Makefile

@@ -0,0 +1,19 @@
+#goctl api plugin -plugin goctl-swagger="swagger -filename gateway.json -host dev-api.30cm.net" -api ./generate/api/gateway.api -dir .
+#goctl api go -api ./generate/api/gateway.api -dir . -style go_zero
+
+GOFMT ?= gofmt
+GOFILES := $(shell find . -name "*.go")
+
+.PHONY: fmt
+fmt: # 格式優化
+	$(GOFMT) -s -w $(GOFILES)
+	goimports -w  ./
+
+
+.PHONY: gen-doc
+gen-doc: # 格式優化
+	goctl api plugin -plugin goctl-swagger="swagger -filename gateway.json -host dev-api.30cm.net" -api ./generate/api/gateway.api -dir .
+
+.PHONY: gen-api
+gen-api: # 格式優化
+	goctl api go -api ./generate/api/gateway.api -dir . -style go_zero

etc/gateway.yaml

@@ -0,0 +1,27 @@
+Name: gateway
+Host: 0.0.0.0
+Port: 8888
+AccountRpc:
+  Etcd:
+    Hosts:
+      - 127.0.0.1:2379
+    Key: member.rpc
+NotificationRpc:
+  Etcd:
+    Hosts:
+      - 127.0.0.1:2379
+    Key: notification.rpc
+PermissionRpc:
+  Etcd:
+    Hosts:
+      - 127.0.0.1:2379
+    Key: permission.rpc
+Token:
+  Secret: kupiHowBonBon
+  Expired: 300s
+
+RedisCluster:
+  Host: 127.0.0.1:7001
+  Type: cluster
+
+MailSender: <Kupi Service> noreply@code.30cm.net

gateway.go

@@ -0,0 +1,29 @@
+package main
+
+import (
+	"app-cloudep-portal-api-gateway/internal/config"
+	"app-cloudep-portal-api-gateway/internal/handler"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"flag"
+	"fmt"
+
+	"github.com/zeromicro/go-zero/core/conf"
+	"github.com/zeromicro/go-zero/rest"
+)
+
+var configFile = flag.String("f", "etc/gateway.yaml", "the config file")
+
+func main() {
+	flag.Parse()
+
+	var c config.Config
+	conf.MustLoad(*configFile, &c)
+
+	server := rest.MustNewServer(c.RestConf)
+	defer server.Stop()
+
+	ctx := svc.NewServiceContext(c)
+	handler.RegisterHandlers(server, ctx)
+	fmt.Printf("Starting server at %s:%d...\n", c.Host, c.Port)
+	server.Start()
+}

