/routes.go b/internal/handler/routes.go new file mode 100644 index 0000000..70e5384 --- /dev/null +++ b/internal/handler/routes.go @@ -0,0 +1,71 @@ +// Code generated by goctl. DO NOT EDIT. +package handler + +import ( + "net/http" + "time" + + member "app-cloudep-portal-api-gateway/internal/handler/member" + "app-cloudep-portal-api-gateway/internal/svc" + + "github.com/zeromicro/go-zero/rest" +) + +func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) { + server.AddRoutes( + []rest.Route{ + { + Method: http.MethodPost, + Path: "/member", + Handler: member.CreateAccountHandler(serverCtx), + }, + { + Method: http.MethodPost, + Path: "/member/login", + Handler: member.LoginHandler(serverCtx), + }, + { + Method: http.MethodPost, + Path: "/member/forget-password-code", + Handler: member.ForgetPasswordCodeHandler(serverCtx), + }, + { + Method: http.MethodGet, + Path: "/member/check-verify-code", + Handler: member.CheckVerifyCodeHandler(serverCtx), + }, + { + Method: http.MethodPut, + Path: "/member/update-password", + Handler: member.UpadtePasswordHandler(serverCtx), + }, + { + Method: http.MethodPut, + Path: "/member/refresh_access_token", + Handler: member.RefreshAccessTokenHandler(serverCtx), + }, + }, + rest.WithPrefix("/api/v1"), + rest.WithTimeout(3000*time.Millisecond), + ) + + server.AddRoutes( + rest.WithMiddlewares( + []rest.Middleware{serverCtx.AuthMiddleware.Handle}, + []rest.Route{ + { + Method: http.MethodGet, + Path: "/member/logout", + Handler: member.LogoutHandler(serverCtx), + }, + { + Method: http.MethodGet, + Path: "/member/info", + Handler: member.InfoHandler(serverCtx), + }, + }..., + ), + rest.WithPrefix("/api/v1"), + rest.WithTimeout(3000*time.Millisecond), + ) +} diff --git a/internal/logic/member/check_verify_code_logic.go b/internal/logic/member/check_verify_code_logic.go new file mode 100644 index 0000000..d6be5aa --- /dev/null +++ b/internal/logic/member/check_verify_code_logic.go @@ -0,0 +1,50 @@ +package member + +import ( + "app-cloudep-portal-api-gateway/internal/domain" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + "context" + "fmt" + + ers "code.30cm.net/digimon/library-go/errors" + accountRpc "code.30cm.net/digimon/proto-all/pkg/member" + + "github.com/zeromicro/go-zero/core/logx" +) + +type CheckVerifyCodeLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewCheckVerifyCodeLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CheckVerifyCodeLogic { + return &CheckVerifyCodeLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *CheckVerifyCodeLogic) CheckVerifyCode(req *types.CheckoutVerifyReq) (resp *types.BaseResponse, err error) { + // 驗證碼 + _, err = l.svcCtx.AccountRpc.CheckRefreshCode(l.ctx, &accountRpc.VerifyRefreshCodeReq{ + Account: req.Account, + CodeType: domain.SendVerifyCodeTypeForgetPassword, + VerifyCode: req.VerifyCode, + }) + if err != nil { + fmt.Println(err) + // 表使沒有這驗證碼 + return nil, ers.Forbidden("failed to get verify code") + } + + // 返回成功響應 + return &types.BaseResponse{ + Status: types.Status{ + Code: domain.SuccessCode, + Message: domain.SuccessMsg, + }, + }, nil +} diff --git a/internal/logic/member/create_account_logic.go b/internal/logic/member/create_account_logic.go new file mode 100644 index 0000000..03dd824 --- /dev/null +++ b/internal/logic/member/create_account_logic.go @@ -0,0 +1,112 @@ +package member + +import ( + "app-cloudep-portal-api-gateway/internal/domain" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + "context" + "time" + + ers "code.30cm.net/digimon/library-go/errors" + accountRpc "code.30cm.net/digimon/proto-all/pkg/member" + permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission" + "github.com/gogo/protobuf/proto" + + "github.com/zeromicro/go-zero/core/logx" +) + +type CreateAccountLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewCreateAccountLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CreateAccountLogic { + return &CreateAccountLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *CreateAccountLogic) CreateAccount(req *types.CreateAccountRequest) (resp *types.CreateAccountResp, err error) { + // 驗證密碼,兩次密碼要一致 + if req.Token != req.TokenCheck { + return nil, ers.InvalidFormat("password confirmation does not match") + } + + // 平台驗證 + p := domain.GetPlatformByPlatformCode(req.Platform) + if p == domain.PlatformNone { + return nil, ers.InvalidFormat("platform not found") + } + + // 建立帳號 + _, err = l.svcCtx.AccountRpc.CreateUserAccount(l.ctx, &accountRpc.CreateLoginUserReq{ + LoginId: req.Account, + Platform: p.ToInt64(), + Token: req.Token, + }) + if err != nil { + return nil, err + } + + // 綁定 UID + bindResp, err := l.svcCtx.AccountRpc.BindAccount(l.ctx, &accountRpc.BindingUserReq{ + LoginId: req.Account, + Type: req.AccountType, + }) + if err != nil { + return nil, err + } + + // 綁定使用者基礎資訊 + if err := l.bindUserInfo(bindResp.Uid); err != nil { + return nil, err + } + + // 發 token + token, err := l.generateToken(bindResp.Uid, req.DeviceID) + if err != nil { + return nil, err + } + + // 建立回應 + return &types.CreateAccountResp{ + Status: types.Status{ + Code: domain.SuccessCode, + Message: domain.SuccessMsg, + }, + Data: types.CreateAccountItem{ + UID: bindResp.Uid, + AccessToken: token.AccessToken, + RefreshToken: token.RefreshToken, + TokenType: token.TokenType, + }, + }, nil +} + +// bindUserInfo 綁定使用者基礎資訊 +func (l *CreateAccountLogic) bindUserInfo(uid string) error { + _, err := l.svcCtx.AccountRpc.BindUserInfo(l.ctx, &accountRpc.CreateUserInfoReq{ + Uid: uid, + Currency: domain.DefaultCurrency, + Language: domain.DefaultLanguage, + NickName: proto.String(uid), + }) + return err +} + +// generateToken 生成 token +func (l *CreateAccountLogic) generateToken(uid, deviceID string) (*permissionRpc.TokenResp, error) { + return l.svcCtx.TokenRpc.NewToken(l.ctx, &permissionRpc.AuthorizationReq{ + GrantType: domain.GrantTypeClientCredentials.ToString(), + DeviceId: deviceID, + Scope: domain.DefaultScope, + IsRefreshToken: true, + Expires: int32(time.Now().UTC().Add(l.svcCtx.Config.Token.Expired).Unix()), + Data: map[string]string{ + "uid": uid, + }, + }) +} diff --git a/internal/logic/member/forget_password_code_logic.go b/internal/logic/member/forget_password_code_logic.go new file mode 100644 index 0000000..bd0b7e3 --- /dev/null +++ b/internal/logic/member/forget_password_code_logic.go @@ -0,0 +1,188 @@ +package member + +import ( + "app-cloudep-portal-api-gateway/internal/domain" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + "context" + "fmt" + + notificationRpc "code.30cm.net/digimon/proto-all/pkg/notification" + + ers "code.30cm.net/digimon/library-go/errors" + accountRpc "code.30cm.net/digimon/proto-all/pkg/member" + "github.com/matcornic/hermes/v2" + + "github.com/zeromicro/go-zero/core/logx" +) + +type ForgetPasswordCodeLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewForgetPasswordCodeLogic(ctx context.Context, svcCtx *svc.ServiceContext) *ForgetPasswordCodeLogic { + return &ForgetPasswordCodeLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *ForgetPasswordCodeLogic) ForgetPasswordCode(req *types.ForgetPasswordCodeReq) (*types.BaseResponse, error) { + // 限制三分鐘內只可以發送一次 + rk := domain.GenerateVerifyCodeRedisKey.With(fmt.Sprintf("%s-%d", req.Account, domain.SendVerifyCodeTypeForgetPassword)).ToString() + get, err := l.svcCtx.Redis.Get(rk) + if err != nil { + // Redis 錯誤,給予適當的提示(可以視情況返回錯誤或繼續) + l.Logger.Errorf("Redis error: %v", err) + } + if get != "" { + // 已經發送過驗證碼,返回提示 + return nil, ers.ArkInternal("verification code already sent, please wait before requesting again") + } + + // 確認帳號是否已經註冊過 + accountResp, err := l.svcCtx.AccountRpc.GetUidByAccount(l.ctx, &accountRpc.GetUIDByAccountReq{ + Account: req.Account, + }) + if err != nil { + return nil, err + } + + // 生成重置密碼驗證碼 + code, err := l.svcCtx.AccountRpc.GenerateRefreshCode(l.ctx, &accountRpc.GenerateRefreshCodeReq{ + Account: req.Account, + CodeType: domain.SendVerifyCodeTypeForgetPassword, + }) + if err != nil { + return nil, err + } + + // 取得用戶資訊 + info, err := l.svcCtx.AccountRpc.GetUserInfo(l.ctx, &accountRpc.GetUserInfoReq{Uid: accountResp.Uid}) + if err != nil { + return nil, err + } + + // 準備驗證碼郵件 + nickName := info.Data.Uid + if info.Data.NickName != nil { + nickName = *info.Data.NickName + } + mailContent, title, err := ForgerZHTW(nickName, code.Data.VerifyCode) + if err != nil { + return nil, ers.InvalidFormat("failed to generate mail content: ", err.Error()) + } + + // 發送郵件 + _, err = l.svcCtx.NotificationRpc.SendMail(l.ctx, ¬ificationRpc.SendMailReq{ + Body: mailContent, + Subject: title, + To: req.Account, + From: l.svcCtx.Config.MailSender, + }) + if err != nil { + return nil, err + } + + // 設置 Redis 鍵,並設置 3 分鐘的過期時間 + err = l.svcCtx.Redis.Set(rk, code.Data.VerifyCode) + if err != nil { + return nil, ers.ArkInternal(err.Error()) + } + err = l.svcCtx.Redis.Expire(rk, 180) + if err != nil { + return nil, ers.ArkInternal(err.Error()) + } + + // 返回成功響應 + return &types.BaseResponse{ + Status: types.Status{ + Code: domain.SuccessCode, + Message: domain.SuccessMsg, + }, + }, nil +} + +type generateForgetPasswordMailBodyReq struct { + ProductName string + ProductLink string + ProductLogo string + ProductCopyright string + + BodyName string + BodyIntros []string + BodyActions []hermes.Action + BodyOutros []string + BodySignature string +} + +func ForgerZHTW(username, verifyCode string) (body, title string, err error) { + req := generateForgetPasswordMailBodyReq{ + ProductName: "Digimon 團隊", + ProductLink: "https://code.30cm.net", + ProductLogo: "https://storage.googleapis.com/netpute-qa-public/logo_dark.png", + ProductCopyright: "© 2024 Digimon Inc. 版權所有", + + BodyName: username, + BodyIntros: []string{ + "您收到此電子郵件是因為我們收到了針對 Digimon 帳戶的密碼重置請求。", + }, + BodyActions: []hermes.Action{ + { + Instructions: "請複製您的驗證碼,到網頁重置", + InviteCode: verifyCode, + }, + }, + BodyOutros: []string{ + "如果您不要求重設密碼,則無需您採取進一步的措施。", + }, + BodySignature: "無所不在的即時遊戲社群平台", + } + pr, bo := mustForgetPasswordMail(req) + + body, err = genMailBody(forgetPasswordTemplate{pr, bo}) + + return body, "Digimon 平台,重設密碼驗證信", err +} + +func mustForgetPasswordMail(req generateForgetPasswordMailBodyReq) (hermes.Product, hermes.Body) { + product := hermes.Product{ + // Appears in header & footer of e-mails + Name: req.ProductName, + Link: req.ProductLink, + Logo: req.ProductLogo, + Copyright: req.ProductCopyright, + } + + body := hermes.Body{ + Name: req.BodyName, + Intros: req.BodyIntros, + Actions: req.BodyActions, + Outros: req.BodyOutros, + Signature: req.BodySignature, + } + + return product, body +} + +type forgetPasswordTemplate struct { + Product hermes.Product + Body hermes.Body +} + +func genMailBody(req forgetPasswordTemplate) (body string, err error) { + h := hermes.Hermes{ + Product: req.Product, + } + email := hermes.Email{ + Body: req.Body, + } + emailBody, err := h.GenerateHTML(email) + if err != nil { + return "", err + } + return emailBody, nil +} diff --git a/internal/logic/member/info_logic.go b/internal/logic/member/info_logic.go new file mode 100644 index 0000000..f8df1d9 --- /dev/null +++ b/internal/logic/member/info_logic.go @@ -0,0 +1,55 @@ +package member + +import ( + "app-cloudep-portal-api-gateway/internal/domain" + "app-cloudep-portal-api-gateway/internal/payload" + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + "context" + "time" + + accountRpc "code.30cm.net/digimon/proto-all/pkg/member" + "github.com/zeromicro/go-zero/core/logx" +) + +type InfoLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewInfoLogic(ctx context.Context, svcCtx *svc.ServiceContext) *InfoLogic { + return &InfoLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *InfoLogic) Info(_ *types.GetMemberHeader) (resp *types.UserInfoResp, err error) { + info, err := l.svcCtx.AccountRpc.GetUserInfo(l.ctx, &accountRpc.GetUserInfoReq{ + Uid: payload.UID(l.ctx), + }) + if err != nil { + return nil, err + } + + return &types.UserInfoResp{ + Status: types.Status{ + Code: domain.SuccessCode, + Message: domain.SuccessMsg, + }, + Data: types.UserInfo{ + UID: info.Data.Uid, + VerifyType: info.Data.VerifyType.String(), + AlarmType: info.Data.AlarmType.String(), + Status: info.Data.Status.String(), + Language: info.Data.Language, + Currency: info.Data.Currency, + Avatar: info.Data.Avatar, + CreateTime: time.Unix(info.Data.CreateTime, 0).UTC().Format(time.RFC3339), + UpdateTime: time.Unix(info.Data.UpdateTime, 0).UTC().Format(time.RFC3339), + NickName: info.Data.NickName, + }, + }, nil +} diff --git a/internal/logic/member/login_logic.go b/internal/logic/member/login_logic.go new file mode 100644 index 0000000..55a3d8a --- /dev/null +++ b/internal/logic/member/login_logic.go @@ -0,0 +1,104 @@ +package member + +import ( + "app-cloudep-portal-api-gateway/internal/domain" + "context" + "time" + + ers "code.30cm.net/digimon/library-go/errors" + accountRpc "code.30cm.net/digimon/proto-all/pkg/member" + permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission" + "github.com/gogo/protobuf/proto" + + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/core/logx" +) + +type LoginLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *LoginLogic { + return &LoginLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *LoginLogic) Login(req *types.LoginReq) (resp *types.LoginResp, err error) { + var result *accountRpc.VerifyAuthResultResp + + // Step 1 驗證進來的 Token + platform := domain.GetPlatformByPlatformCode(req.Platform) + switch platform { + case domain.PlatformDigimon: + // 原始平台驗證 + result, err = l.svcCtx.AccountRpc.VerifyPlatformAuthResult(l.ctx, &accountRpc.VerifyAuthResultReq{ + Account: proto.String(req.Account), + Token: req.Token, + }) + if err != nil { + return nil, err + } + case domain.PlatformGoogle: + result, err = l.svcCtx.AccountRpc.VerifyGoogleAuthResult(l.ctx, &accountRpc.VerifyAuthResultReq{ + Token: req.Token, + }) + if err != nil { + return nil, err + } + case domain.PlatformTwitter: + default: + return nil, ers.InvalidFormat("invalid platform") + } + + if !result.Status { + return nil, ers.Forbidden("failed to validate password ") + } + + account, err := l.svcCtx.AccountRpc.GetUidByAccount(l.ctx, &accountRpc.GetUIDByAccountReq{ + Account: req.Account, + }) + if err != nil { + return nil, err + } + + // 發 token + token, err := l.generateToken(account.Uid, req.DeviceID) + if err != nil { + return nil, err + } + + // 建立回應 + return &types.LoginResp{ + Status: types.Status{ + Code: domain.SuccessCode, + Message: domain.SuccessMsg, + }, + Data: types.LoginItem{ + UID: account.Uid, + AccessToken: token.AccessToken, + RefreshToken: token.RefreshToken, + TokenType: token.TokenType, + }, + }, nil +} + +// generateToken 生成 token +func (l *LoginLogic) generateToken(uid, deviceID string) (*permissionRpc.TokenResp, error) { + return l.svcCtx.TokenRpc.NewToken(l.ctx, &permissionRpc.AuthorizationReq{ + GrantType: domain.GrantTypeClientCredentials.ToString(), + DeviceId: deviceID, + Scope: domain.DefaultScope, + IsRefreshToken: true, + Expires: int32(time.Now().UTC().Add(l.svcCtx.Config.Token.Expired).Unix()), + Data: map[string]string{ + "uid": uid, + }, + }) +} diff --git a/internal/logic/member/logout_logic.go b/internal/logic/member/logout_logic.go new file mode 100644 index 0000000..7a8a27b --- /dev/null +++ b/internal/logic/member/logout_logic.go @@ -0,0 +1,43 @@ +package member + +import ( + "app-cloudep-portal-api-gateway/internal/domain" + "context" + + "code.30cm.net/digimon/proto-all/pkg/permission" + + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/core/logx" +) + +type LogoutLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewLogoutLogic(ctx context.Context, svcCtx *svc.ServiceContext) *LogoutLogic { + return &LogoutLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *LogoutLogic) Logout(req *types.GetMemberHeader) (resp *types.BaseResponse, err error) { + _, err = l.svcCtx.TokenRpc.CancelToken(l.ctx, &permission.CancelTokenReq{ + Token: req.Token, + }) + if err != nil { + return nil, err + } + + return &types.BaseResponse{ + Status: types.Status{ + Code: domain.SuccessCode, + Message: domain.SuccessMsg, + }, + }, nil +} diff --git a/internal/logic/member/refresh_access_token_logic.go b/internal/logic/member/refresh_access_token_logic.go new file mode 100644 index 0000000..77bae3d --- /dev/null +++ b/internal/logic/member/refresh_access_token_logic.go @@ -0,0 +1,55 @@ +package member + +import ( + "app-cloudep-portal-api-gateway/internal/domain" + "context" + "time" + + permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission" + + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/core/logx" +) + +type RefreshAccessTokenLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewRefreshAccessTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *RefreshAccessTokenLogic { + return &RefreshAccessTokenLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *RefreshAccessTokenLogic) RefreshAccessToken(req *types.UpdateTokenReq) (resp *types.LoginResp, err error) { + // TODO 看未來有沒有需要把UID 拿去驗證 + token, err := l.svcCtx.TokenRpc.RefreshToken(l.ctx, &permissionRpc.RefreshTokenReq{ + Token: req.Token, + Scope: domain.DefaultScope, + Expires: time.Now().UTC().Add(l.svcCtx.Config.Token.Expired).Unix(), + DeviceId: req.DeviceID, + }) + if err != nil { + return nil, err + } + + // 建立回應 + return &types.LoginResp{ + Status: types.Status{ + Code: domain.SuccessCode, + Message: domain.SuccessMsg, + }, + Data: types.LoginItem{ + UID: req.UID, + AccessToken: token.Token, + RefreshToken: token.OneTimeToken, + TokenType: token.TokenType, + }, + }, nil +} diff --git a/internal/logic/member/upadte_password_logic.go b/internal/logic/member/upadte_password_logic.go new file mode 100644 index 0000000..32a80a3 --- /dev/null +++ b/internal/logic/member/upadte_password_logic.go @@ -0,0 +1,91 @@ +package member + +import ( + "app-cloudep-portal-api-gateway/internal/domain" + "context" + "fmt" + + ers "code.30cm.net/digimon/library-go/errors" + accountRpc "code.30cm.net/digimon/proto-all/pkg/member" + permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission" + + "app-cloudep-portal-api-gateway/internal/svc" + "app-cloudep-portal-api-gateway/internal/types" + + "github.com/zeromicro/go-zero/core/logx" +) + +type UpadtePasswordLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewUpadtePasswordLogic(ctx context.Context, svcCtx *svc.ServiceContext) *UpadtePasswordLogic { + return &UpadtePasswordLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *UpadtePasswordLogic) UpadtePassword(req *types.UpdatePasswordReq) (resp *types.BaseResponse, err error) { + // 驗證密碼,兩次密碼要一致 + if req.Token != req.TokenCheck { + return nil, ers.InvalidFormat("password confirmation does not match") + } + + // 驗證碼 + _, err = l.svcCtx.AccountRpc.VerifyRefreshCode(l.ctx, &accountRpc.VerifyRefreshCodeReq{ + Account: req.Account, + CodeType: domain.SendVerifyCodeTypeForgetPassword, + VerifyCode: req.VerifyCode, + }) + if err != nil { + // 表使沒有這驗證碼 + return nil, ers.Forbidden("failed to get verify code") + } + + info, err := l.svcCtx.AccountRpc.GetUserAccountInfo(l.ctx, &accountRpc.GetUIDByAccountReq{Account: req.Account}) + if err != nil { + return nil, err + } + + if info.Data.Platform != domain.PlatformDigimon.ToInt64() { + return nil, ers.Forbidden("invalid platform") + } + + // 更新 + _, err = l.svcCtx.AccountRpc.UpdateUserToken(l.ctx, &accountRpc.UpdateTokenReq{ + Account: req.Account, + Token: req.Token, + Platform: int64(domain.PlatformDigimon), + }) + if err != nil { + return nil, err + } + + // 刪除 key + rk := domain.GenerateVerifyCodeRedisKey.With(fmt.Sprintf("%s-%d", req.Account, domain.SendVerifyCodeTypeForgetPassword)).ToString() + _, err = l.svcCtx.Redis.Del(rk) + if err != nil { + return nil, ers.ArkInternal(err.Error()) + } + // 取消所有Token + ac, err := l.svcCtx.AccountRpc.GetUidByAccount(l.ctx, &accountRpc.GetUIDByAccountReq{Account: req.Account}) + if err != nil { + return nil, err + } + _, err = l.svcCtx.TokenRpc.CancelTokens(l.ctx, &permissionRpc.DoTokenByUIDReq{Uid: ac.Uid}) + if err != nil { + return nil, err + } + + // 返回成功響應 + return &types.BaseResponse{ + Status: types.Status{ + Code: domain.SuccessCode, + Message: domain.SuccessMsg, + }, + }, nil +} diff --git a/internal/middleware/auth_middleware.go b/internal/middleware/auth_middleware.go new file mode 100644 index 0000000..1389a91 --- /dev/null +++ b/internal/middleware/auth_middleware.go @@ -0,0 +1,79 @@ +package middleware + +import ( + "app-cloudep-portal-api-gateway/internal/domain" + "app-cloudep-portal-api-gateway/internal/types" + "context" + "net/http" + + ers "code.30cm.net/digimon/library-go/errors" + token "code.30cm.net/digimon/library-go/jwt" + permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission" + "github.com/zeromicro/go-zero/rest/httpx" +) + +type AuthMiddlewareParam struct { + TokenSec string + TokenClient permissionRpc.TokenServiceClient +} + +type AuthMiddleware struct { + tokenSec string + tokenClient permissionRpc.TokenServiceClient +} + +func NewAuthMiddleware(param AuthMiddlewareParam) *AuthMiddleware { + return &AuthMiddleware{ + tokenSec: param.TokenSec, + tokenClient: param.TokenClient, + } +} + +// Handle 處理 Auth Middleware +func (m *AuthMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + // 解析 Header + header := types.GetMemberHeader{} + if err := httpx.ParseHeaders(r, &header); err != nil { + m.writeErrorResponse(w, r, http.StatusBadRequest, "Failed to parse headers", int64(ers.InvalidFormat().FullCode())) + return + } + + // 驗證 Token + claim, err := token.ParseClaims(header.Token, m.tokenSec, true) + if err != nil { + // 是否需要紀錄錯誤,是不是只要紀錄除了驗證失敗或過期之外的真錯誤 + m.writeErrorResponse(w, r, http.StatusForbidden, err.Error(), int64(ers.Forbidden().FullCode())) + return + } + + // 驗證 Token 是否在黑名單中 + if _, err := m.tokenClient.ValidationToken(r.Context(), &permissionRpc.ValidationTokenReq{Token: header.Token}); err != nil { + m.writeErrorResponse(w, r, http.StatusForbidden, err.Error(), int64(ers.Forbidden().FullCode())) + return + } + + // 設置 context 並傳遞給下一個處理器 + ctx := SetContext(r, claim) + next(w, r.WithContext(ctx)) + } +} + +func SetContext(r *http.Request, claim token.DataClaims) context.Context { + ctx := context.WithValue(r.Context(), domain.RoleCode, claim.Role()) + ctx = context.WithValue(ctx, domain.UidCode, claim.UID()) + ctx = context.WithValue(ctx, domain.DeviceIDCode, claim.DeviceID()) + ctx = context.WithValue(ctx, domain.ScopeCode, claim.Get(domain.ScopeCode.ToString())) + + return ctx +} + +// writeErrorResponse 用於處理錯誤回應 +func (m *AuthMiddleware) writeErrorResponse(w http.ResponseWriter, r *http.Request, statusCode int, message string, code int64) { + httpx.WriteJsonCtx(r.Context(), w, statusCode, types.BaseResponse{ + Status: types.Status{ + Code: code, + Message: message, + }, + }) +} diff --git a/internal/payload/token.go b/internal/payload/token.go new file mode 100644 index 0000000..6568540 --- /dev/null +++ b/internal/payload/token.go @@ -0,0 +1,22 @@ +package payload + +import ( + "app-cloudep-portal-api-gateway/internal/domain" + "context" +) + +func UID(ctx context.Context) string { + return ctx.Value(domain.UidCode).(string) +} + +func Scope(ctx context.Context) string { + return ctx.Value(domain.ScopeCode).(string) +} + +func Role(ctx context.Context) string { + return ctx.Value(domain.RoleCode).(string) +} + +func DeviceID(ctx context.Context) string { + return ctx.Value(domain.DeviceIDCode).(string) +} diff --git a/internal/svc/service_context.go b/internal/svc/service_context.go new file mode 100644 index 0000000..23d2610 --- /dev/null +++ b/internal/svc/service_context.go @@ -0,0 +1,47 @@ +package svc + +import ( + "app-cloudep-portal-api-gateway/internal/config" + "app-cloudep-portal-api-gateway/internal/middleware" + + ers "code.30cm.net/digimon/library-go/errors" + "code.30cm.net/digimon/library-go/errors/code" + "github.com/zeromicro/go-zero/core/stores/redis" + "github.com/zeromicro/go-zero/zrpc" + + accountRpc "code.30cm.net/digimon/proto-all/pkg/member" + notificationRpc "code.30cm.net/digimon/proto-all/pkg/notification" + permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission" +) + +type ServiceContext struct { + Config config.Config + + AuthMiddleware *middleware.AuthMiddleware + AccountRpc accountRpc.AccountClient + TokenRpc permissionRpc.TokenServiceClient + NotificationRpc notificationRpc.SenderServiceClient + Redis redis.Redis +} + +func NewServiceContext(c config.Config) *ServiceContext { + ers.Scope = code.CloudEPPortalGW + + newRedis, err := redis.NewRedis(c.RedisCluster, redis.Cluster()) + if err != nil { + panic(err) + } + + tc := permissionRpc.NewTokenServiceClient(zrpc.MustNewClient(c.PermissionRpc).Conn()) + return &ServiceContext{ + Config: c, + AuthMiddleware: middleware.NewAuthMiddleware(middleware.AuthMiddlewareParam{ + TokenSec: c.Token.Secret, + TokenClient: tc, + }), + AccountRpc: accountRpc.NewAccountClient(zrpc.MustNewClient(c.AccountRpc).Conn()), + TokenRpc: tc, + NotificationRpc: notificationRpc.NewSenderServiceClient(zrpc.MustNewClient(c.NotificationRpc).Conn()), + Redis: *newRedis, + } +} diff --git a/internal/types/types.go b/internal/types/types.go new file mode 100644 index 0000000..b107c37 --- /dev/null +++ b/internal/types/types.go @@ -0,0 +1,110 @@ +// Code generated by goctl. DO NOT EDIT. +package types + +type Status struct { + Code int64 `json:"code"` // 狀態碼 + Message string `json:"message"` // 訊息 + Data