gateway.json

@@ -0,0 +1,814 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "",
+    "version": ""
+  },
+  "host": "dev-api.30cm.net",
+  "schemes": [
+    "http",
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "paths": {
+    "/api/v1/member": {
+      "post": {
+        "summary": "創建新會員",
+        "description": "創建一個全新的帳號",
+        "operationId": "createAccount",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/CreateAccountResp"
+            }
+          },
+          "400": {
+            "description": "輸入的參數錯誤",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "500": {
+            "description": "伺服器出錯",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "device_id",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "ip_address",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "brewser",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/CreateAccountRequest"
+            }
+          }
+        ],
+        "tags": [
+          "gateway/member"
+        ]
+      }
+    },
+    "/api/v1/member/check-verify-code": {
+      "get": {
+        "summary": "確認驗證碼是否有效",
+        "description": "確認驗證碼是否有效",
+        "operationId": "CheckVerifyCode",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "400": {
+            "description": "輸入的參數錯誤",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "403": {
+            "description": "無效的驗證碼",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "500": {
+            "description": "伺服器出錯",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "account",
+            "description": "帳號名稱",
+            "in": "query",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "verify_code",
+            "description": "驗證碼，長度為6",
+            "in": "query",
+            "required": true,
+            "type": "string"
+          }
+        ],
+        "tags": [
+          "gateway/member"
+        ]
+      }
+    },
+    "/api/v1/member/forget-password-code": {
+      "post": {
+        "summary": "發送忘記密碼驗證",
+        "description": "發送忘記密碼驗證(三分鐘內只能發一次信)",
+        "operationId": "ForgetPasswordCode",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "400": {
+            "description": "輸入的參數錯誤",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "500": {
+            "description": "伺服器出錯",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/ForgetPasswordCodeReq"
+            }
+          }
+        ],
+        "tags": [
+          "gateway/member"
+        ]
+      }
+    },
+    "/api/v1/member/info": {
+      "get": {
+        "summary": "取得會員資訊",
+        "operationId": "Info",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/UserInfoResp"
+            }
+          },
+          "400": {
+            "description": "輸入的參數錯誤",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "403": {
+            "description": "無效的Token",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "500": {
+            "description": "伺服器出錯",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "token",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          }
+        ],
+        "tags": [
+          "gateway/member"
+        ]
+      }
+    },
+    "/api/v1/member/login": {
+      "post": {
+        "summary": "登入",
+        "description": "會員登入",
+        "operationId": "Login",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/LoginResp"
+            }
+          },
+          "400": {
+            "description": "輸入的參數錯誤",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "500": {
+            "description": "伺服器出錯",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "device_id",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "ip_address",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "brewser",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/LoginReq"
+            }
+          }
+        ],
+        "tags": [
+          "gateway/member"
+        ]
+      }
+    },
+    "/api/v1/member/logout": {
+      "get": {
+        "summary": "會員登出",
+        "operationId": "Logout",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "400": {
+            "description": "輸入的參數錯誤",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "403": {
+            "description": "無效的Token",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "500": {
+            "description": "伺服器出錯",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "token",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          }
+        ],
+        "tags": [
+          "gateway/member"
+        ]
+      }
+    },
+    "/api/v1/member/refresh_access_token": {
+      "put": {
+        "summary": "更新Token",
+        "description": "用 RefreshToken 換取 AccessToken",
+        "operationId": "RefreshAccessToken",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/LoginResp"
+            }
+          },
+          "400": {
+            "description": "輸入的參數錯誤",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "403": {
+            "description": "無效的驗證碼",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "500": {
+            "description": "伺服器出錯",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "device_id",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "ip_address",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "brewser",
+            "in": "header",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/UpdateTokenReq"
+            }
+          }
+        ],
+        "tags": [
+          "gateway/member"
+        ]
+      }
+    },
+    "/api/v1/member/update-password": {
+      "put": {
+        "summary": "更新密碼",
+        "description": "更新密碼",
+        "operationId": "UpadtePassword",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "400": {
+            "description": "輸入的參數錯誤",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "403": {
+            "description": "無效的驗證碼",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          },
+          "500": {
+            "description": "伺服器出錯",
+            "schema": {
+              "$ref": "#/definitions/BaseResponse"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/UpdatePasswordReq"
+            }
+          }
+        ],
+        "tags": [
+          "gateway/member"
+        ]
+      }
+    }
+  },
+  "definitions": {
+    "BaseResponse": {
+      "type": "object",
+      "properties": {
+        "status": {
+          "$ref": "#/definitions/Status",
+          "description": "狀態"
+        }
+      },
+      "title": "BaseResponse",
+      "required": [
+        "status"
+      ]
+    },
+    "CheckoutVerifyReq": {
+      "type": "object",
+      "properties": {
+        "account": {
+          "type": "string",
+          "description": "帳號名稱"
+        },
+        "verify_code": {
+          "type": "string",
+          "description": "驗證碼，長度為6"
+        }
+      },
+      "title": "CheckoutVerifyReq",
+      "required": [
+        "account",
+        "verify_code"
+      ]
+    },
+    "CreateAccountItem": {
+      "type": "object",
+      "properties": {
+        "uid": {
+          "type": "string",
+          "description": "使用者UID"
+        },
+        "access_token": {
+          "type": "string",
+          "description": "訪問令牌 預設 5 分鐘過期"
+        },
+        "refresh_token": {
+          "type": "string",
+          "description": "刷新令牌 (預設一天過期，只能用一次)，當呼叫更新token api 時，會自動把舊的失效，變成新的 refresh_token ，前端要記得過其實協助刷新，刷新不過表示全失效了（重新登入）"
+        },
+        "token_type": {
+          "type": "string",
+          "description": "Bearer"
+        }
+      },
+      "title": "CreateAccountItem",
+      "required": [
+        "uid",
+        "access_token",
+        "refresh_token",
+        "token_type"
+      ]
+    },
+    "CreateAccountRequest": {
+      "type": "object",
+      "properties": {
+        "account": {
+          "type": "string",
+          "description": "帳號名稱"
+        },
+        "token": {
+          "type": "string",
+          "description": "密碼或平台token，密碼請 sha256 轉碼"
+        },
+        "token_check": {
+          "type": "string",
+          "description": "密碼或平台token，密碼請 sha256 轉碼"
+        },
+        "platform": {
+          "type": "string",
+          "enum": [
+            "digimon",
+            "google",
+            "twitter"
+          ],
+          "description": "平台名稱 digimon, google, twitter"
+        },
+        "account_type": {
+          "type": "integer",
+          "format": "int64",
+          "enum": [
+            "1",
+            "2",
+            "3"
+          ],
+          "description": "帳號類型 1 手機 2 信箱 3 自定義帳號"
+        }
+      },
+      "title": "CreateAccountRequest",
+      "required": [
+        "account",
+        "token",
+        "token_check",
+        "platform",
+        "account_type"
+      ]
+    },
+    "CreateAccountResp": {
+      "type": "object",
+      "properties": {
+        "status": {
+          "$ref": "#/definitions/Status",
+          "description": "狀態"
+        },
+        "data": {
+          "$ref": "#/definitions/CreateAccountItem"
+        }
+      },
+      "title": "CreateAccountResp",
+      "required": [
+        "status",
+        "data"
+      ]
+    },
+    "ForgetPasswordCodeReq": {
+      "type": "object",
+      "properties": {
+        "account": {
+          "type": "string",
+          "description": "帳號名稱"
+        },
+        "account_type": {
+          "type": "integer",
+          "format": "int32",
+          "enum": [
+            "1",
+            "2",
+            "3"
+          ],
+          "description": "帳號類型 1 手機 2 信箱 3 自定義帳號"
+        }
+      },
+      "title": "ForgetPasswordCodeReq",
+      "required": [
+        "account",
+        "account_type"
+      ]
+    },
+    "GetMemberHeader": {
+      "type": "object",
+      "properties": {},
+      "title": "GetMemberHeader"
+    },
+    "Header": {
+      "type": "object",
+      "properties": {},
+      "title": "Header"
+    },
+    "LoginItem": {
+      "type": "object",
+      "properties": {
+        "uid": {
+          "type": "string",
+          "description": "Account"
+        },
+        "access_token": {
+          "type": "string",
+          "description": "訪問令牌 預設 5 分鐘過期"
+        },
+        "refresh_token": {
+          "type": "string",
+          "description": "刷新令牌 (預設一天過期，只能用一次)，當呼叫更新token api 時，會自動把舊的失效，變成新的 refresh_token ，前端要記得過其實協助刷新，刷新不過表示全失效了（重新登入）"
+        },
+        "token_type": {
+          "type": "string",
+          "description": "Bearer"
+        }
+      },
+      "title": "LoginItem",
+      "required": [
+        "uid",
+        "access_token",
+        "refresh_token",
+        "token_type"
+      ]
+    },
+    "LoginReq": {
+      "type": "object",
+      "properties": {
+        "account": {
+          "type": "string",
+          "description": "帳號名稱"
+        },
+        "token": {
+          "type": "string",
+          "description": "密碼或平台token，密碼請 sha256 轉碼"
+        },
+        "platform": {
+          "type": "string",
+          "enum": [
+            "digimon",
+            "google",
+            "twitter"
+          ],
+          "description": "平台名稱 digimon, google, twitter"
+        },
+        "account_type": {
+          "type": "integer",
+          "format": "int64",
+          "enum": [
+            "1",
+            "2",
+            "3"
+          ],
+          "description": "帳號類型 1 手機 2 信箱 3 自定義帳號"
+        }
+      },
+      "title": "LoginReq",
+      "required": [
+        "account",
+        "token",
+        "platform",
+        "account_type"
+      ]
+    },
+    "LoginResp": {
+      "type": "object",
+      "properties": {
+        "status": {
+          "$ref": "#/definitions/Status",
+          "description": "狀態"
+        },
+        "data": {
+          "$ref": "#/definitions/LoginItem"
+        }
+      },
+      "title": "LoginResp",
+      "required": [
+        "status",
+        "data"
+      ]
+    },
+    "MemberLoginHeader": {
+      "type": "object",
+      "properties": {},
+      "title": "MemberLoginHeader"
+    },
+    "Status": {
+      "type": "object",
+      "properties": {
+        "code": {
+          "type": "integer",
+          "format": "int64",
+          "description": "狀態碼"
+        },
+        "message": {
+          "type": "string",
+          "description": "訊息"
+        },
+        "data": {
+          "type": "object",
+          "description": "可選的數據，當有返回時才出現"
+        },
+        "error": {
+          "type": "object",
+          "description": "可選的錯誤信息"
+        }
+      },
+      "title": "Status",
+      "required": [
+        "code",
+        "message"
+      ]
+    },
+    "UpdatePasswordReq": {
+      "type": "object",
+      "properties": {
+        "account": {
+          "type": "string",
+          "description": "帳號名稱"
+        },
+        "verify_code": {
+          "type": "string",
+          "description": "驗證碼，長度為6"
+        },
+        "token": {
+          "type": "string",
+          "description": "密碼或平台token，密碼請 sha256 轉碼"
+        },
+        "token_check": {
+          "type": "string",
+          "description": "密碼或平台token，密碼請 sha256 轉碼"
+        }
+      },
+      "title": "UpdatePasswordReq",
+      "required": [
+        "account",
+        "verify_code",
+        "token",
+        "token_check"
+      ]
+    },
+    "UpdateTokenReq": {
+      "type": "object",
+      "properties": {
+        "uid": {
+          "type": "string",
+          "description": "uid"
+        },
+        "token": {
+          "type": "string",
+          "description": "refresh token"
+        }
+      },
+      "title": "UpdateTokenReq",
+      "required": [
+        "uid",
+        "token"
+      ]
+    },
+    "UserInfo": {
+      "type": "object",
+      "properties": {
+        "uid": {
+          "type": "string"
+        },
+        "verify_type": {
+          "type": "string"
+        },
+        "alarm_type": {
+          "type": "string"
+        },
+        "status": {
+          "type": "string"
+        },
+        "language": {
+          "type": "string"
+        },
+        "currency": {
+          "type": "string"
+        },
+        "avatar": {
+          "type": "string"
+        },
+        "curreate_time": {
+          "type": "string"
+        },
+        "update_time": {
+          "type": "string"
+        },
+        "nick_name": {
+          "type": "string"
+        }
+      },
+      "title": "UserInfo",
+      "required": [
+        "uid",
+        "verify_type",
+        "alarm_type",
+        "status",
+        "language",
+        "currency",
+        "avatar",
+        "curreate_time",
+        "update_time"
+      ]
+    },
+    "UserInfoResp": {
+      "type": "object",
+      "properties": {
+        "status": {
+          "$ref": "#/definitions/Status",
+          "description": "狀態"
+        },
+        "data": {
+          "$ref": "#/definitions/UserInfo"
+        }
+      },
+      "title": "UserInfoResp",
+      "required": [
+        "status",
+        "data"
+      ]
+    }
+  },
+  "securityDefinitions": {
+    "apiKey": {
+      "type": "apiKey",
+      "description": "Enter JWT Bearer token **_only_**",
+      "name": "Authorization",
+      "in": "header"
+    }
+  }
+}

generate/api/gateway.api

@@ -0,0 +1 @@
+import "member.api"

generate/api/member.api

@@ -0,0 +1,218 @@
+syntax = "v1"
+
+info(
+	title: "Portal-Api-Gateway (PGW)"
+	desc: "digimon web portal api gateway"
+	author: "daniel Wang"
+	email: "igs170911@gmail.com"
+	version: "0.0.1"
+)
+
+type Status {
+	Code    int64       `json:"code"`            // 狀態碼
+	Message string      `json:"message"`         // 訊息
+	Data    interface{} `json:"data,omitempty"`  // 可選的數據，當有返回時才出現
+	Error   interface{} `json:"error,omitempty"` // 可選的錯誤信息
+}
+
+type BaseResponse {
+	Status Status            `json:"status"` // 狀態
+}
+
+// -------------------------------------------
+
+type MemberLoginHeader {
+	DeviceID    string `header:"device_id"`
+	IpAddress	string `header:"ip_address"`
+	Brewser     string  `header:"brewser"`
+}
+
+type CreateAccountRequest {
+	Account     string `json:"account" validate:"required, account"` // 帳號名稱
+	Token       string `json:"token"`        	// 密碼或平台token，密碼請 sha256 轉碼
+	TokenCheck  string `json:"token_check"`     // 密碼或平台token，密碼請 sha256 轉碼
+	Platform    string `json:"platform" validate:"oneof=digimon google twitter"`     // 平台名稱 digimon, google, twitter
+	AccountType int64 `json:"account_type" validate:"oneof=1 2 3"`// 帳號類型 1 手機 2 信箱 3 自定義帳號
+	MemberLoginHeader
+}
+
+// CreateAccountItem 建立帳號也幫忙登入
+type CreateAccountItem {
+	UID string `json:"uid"` // 使用者UID
+	AccessToken 	string  `json:"access_token"`  // 訪問令牌 預設 5 分鐘過期
+	RefreshToken   	string 	`json:"refresh_token"` // 刷新令牌 (預設一天過期，只能用一次)，當呼叫更新token api 時，會自動把舊的失效，變成新的 refresh_token ，前端要記得過其實協助刷新，刷新不過表示全失效了（重新登入）
+	TokenType 		string  `json:"token_type"`	   // Bearer
+}
+
+type CreateAccountResp {
+	Status Status            `json:"status"` // 狀態
+	Data   CreateAccountItem `json:"data"`
+}
+// -------------------------------------------
+
+type LoginResp {
+	Status Status           `json:"status"` // 狀態
+	Data   LoginItem 		`json:"data"`
+}
+
+type LoginItem {
+	UID string `json:"uid"` //  Account
+	AccessToken 	string  `json:"access_token"`  // 訪問令牌 預設 5 分鐘過期
+	RefreshToken   	string 	`json:"refresh_token"` // 刷新令牌 (預設一天過期，只能用一次)，當呼叫更新token api 時，會自動把舊的失效，變成新的 refresh_token ，前端要記得過其實協助刷新，刷新不過表示全失效了（重新登入）
+	TokenType 		string  `json:"token_type"`	   // Bearer
+}
+
+type LoginReq {
+	Account     string `json:"account" validate:"required, account"`     			// 帳號名稱
+	Token       string `json:"token"`        										// 密碼或平台token，密碼請 sha256 轉碼
+	Platform    string `json:"platform" validate:"oneof=digimon google twitter"`    // 平台名稱 digimon, google, twitter
+	AccountType int64 `json:"account_type" validate:"oneof=1 2 3"`					// 帳號類型 1 手機 2 信箱 3 自定義帳號
+	MemberLoginHeader
+}
+// -------------------------------------------
+
+type ForgetPasswordCodeReq {
+	Account     string `json:"account" validate:"required, account"`     			// 帳號名稱
+	AccountType int32 `json:"account_type" validate:"oneof=1 2 3"`					// 帳號類型 1 手機 2 信箱 3 自定義帳號
+}
+// -------------------------------------------
+
+type CheckoutVerifyReq {
+	Account     string `form:"account"m:"account" validate:"required, account"`     			// 帳號名稱
+	VerifyCode  string `form:"verify_code" validate:"required,len=6"`     			// 驗證碼，長度為6
+}
+// -------------------------------------------
+type UpdatePasswordReq {
+	Account     string `json:"account" validate:"required, account"`     			// 帳號名稱
+	VerifyCode  string `json:"verify_code" validate:"required,len=6"`     			// 驗證碼，長度為6
+	Token       string `json:"token" validate:"required"`        	// 密碼或平台token，密碼請 sha256 轉碼
+	TokenCheck  string `json:"token_check" validate:"required"`     // 密碼或平台token，密碼請 sha256 轉碼
+}
+// -------------------------------------------
+type UpdateTokenReq {
+	UID     string `json:"uid" validate:"required"`    // uid
+	Token       string `json:"token" validate:"required"`        		// refresh token
+	MemberLoginHeader
+}
+
+@server(
+	group:  member
+	prefix: /api/v1
+	schemes: https
+	timeout: 3s
+)
+service gateway {
+	/*	@respdoc-400 (BaseResponse) // 輸入的參數錯誤 */
+	/*  @respdoc-500 (BaseResponse) // 伺服器出錯 */
+	@doc(
+		summary:"創建新會員"
+		description: "創建一個全新的帳號"
+	)
+	@handler createAccount
+	post /member (CreateAccountRequest) returns (CreateAccountResp)
+
+	/*	@respdoc-400 (BaseResponse) // 輸入的參數錯誤 */
+	/*  @respdoc-500 (BaseResponse) // 伺服器出錯 */
+		@doc(
+			summary:"登入"
+			description: "會員登入"
+		)
+	@handler Login
+	post /member/login (LoginReq) returns (LoginResp)
+
+	/*	@respdoc-400 (BaseResponse) // 輸入的參數錯誤 */
+	/*  @respdoc-500 (BaseResponse) // 伺服器出錯 */
+	@doc(
+		summary:"發送忘記密碼驗證"
+		description: "發送忘記密碼驗證(三分鐘內只能發一次信)"
+	)
+	@handler ForgetPasswordCode
+	post /member/forget-password-code (ForgetPasswordCodeReq) returns (BaseResponse)
+
+	/*	@respdoc-400 (BaseResponse) // 輸入的參數錯誤 */
+	/*	@respdoc-403 (BaseResponse) // 無效的驗證碼 */
+	/*  @respdoc-500 (BaseResponse) // 伺服器出錯 */
+	@doc(
+		summary:"確認驗證碼是否有效"
+		description: "確認驗證碼是否有效"
+	)
+	@handler CheckVerifyCode
+	get /member/check-verify-code (CheckoutVerifyReq) returns (BaseResponse)
+
+	/*	@respdoc-400 (BaseResponse) // 輸入的參數錯誤 */
+	/*	@respdoc-403 (BaseResponse) // 無效的驗證碼 */
+	/*  @respdoc-500 (BaseResponse) // 伺服器出錯 */
+	@doc(
+		summary:"更新密碼"
+		description: "更新密碼"
+	)
+	@handler UpadtePassword
+	put /member/update-password (UpdatePasswordReq) returns (BaseResponse)
+
+	/*	@respdoc-400 (BaseResponse) // 輸入的參數錯誤 */
+	/*	@respdoc-403 (BaseResponse) // 無效的驗證碼 */
+	/*  @respdoc-500 (BaseResponse) // 伺服器出錯 */
+	@doc(
+		summary:"更新Token"
+		description: "用 RefreshToken 換取 AccessToken"
+	)
+	@handler RefreshAccessToken
+	put /member/refresh_access_token (UpdateTokenReq) returns (LoginResp)
+
+}
+
+type Header {
+	Uid 	string `header:"uid"`
+	Token 	string `header:"token"`
+}
+
+type GetMemberHeader {
+	Token 	string `header:"token"`
+}
+
+type UserInfoResp {
+	Status Status           `json:"status"` // 狀態
+	Data   UserInfo 		`json:"data"`
+}
+
+type UserInfo {
+	UID string `json:"uid"`
+	VerifyType string `json:"verify_type"`
+	AlarmType string `json:"alarm_type"`
+	Status string `json:"status"`
+	Language   string `json:"language"`
+	Currency   string `json:"currency"`
+	Avatar     string `json:"avatar"`
+	CreateTime string `json:"curreate_time"`
+	UpdateTime string `json:"update_time"`
+	NickName *string `json:"nick_name,omitempty"`
+}
+
+
+@server(
+	group:  member
+	prefix: /api/v1
+	schemes: https
+	timeout: 3s
+	middleware: AuthMiddleware
+)
+
+service gateway {
+	/*	@respdoc-400 (BaseResponse) // 輸入的參數錯誤 */
+	/*	@respdoc-403 (BaseResponse) // 無效的Token */
+	/*  @respdoc-500 (BaseResponse) // 伺服器出錯 */
+	@doc(
+		summary: "會員登出"
+	)
+	@handler Logout
+	get /member/logout (GetMemberHeader) returns (BaseResponse)
+
+	/*	@respdoc-400 (BaseResponse) // 輸入的參數錯誤 */
+	/*	@respdoc-403 (BaseResponse) // 無效的Token */
+	/*  @respdoc-500 (BaseResponse) // 伺服器出錯 */
+	@doc(
+		summary: "取得會員資訊"
+	)
+	@handler Info
+	get /member/info (GetMemberHeader) returns (UserInfoResp)
+}