interface{} `json:"data,omitempty"` // 可選的數據,當有返回時才出現 + Error interface{} `json:"error,omitempty"` // 可選的錯誤信息 +} + +type BaseResponse struct { + Status Status `json:"status"` // 狀態 +} + +type MemberLoginHeader struct { + DeviceID string `header:"device_id"` + IpAddress string `header:"ip_address"` + Brewser string `header:"brewser"` +} + +type CreateAccountRequest struct { + Account string `json:"account" validate:"required, account"` // 帳號名稱 + Token string `json:"token"` // 密碼或平台token,密碼請 sha256 轉碼 + TokenCheck string `json:"token_check"` // 密碼或平台token,密碼請 sha256 轉碼 + Platform string `json:"platform" validate:"oneof=digimon google twitter"` // 平台名稱 digimon, google, twitter + AccountType int64 `json:"account_type" validate:"oneof=1 2 3"` // 帳號類型 1 手機 2 信箱 3 自定義帳號 + MemberLoginHeader +} + +type CreateAccountItem struct { + UID string `json:"uid"` // 使用者UID + AccessToken string `json:"access_token"` // 訪問令牌 預設 5 分鐘過期 + RefreshToken string `json:"refresh_token"` // 刷新令牌 (預設一天過期,只能用一次),當呼叫更新token api 時,會自動把舊的失效,變成新的 refresh_token ,前端要記得過其實協助刷新,刷新不過表示全失效了(重新登入) + TokenType string `json:"token_type"` // Bearer +} + +type CreateAccountResp struct { + Status Status `json:"status"` // 狀態 + Data CreateAccountItem `json:"data"` +} + +type LoginResp struct { + Status Status `json:"status"` // 狀態 + Data LoginItem `json:"data"` +} + +type LoginItem struct { + UID string `json:"uid"` // Account + AccessToken string `json:"access_token"` // 訪問令牌 預設 5 分鐘過期 + RefreshToken string `json:"refresh_token"` // 刷新令牌 (預設一天過期,只能用一次),當呼叫更新token api 時,會自動把舊的失效,變成新的 refresh_token ,前端要記得過其實協助刷新,刷新不過表示全失效了(重新登入) + TokenType string `json:"token_type"` // Bearer +} + +type LoginReq struct { + Account string `json:"account" validate:"required, account"` // 帳號名稱 + Token string `json:"token"` // 密碼或平台token,密碼請 sha256 轉碼 + Platform string `json:"platform" validate:"oneof=digimon google twitter"` // 平台名稱 digimon, google, twitter + AccountType int64 `json:"account_type" validate:"oneof=1 2 3"` // 帳號類型 1 手機 2 信箱 3 自定義帳號 + MemberLoginHeader +} + +type ForgetPasswordCodeReq struct { + Account string `json:"account" validate:"required, account"` // 帳號名稱 + AccountType int32 `json:"account_type" validate:"oneof=1 2 3"` // 帳號類型 1 手機 2 信箱 3 自定義帳號 +} + +type CheckoutVerifyReq struct { + Account string `form:"account"m:"account" validate:"required, account"` // 帳號名稱 + VerifyCode string `form:"verify_code" validate:"required,len=6"` // 驗證碼,長度為6 +} + +type UpdatePasswordReq struct { + Account string `json:"account" validate:"required, account"` // 帳號名稱 + VerifyCode string `json:"verify_code" validate:"required,len=6"` // 驗證碼,長度為6 + Token string `json:"token" validate:"required"` // 密碼或平台token,密碼請 sha256 轉碼 + TokenCheck string `json:"token_check" validate:"required"` // 密碼或平台token,密碼請 sha256 轉碼 +} + +type UpdateTokenReq struct { + UID string `json:"uid" validate:"required"` // uid + Token string `json:"token" validate:"required"` // refresh token + MemberLoginHeader +} + +type Header struct { + Uid string `header:"uid"` + Token string `header:"token"` +} + +type GetMemberHeader struct { + Token string `header:"token"` +} + +type UserInfoResp struct { + Status Status `json:"status"` // 狀態 + Data UserInfo `json:"data"` +} + +type UserInfo struct { + UID string `json:"uid"` + VerifyType string `json:"verify_type"` + AlarmType string `json:"alarm_type"` + Status string `json:"status"` + Language string `json:"language"` + Currency string `json:"currency"` + Avatar string `json:"avatar"` + CreateTime string `json:"curreate_time"` + UpdateTime string `json:"update_time"` + NickName *string `json:"nick_name,omitempty"` +}