go.mod

@@ -0,0 +1,111 @@
+module app-cloudep-portal-api-gateway
+
+go 1.22.3
+
+require (
+	code.30cm.net/digimon/library-go/errors v1.0.1
+	code.30cm.net/digimon/library-go/jwt v1.0.0
+	code.30cm.net/digimon/proto-all v0.0.0-20240826070029-4a87e93fd2cf
+	github.com/gogo/protobuf v1.3.2
+	github.com/matcornic/hermes/v2 v2.1.0
+	github.com/zeromicro/go-zero v1.7.0
+)
+
+require (
+	github.com/Masterminds/semver v1.4.2 // indirect
+	github.com/Masterminds/sprig v2.16.0+incompatible // indirect
+	github.com/PuerkitoBio/goquery v1.5.0 // indirect
+	github.com/andybalholm/cascadia v1.0.0 // indirect
+	github.com/aokoli/goutils v1.0.1 // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/coreos/go-semver v0.3.1 // indirect
+	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
+	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
+	github.com/fatih/color v1.17.0 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-openapi/jsonpointer v0.19.6 // indirect
+	github.com/go-openapi/jsonreference v0.20.2 // indirect
+	github.com/go-openapi/swag v0.22.4 // indirect
+	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
+	github.com/golang/mock v1.6.0 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/gnostic-models v0.6.8 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/gorilla/css v1.0.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect
+	github.com/huandu/xstrings v1.2.0 // indirect
+	github.com/imdario/mergo v0.3.6 // indirect
+	github.com/jaytaylor/html2text v0.0.0-20180606194806-57d518f124b0 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-runewidth v0.0.15 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/olekukonko/tablewriter v0.0.5 // indirect
+	github.com/openzipkin/zipkin-go v0.4.3 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
+	github.com/prometheus/client_golang v1.19.1 // indirect
+	github.com/prometheus/client_model v0.5.0 // indirect
+	github.com/prometheus/common v0.48.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
+	github.com/redis/go-redis/v9 v9.6.1 // indirect
+	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/russross/blackfriday/v2 v2.0.1 // indirect
+	github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
+	github.com/spaolacci/murmur3 v1.1.0 // indirect
+	github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf // indirect
+	github.com/vanng822/css v0.0.0-20190504095207-a21e860bcd04 // indirect
+	github.com/vanng822/go-premailer v0.0.0-20191214114701-be27abe028fe // indirect
+	go.etcd.io/etcd/api/v3 v3.5.15 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.15 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.15 // indirect
+	go.opentelemetry.io/otel v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/jaeger v1.17.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/zipkin v1.24.0 // indirect
+	go.opentelemetry.io/otel/metric v1.24.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.24.0 // indirect
+	go.opentelemetry.io/otel/trace v1.24.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
+	go.uber.org/atomic v1.10.0 // indirect
+	go.uber.org/automaxprocs v1.5.3 // indirect
+	go.uber.org/multierr v1.9.0 // indirect
+	go.uber.org/zap v1.24.0 // indirect
+	golang.org/x/crypto v0.25.0 // indirect
+	golang.org/x/net v0.27.0 // indirect
+	golang.org/x/oauth2 v0.20.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/term v0.22.0 // indirect
+	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240711142825-46eb208f015d // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect
+	google.golang.org/grpc v1.65.0 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/api v0.29.3 // indirect
+	k8s.io/apimachinery v0.29.4 // indirect
+	k8s.io/client-go v0.29.3 // indirect
+	k8s.io/klog/v2 v2.110.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
+	k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	sigs.k8s.io/yaml v1.3.0 // indirect
+)

internal/config/config.go

@@ -0,0 +1,24 @@
+package config
+
+import (
+	"time"
+
+	"github.com/zeromicro/go-zero/core/stores/redis"
+	"github.com/zeromicro/go-zero/rest"
+	"github.com/zeromicro/go-zero/zrpc"
+)
+
+type Config struct {
+	rest.RestConf
+	Token struct {
+		Secret  string
+		Expired time.Duration
+	}
+	// Redis Cluster
+	RedisCluster redis.RedisConf
+
+	AccountRpc      zrpc.RpcClientConf
+	PermissionRpc   zrpc.RpcClientConf
+	NotificationRpc zrpc.RpcClientConf
+	MailSender      string
+}

internal/domain/const.go

@@ -0,0 +1,22 @@
+package domain
+
+const (
+	DefaultCurrency  = "NTD"
+	DefaultLanguage  = "zh-tw"
+	DefaultGrantType = "client_credentials"
+	DefaultScope     = "gateway"
+)
+
+type GrantType string
+
+func (g GrantType) ToString() string {
+	return string(g)
+}
+
+const (
+	GrantTypeClientCredentials GrantType = "client_credentials"
+)
+
+const (
+	SendVerifyCodeTypeForgetPassword = 3
+)

internal/domain/payload.go

@@ -0,0 +1,14 @@
+package domain
+
+type ContextKey string
+
+func (c ContextKey) ToString() string {
+	return string(c)
+}
+
+const (
+	RoleCode     ContextKey = "role"
+	DeviceIDCode ContextKey = "device_id"
+	ScopeCode    ContextKey = "scope"
+	UidCode      ContextKey = "uid"
+)

internal/domain/platform.go

@@ -0,0 +1,31 @@
+package domain
+
+type Platform int64
+
+func (p Platform) ToInt64() int64 {
+	return int64(p)
+}
+
+const (
+	PlatformNone Platform = -1
+)
+const (
+	PlatformDigimon Platform = iota + 1
+	PlatformGoogle
+	PlatformTwitter
+)
+
+var convPlatformCode = map[string]Platform{
+	"digimon": PlatformDigimon,
+	"google":  PlatformGoogle,
+	"twitter": PlatformTwitter,
+}
+
+func GetPlatformByPlatformCode(code string) Platform {
+	result, ok := convPlatformCode[code]
+	if !ok {
+		return PlatformNone
+	}
+
+	return result
+}

internal/domain/redis.go

@@ -0,0 +1,19 @@
+package domain
+
+import "strings"
+
+type RedisKey string
+
+const (
+	GenerateVerifyCodeRedisKey RedisKey = "rf_code"
+)
+
+func (key RedisKey) ToString() string {
+	return "gateway:" + string(key)
+}
+
+func (key RedisKey) With(s ...string) RedisKey {
+	parts := append([]string{string(key)}, s...)
+
+	return RedisKey(strings.Join(parts, ":"))
+}

internal/domain/status.go

@@ -0,0 +1,6 @@
+package domain
+
+const (
+	SuccessMsg  = "success"
+	SuccessCode = 102000
+)

internal/handler/member/check_verify_code_handler.go

@@ -0,0 +1,38 @@
+package member
+
+import (
+	"net/http"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+
+	"app-cloudep-portal-api-gateway/internal/logic/member"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/rest/httpx"
+)
+
+func CheckVerifyCodeHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		var req types.CheckoutVerifyReq
+		if err := httpx.Parse(r, &req); err != nil {
+			httpx.ErrorCtx(r.Context(), w, err)
+			return
+		}
+
+		l := member.NewCheckVerifyCodeLogic(r.Context(), svcCtx)
+		resp, err := l.CheckVerifyCode(&req)
+		if err != nil {
+			e := ers.FromGRPCError(err)
+			httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{
+				Status: types.Status{
+					Code:    int64(e.FullCode()),
+					Message: e.Error(),
+				},
+			})
+			return
+		} else {
+			httpx.OkJsonCtx(r.Context(), w, resp)
+		}
+	}
+}

internal/handler/member/create_account_handler.go

@@ -0,0 +1,36 @@
+package member
+
+import (
+	"app-cloudep-portal-api-gateway/internal/logic/member"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+	"net/http"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+	"github.com/zeromicro/go-zero/rest/httpx"
+)
+
+func CreateAccountHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		var req types.CreateAccountRequest
+		if err := httpx.Parse(r, &req); err != nil {
+			httpx.ErrorCtx(r.Context(), w, err)
+			return
+		}
+
+		l := member.NewCreateAccountLogic(r.Context(), svcCtx)
+		resp, err := l.CreateAccount(&req)
+		if err != nil {
+			e := ers.FromGRPCError(err)
+			httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{
+				Status: types.Status{
+					Code:    int64(e.FullCode()),
+					Message: e.Error(),
+				},
+			})
+			return
+		} else {
+			httpx.OkJsonCtx(r.Context(), w, resp)
+		}
+	}
+}

internal/handler/member/forget_password_code_handler.go

@@ -0,0 +1,38 @@
+package member
+
+import (
+	"net/http"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+
+	"app-cloudep-portal-api-gateway/internal/logic/member"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/rest/httpx"
+)
+
+func ForgetPasswordCodeHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		var req types.ForgetPasswordCodeReq
+		if err := httpx.Parse(r, &req); err != nil {
+			httpx.ErrorCtx(r.Context(), w, err)
+			return
+		}
+
+		l := member.NewForgetPasswordCodeLogic(r.Context(), svcCtx)
+		resp, err := l.ForgetPasswordCode(&req)
+		if err != nil {
+			e := ers.FromGRPCError(err)
+			httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{
+				Status: types.Status{
+					Code:    int64(e.FullCode()),
+					Message: e.Error(),
+				},
+			})
+			return
+		} else {
+			httpx.OkJsonCtx(r.Context(), w, resp)
+		}
+	}
+}

internal/handler/member/info_handler.go

@@ -0,0 +1,38 @@
+package member
+
+import (
+	"net/http"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+
+	"app-cloudep-portal-api-gateway/internal/logic/member"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/rest/httpx"
+)
+
+func InfoHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		var req types.GetMemberHeader
+		if err := httpx.Parse(r, &req); err != nil {
+			httpx.ErrorCtx(r.Context(), w, err)
+			return
+		}
+
+		l := member.NewInfoLogic(r.Context(), svcCtx)
+		resp, err := l.Info(&req)
+		if err != nil {
+			e := ers.FromGRPCError(err)
+			httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{
+				Status: types.Status{
+					Code:    int64(e.FullCode()),
+					Message: e.Error(),
+				},
+			})
+			return
+		} else {
+			httpx.OkJsonCtx(r.Context(), w, resp)
+		}
+	}
+}

internal/handler/member/login_handler.go

@@ -0,0 +1,38 @@
+package member
+
+import (
+	"net/http"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+
+	"app-cloudep-portal-api-gateway/internal/logic/member"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/rest/httpx"
+)
+
+func LoginHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		var req types.LoginReq
+		if err := httpx.Parse(r, &req); err != nil {
+			httpx.ErrorCtx(r.Context(), w, err)
+			return
+		}
+
+		l := member.NewLoginLogic(r.Context(), svcCtx)
+		resp, err := l.Login(&req)
+		if err != nil {
+			e := ers.FromGRPCError(err)
+			httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{
+				Status: types.Status{
+					Code:    int64(e.FullCode()),
+					Message: e.Error(),
+				},
+			})
+			return
+		} else {
+			httpx.OkJsonCtx(r.Context(), w, resp)
+		}
+	}
+}

internal/handler/member/logout_handler.go

@@ -0,0 +1,38 @@
+package member
+
+import (
+	"net/http"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+
+	"app-cloudep-portal-api-gateway/internal/logic/member"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/rest/httpx"
+)
+
+func LogoutHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		var req types.GetMemberHeader
+		if err := httpx.Parse(r, &req); err != nil {
+			httpx.ErrorCtx(r.Context(), w, err)
+			return
+		}
+
+		l := member.NewLogoutLogic(r.Context(), svcCtx)
+		resp, err := l.Logout(&req)
+		if err != nil {
+			e := ers.FromGRPCError(err)
+			httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{
+				Status: types.Status{
+					Code:    int64(e.FullCode()),
+					Message: e.Error(),
+				},
+			})
+			return
+		} else {
+			httpx.OkJsonCtx(r.Context(), w, resp)
+		}
+	}
+}

internal/handler/member/refresh_access_token_handler.go

@@ -0,0 +1,38 @@
+package member
+
+import (
+	"net/http"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+
+	"app-cloudep-portal-api-gateway/internal/logic/member"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/rest/httpx"
+)
+
+func RefreshAccessTokenHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		var req types.UpdateTokenReq
+		if err := httpx.Parse(r, &req); err != nil {
+			httpx.ErrorCtx(r.Context(), w, err)
+			return
+		}
+
+		l := member.NewRefreshAccessTokenLogic(r.Context(), svcCtx)
+		resp, err := l.RefreshAccessToken(&req)
+		if err != nil {
+			e := ers.FromGRPCError(err)
+			httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{
+				Status: types.Status{
+					Code:    int64(e.FullCode()),
+					Message: e.Error(),
+				},
+			})
+			return
+		} else {
+			httpx.OkJsonCtx(r.Context(), w, resp)
+		}
+	}
+}

internal/handler/member/upadte_password_handler.go

@@ -0,0 +1,38 @@
+package member
+
+import (
+	"net/http"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+
+	"app-cloudep-portal-api-gateway/internal/logic/member"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/rest/httpx"
+)
+
+func UpadtePasswordHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		var req types.UpdatePasswordReq
+		if err := httpx.Parse(r, &req); err != nil {
+			httpx.ErrorCtx(r.Context(), w, err)
+			return
+		}
+
+		l := member.NewUpadtePasswordLogic(r.Context(), svcCtx)
+		resp, err := l.UpadtePassword(&req)
+		if err != nil {
+			e := ers.FromGRPCError(err)
+			httpx.WriteJsonCtx(r.Context(), w, e.HTTPStatus(), types.BaseResponse{
+				Status: types.Status{
+					Code:    int64(e.FullCode()),
+					Message: e.Error(),
+				},
+			})
+			return
+		} else {
+			httpx.OkJsonCtx(r.Context(), w, resp)
+		}
+	}
+}

internal/handler/routes.go

@@ -0,0 +1,71 @@
+// Code generated by goctl. DO NOT EDIT.
+package handler
+
+import (
+	"net/http"
+	"time"
+
+	member "app-cloudep-portal-api-gateway/internal/handler/member"
+	"app-cloudep-portal-api-gateway/internal/svc"
+
+	"github.com/zeromicro/go-zero/rest"
+)
+
+func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) {
+	server.AddRoutes(
+		[]rest.Route{
+			{
+				Method:  http.MethodPost,
+				Path:    "/member",
+				Handler: member.CreateAccountHandler(serverCtx),
+			},
+			{
+				Method:  http.MethodPost,
+				Path:    "/member/login",
+				Handler: member.LoginHandler(serverCtx),
+			},
+			{
+				Method:  http.MethodPost,
+				Path:    "/member/forget-password-code",
+				Handler: member.ForgetPasswordCodeHandler(serverCtx),
+			},
+			{
+				Method:  http.MethodGet,
+				Path:    "/member/check-verify-code",
+				Handler: member.CheckVerifyCodeHandler(serverCtx),
+			},
+			{
+				Method:  http.MethodPut,
+				Path:    "/member/update-password",
+				Handler: member.UpadtePasswordHandler(serverCtx),
+			},
+			{
+				Method:  http.MethodPut,
+				Path:    "/member/refresh_access_token",
+				Handler: member.RefreshAccessTokenHandler(serverCtx),
+			},
+		},
+		rest.WithPrefix("/api/v1"),
+		rest.WithTimeout(3000*time.Millisecond),
+	)
+
+	server.AddRoutes(
+		rest.WithMiddlewares(
+			[]rest.Middleware{serverCtx.AuthMiddleware.Handle},
+			[]rest.Route{
+				{
+					Method:  http.MethodGet,
+					Path:    "/member/logout",
+					Handler: member.LogoutHandler(serverCtx),
+				},
+				{
+					Method:  http.MethodGet,
+					Path:    "/member/info",
+					Handler: member.InfoHandler(serverCtx),
+				},
+			}...,
+		),
+		rest.WithPrefix("/api/v1"),
+		rest.WithTimeout(3000*time.Millisecond),
+	)
+}

internal/logic/member/check_verify_code_logic.go

@@ -0,0 +1,50 @@
+package member
+
+import (
+	"app-cloudep-portal-api-gateway/internal/domain"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+	"context"
+	"fmt"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+	accountRpc "code.30cm.net/digimon/proto-all/pkg/member"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type CheckVerifyCodeLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewCheckVerifyCodeLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CheckVerifyCodeLogic {
+	return &CheckVerifyCodeLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *CheckVerifyCodeLogic) CheckVerifyCode(req *types.CheckoutVerifyReq) (resp *types.BaseResponse, err error) {
+	// 驗證碼
+	_, err = l.svcCtx.AccountRpc.CheckRefreshCode(l.ctx, &accountRpc.VerifyRefreshCodeReq{
+		Account:    req.Account,
+		CodeType:   domain.SendVerifyCodeTypeForgetPassword,
+		VerifyCode: req.VerifyCode,
+	})
+	if err != nil {
+		fmt.Println(err)
+		// 表使沒有這驗證碼
+		return nil, ers.Forbidden("failed to get verify code")
+	}
+
+	// 返回成功響應
+	return &types.BaseResponse{
+		Status: types.Status{
+			Code:    domain.SuccessCode,
+			Message: domain.SuccessMsg,
+		},
+	}, nil
+}

internal/logic/member/create_account_logic.go

@@ -0,0 +1,112 @@
+package member
+
+import (
+	"app-cloudep-portal-api-gateway/internal/domain"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+	"context"
+	"time"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+	accountRpc "code.30cm.net/digimon/proto-all/pkg/member"
+	permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission"
+	"github.com/gogo/protobuf/proto"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type CreateAccountLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewCreateAccountLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CreateAccountLogic {
+	return &CreateAccountLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *CreateAccountLogic) CreateAccount(req *types.CreateAccountRequest) (resp *types.CreateAccountResp, err error) {
+	// 驗證密碼，兩次密碼要一致
+	if req.Token != req.TokenCheck {
+		return nil, ers.InvalidFormat("password confirmation does not match")
+	}
+
+	// 平台驗證
+	p := domain.GetPlatformByPlatformCode(req.Platform)
+	if p == domain.PlatformNone {
+		return nil, ers.InvalidFormat("platform not found")
+	}
+
+	// 建立帳號
+	_, err = l.svcCtx.AccountRpc.CreateUserAccount(l.ctx, &accountRpc.CreateLoginUserReq{
+		LoginId:  req.Account,
+		Platform: p.ToInt64(),
+		Token:    req.Token,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// 綁定 UID
+	bindResp, err := l.svcCtx.AccountRpc.BindAccount(l.ctx, &accountRpc.BindingUserReq{
+		LoginId: req.Account,
+		Type:    req.AccountType,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// 綁定使用者基礎資訊
+	if err := l.bindUserInfo(bindResp.Uid); err != nil {
+		return nil, err
+	}
+
+	// 發 token
+	token, err := l.generateToken(bindResp.Uid, req.DeviceID)
+	if err != nil {
+		return nil, err
+	}
+
+	// 建立回應
+	return &types.CreateAccountResp{
+		Status: types.Status{
+			Code:    domain.SuccessCode,
+			Message: domain.SuccessMsg,
+		},
+		Data: types.CreateAccountItem{
+			UID:          bindResp.Uid,
+			AccessToken:  token.AccessToken,
+			RefreshToken: token.RefreshToken,
+			TokenType:    token.TokenType,
+		},
+	}, nil
+}
+
+// bindUserInfo 綁定使用者基礎資訊
+func (l *CreateAccountLogic) bindUserInfo(uid string) error {
+	_, err := l.svcCtx.AccountRpc.BindUserInfo(l.ctx, &accountRpc.CreateUserInfoReq{
+		Uid:      uid,
+		Currency: domain.DefaultCurrency,
+		Language: domain.DefaultLanguage,
+		NickName: proto.String(uid),
+	})
+	return err
+}
+
+// generateToken 生成 token
+func (l *CreateAccountLogic) generateToken(uid, deviceID string) (*permissionRpc.TokenResp, error) {
+	return l.svcCtx.TokenRpc.NewToken(l.ctx, &permissionRpc.AuthorizationReq{
+		GrantType:      domain.GrantTypeClientCredentials.ToString(),
+		DeviceId:       deviceID,
+		Scope:          domain.DefaultScope,
+		IsRefreshToken: true,
+		Expires:        int32(time.Now().UTC().Add(l.svcCtx.Config.Token.Expired).Unix()),
+		Data: map[string]string{
+			"uid": uid,
+		},
+	})
+}

internal/logic/member/forget_password_code_logic.go

@@ -0,0 +1,188 @@
+package member
+
+import (
+	"app-cloudep-portal-api-gateway/internal/domain"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+	"context"
+	"fmt"
+
+	notificationRpc "code.30cm.net/digimon/proto-all/pkg/notification"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+	accountRpc "code.30cm.net/digimon/proto-all/pkg/member"
+	"github.com/matcornic/hermes/v2"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type ForgetPasswordCodeLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewForgetPasswordCodeLogic(ctx context.Context, svcCtx *svc.ServiceContext) *ForgetPasswordCodeLogic {
+	return &ForgetPasswordCodeLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *ForgetPasswordCodeLogic) ForgetPasswordCode(req *types.ForgetPasswordCodeReq) (*types.BaseResponse, error) {
+	// 限制三分鐘內只可以發送一次
+	rk := domain.GenerateVerifyCodeRedisKey.With(fmt.Sprintf("%s-%d", req.Account, domain.SendVerifyCodeTypeForgetPassword)).ToString()
+	get, err := l.svcCtx.Redis.Get(rk)
+	if err != nil {
+		// Redis 錯誤，給予適當的提示（可以視情況返回錯誤或繼續）
+		l.Logger.Errorf("Redis error: %v", err)
+	}
+	if get != "" {
+		// 已經發送過驗證碼，返回提示
+		return nil, ers.ArkInternal("verification code already sent, please wait before requesting again")
+	}
+
+	// 確認帳號是否已經註冊過
+	accountResp, err := l.svcCtx.AccountRpc.GetUidByAccount(l.ctx, &accountRpc.GetUIDByAccountReq{
+		Account: req.Account,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// 生成重置密碼驗證碼
+	code, err := l.svcCtx.AccountRpc.GenerateRefreshCode(l.ctx, &accountRpc.GenerateRefreshCodeReq{
+		Account:  req.Account,
+		CodeType: domain.SendVerifyCodeTypeForgetPassword,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// 取得用戶資訊
+	info, err := l.svcCtx.AccountRpc.GetUserInfo(l.ctx, &accountRpc.GetUserInfoReq{Uid: accountResp.Uid})
+	if err != nil {
+		return nil, err
+	}
+
+	// 準備驗證碼郵件
+	nickName := info.Data.Uid
+	if info.Data.NickName != nil {
+		nickName = *info.Data.NickName
+	}
+	mailContent, title, err := ForgerZHTW(nickName, code.Data.VerifyCode)
+	if err != nil {
+		return nil, ers.InvalidFormat("failed to generate mail content: ", err.Error())
+	}
+
+	// 發送郵件
+	_, err = l.svcCtx.NotificationRpc.SendMail(l.ctx, &notificationRpc.SendMailReq{
+		Body:    mailContent,
+		Subject: title,
+		To:      req.Account,
+		From:    l.svcCtx.Config.MailSender,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// 設置 Redis 鍵，並設置 3 分鐘的過期時間
+	err = l.svcCtx.Redis.Set(rk, code.Data.VerifyCode)
+	if err != nil {
+		return nil, ers.ArkInternal(err.Error())
+	}
+	err = l.svcCtx.Redis.Expire(rk, 180)
+	if err != nil {
+		return nil, ers.ArkInternal(err.Error())
+	}
+
+	// 返回成功響應
+	return &types.BaseResponse{
+		Status: types.Status{
+			Code:    domain.SuccessCode,
+			Message: domain.SuccessMsg,
+		},
+	}, nil
+}
+
+type generateForgetPasswordMailBodyReq struct {
+	ProductName      string
+	ProductLink      string
+	ProductLogo      string
+	ProductCopyright string
+
+	BodyName      string
+	BodyIntros    []string
+	BodyActions   []hermes.Action
+	BodyOutros    []string
+	BodySignature string
+}
+
+func ForgerZHTW(username, verifyCode string) (body, title string, err error) {
+	req := generateForgetPasswordMailBodyReq{
+		ProductName:      "Digimon 團隊",
+		ProductLink:      "https://code.30cm.net",
+		ProductLogo:      "https://storage.googleapis.com/netpute-qa-public/logo_dark.png",
+		ProductCopyright: "© 2024 Digimon Inc. 版權所有",
+
+		BodyName: username,
+		BodyIntros: []string{
+			"您收到此電子郵件是因為我們收到了針對 Digimon 帳戶的密碼重置請求。",
+		},
+		BodyActions: []hermes.Action{
+			{
+				Instructions: "請複製您的驗證碼，到網頁重置",
+				InviteCode:   verifyCode,
+			},
+		},
+		BodyOutros: []string{
+			"如果您不要求重設密碼，則無需您採取進一步的措施。",
+		},
+		BodySignature: "無所不在的即時遊戲社群平台",
+	}
+	pr, bo := mustForgetPasswordMail(req)
+
+	body, err = genMailBody(forgetPasswordTemplate{pr, bo})
+
+	return body, "Digimon 平台，重設密碼驗證信", err
+}
+
+func mustForgetPasswordMail(req generateForgetPasswordMailBodyReq) (hermes.Product, hermes.Body) {
+	product := hermes.Product{
+		// Appears in header & footer of e-mails
+		Name:      req.ProductName,
+		Link:      req.ProductLink,
+		Logo:      req.ProductLogo,
+		Copyright: req.ProductCopyright,
+	}
+
+	body := hermes.Body{
+		Name:      req.BodyName,
+		Intros:    req.BodyIntros,
+		Actions:   req.BodyActions,
+		Outros:    req.BodyOutros,
+		Signature: req.BodySignature,
+	}
+
+	return product, body
+}
+
+type forgetPasswordTemplate struct {
+	Product hermes.Product
+	Body    hermes.Body
+}
+
+func genMailBody(req forgetPasswordTemplate) (body string, err error) {
+	h := hermes.Hermes{
+		Product: req.Product,
+	}
+	email := hermes.Email{
+		Body: req.Body,
+	}
+	emailBody, err := h.GenerateHTML(email)
+	if err != nil {
+		return "", err
+	}
+	return emailBody, nil
+}

internal/logic/member/info_logic.go

@@ -0,0 +1,55 @@
+package member
+
+import (
+	"app-cloudep-portal-api-gateway/internal/domain"
+	"app-cloudep-portal-api-gateway/internal/payload"
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+	"context"
+	"time"
+
+	accountRpc "code.30cm.net/digimon/proto-all/pkg/member"
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type InfoLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewInfoLogic(ctx context.Context, svcCtx *svc.ServiceContext) *InfoLogic {
+	return &InfoLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *InfoLogic) Info(_ *types.GetMemberHeader) (resp *types.UserInfoResp, err error) {
+	info, err := l.svcCtx.AccountRpc.GetUserInfo(l.ctx, &accountRpc.GetUserInfoReq{
+		Uid: payload.UID(l.ctx),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return &types.UserInfoResp{
+		Status: types.Status{
+			Code:    domain.SuccessCode,
+			Message: domain.SuccessMsg,
+		},
+		Data: types.UserInfo{
+			UID:        info.Data.Uid,
+			VerifyType: info.Data.VerifyType.String(),
+			AlarmType:  info.Data.AlarmType.String(),
+			Status:     info.Data.Status.String(),
+			Language:   info.Data.Language,
+			Currency:   info.Data.Currency,
+			Avatar:     info.Data.Avatar,
+			CreateTime: time.Unix(info.Data.CreateTime, 0).UTC().Format(time.RFC3339),
+			UpdateTime: time.Unix(info.Data.UpdateTime, 0).UTC().Format(time.RFC3339),
+			NickName:   info.Data.NickName,
+		},
+	}, nil
+}

internal/logic/member/login_logic.go

@@ -0,0 +1,104 @@
+package member
+
+import (
+	"app-cloudep-portal-api-gateway/internal/domain"
+	"context"
+	"time"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+	accountRpc "code.30cm.net/digimon/proto-all/pkg/member"
+	permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission"
+	"github.com/gogo/protobuf/proto"
+
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type LoginLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *LoginLogic {
+	return &LoginLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *LoginLogic) Login(req *types.LoginReq) (resp *types.LoginResp, err error) {
+	var result *accountRpc.VerifyAuthResultResp
+
+	// Step 1 驗證進來的 Token
+	platform := domain.GetPlatformByPlatformCode(req.Platform)
+	switch platform {
+	case domain.PlatformDigimon:
+		// 原始平台驗證
+		result, err = l.svcCtx.AccountRpc.VerifyPlatformAuthResult(l.ctx, &accountRpc.VerifyAuthResultReq{
+			Account: proto.String(req.Account),
+			Token:   req.Token,
+		})
+		if err != nil {
+			return nil, err
+		}
+	case domain.PlatformGoogle:
+		result, err = l.svcCtx.AccountRpc.VerifyGoogleAuthResult(l.ctx, &accountRpc.VerifyAuthResultReq{
+			Token: req.Token,
+		})
+		if err != nil {
+			return nil, err
+		}
+	case domain.PlatformTwitter:
+	default:
+		return nil, ers.InvalidFormat("invalid platform")
+	}
+
+	if !result.Status {
+		return nil, ers.Forbidden("failed to validate password ")
+	}
+
+	account, err := l.svcCtx.AccountRpc.GetUidByAccount(l.ctx, &accountRpc.GetUIDByAccountReq{
+		Account: req.Account,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// 發 token
+	token, err := l.generateToken(account.Uid, req.DeviceID)
+	if err != nil {
+		return nil, err
+	}
+
+	// 建立回應
+	return &types.LoginResp{
+		Status: types.Status{
+			Code:    domain.SuccessCode,
+			Message: domain.SuccessMsg,
+		},
+		Data: types.LoginItem{
+			UID:          account.Uid,
+			AccessToken:  token.AccessToken,
+			RefreshToken: token.RefreshToken,
+			TokenType:    token.TokenType,
+		},
+	}, nil
+}
+
+// generateToken 生成 token
+func (l *LoginLogic) generateToken(uid, deviceID string) (*permissionRpc.TokenResp, error) {
+	return l.svcCtx.TokenRpc.NewToken(l.ctx, &permissionRpc.AuthorizationReq{
+		GrantType:      domain.GrantTypeClientCredentials.ToString(),
+		DeviceId:       deviceID,
+		Scope:          domain.DefaultScope,
+		IsRefreshToken: true,
+		Expires:        int32(time.Now().UTC().Add(l.svcCtx.Config.Token.Expired).Unix()),
+		Data: map[string]string{
+			"uid": uid,
+		},
+	})
+}

internal/logic/member/logout_logic.go

@@ -0,0 +1,43 @@
+package member
+
+import (
+	"app-cloudep-portal-api-gateway/internal/domain"
+	"context"
+
+	"code.30cm.net/digimon/proto-all/pkg/permission"
+
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type LogoutLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewLogoutLogic(ctx context.Context, svcCtx *svc.ServiceContext) *LogoutLogic {
+	return &LogoutLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *LogoutLogic) Logout(req *types.GetMemberHeader) (resp *types.BaseResponse, err error) {
+	_, err = l.svcCtx.TokenRpc.CancelToken(l.ctx, &permission.CancelTokenReq{
+		Token: req.Token,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return &types.BaseResponse{
+		Status: types.Status{
+			Code:    domain.SuccessCode,
+			Message: domain.SuccessMsg,
+		},
+	}, nil
+}

internal/logic/member/refresh_access_token_logic.go

@@ -0,0 +1,55 @@
+package member
+
+import (
+	"app-cloudep-portal-api-gateway/internal/domain"
+	"context"
+	"time"
+
+	permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission"
+
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type RefreshAccessTokenLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewRefreshAccessTokenLogic(ctx context.Context, svcCtx *svc.ServiceContext) *RefreshAccessTokenLogic {
+	return &RefreshAccessTokenLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *RefreshAccessTokenLogic) RefreshAccessToken(req *types.UpdateTokenReq) (resp *types.LoginResp, err error) {
+	// TODO 看未來有沒有需要把UID 拿去驗證
+	token, err := l.svcCtx.TokenRpc.RefreshToken(l.ctx, &permissionRpc.RefreshTokenReq{
+		Token:    req.Token,
+		Scope:    domain.DefaultScope,
+		Expires:  time.Now().UTC().Add(l.svcCtx.Config.Token.Expired).Unix(),
+		DeviceId: req.DeviceID,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// 建立回應
+	return &types.LoginResp{
+		Status: types.Status{
+			Code:    domain.SuccessCode,
+			Message: domain.SuccessMsg,
+		},
+		Data: types.LoginItem{
+			UID:          req.UID,
+			AccessToken:  token.Token,
+			RefreshToken: token.OneTimeToken,
+			TokenType:    token.TokenType,
+		},
+	}, nil
+}

internal/logic/member/upadte_password_logic.go

@@ -0,0 +1,91 @@
+package member
+
+import (
+	"app-cloudep-portal-api-gateway/internal/domain"
+	"context"
+	"fmt"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+	accountRpc "code.30cm.net/digimon/proto-all/pkg/member"
+	permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission"
+
+	"app-cloudep-portal-api-gateway/internal/svc"
+	"app-cloudep-portal-api-gateway/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type UpadtePasswordLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewUpadtePasswordLogic(ctx context.Context, svcCtx *svc.ServiceContext) *UpadtePasswordLogic {
+	return &UpadtePasswordLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *UpadtePasswordLogic) UpadtePassword(req *types.UpdatePasswordReq) (resp *types.BaseResponse, err error) {
+	// 驗證密碼，兩次密碼要一致
+	if req.Token != req.TokenCheck {
+		return nil, ers.InvalidFormat("password confirmation does not match")
+	}
+
+	// 驗證碼
+	_, err = l.svcCtx.AccountRpc.VerifyRefreshCode(l.ctx, &accountRpc.VerifyRefreshCodeReq{
+		Account:    req.Account,
+		CodeType:   domain.SendVerifyCodeTypeForgetPassword,
+		VerifyCode: req.VerifyCode,
+	})
+	if err != nil {
+		// 表使沒有這驗證碼
+		return nil, ers.Forbidden("failed to get verify code")
+	}
+
+	info, err := l.svcCtx.AccountRpc.GetUserAccountInfo(l.ctx, &accountRpc.GetUIDByAccountReq{Account: req.Account})
+	if err != nil {
+		return nil, err
+	}
+
+	if info.Data.Platform != domain.PlatformDigimon.ToInt64() {
+		return nil, ers.Forbidden("invalid platform")
+	}
+
+	// 更新
+	_, err = l.svcCtx.AccountRpc.UpdateUserToken(l.ctx, &accountRpc.UpdateTokenReq{
+		Account:  req.Account,
+		Token:    req.Token,
+		Platform: int64(domain.PlatformDigimon),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// 刪除 key
+	rk := domain.GenerateVerifyCodeRedisKey.With(fmt.Sprintf("%s-%d", req.Account, domain.SendVerifyCodeTypeForgetPassword)).ToString()
+	_, err = l.svcCtx.Redis.Del(rk)
+	if err != nil {
+		return nil, ers.ArkInternal(err.Error())
+	}
+	// 取消所有Token
+	ac, err := l.svcCtx.AccountRpc.GetUidByAccount(l.ctx, &accountRpc.GetUIDByAccountReq{Account: req.Account})
+	if err != nil {
+		return nil, err
+	}
+	_, err = l.svcCtx.TokenRpc.CancelTokens(l.ctx, &permissionRpc.DoTokenByUIDReq{Uid: ac.Uid})
+	if err != nil {
+		return nil, err
+	}
+
+	// 返回成功響應
+	return &types.BaseResponse{
+		Status: types.Status{
+			Code:    domain.SuccessCode,
+			Message: domain.SuccessMsg,
+		},
+	}, nil
+}

internal/middleware/auth_middleware.go

@@ -0,0 +1,79 @@
+package middleware
+
+import (
+	"app-cloudep-portal-api-gateway/internal/domain"
+	"app-cloudep-portal-api-gateway/internal/types"
+	"context"
+	"net/http"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+	token "code.30cm.net/digimon/library-go/jwt"
+	permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission"
+	"github.com/zeromicro/go-zero/rest/httpx"
+)
+
+type AuthMiddlewareParam struct {
+	TokenSec    string
+	TokenClient permissionRpc.TokenServiceClient
+}
+
+type AuthMiddleware struct {
+	tokenSec    string
+	tokenClient permissionRpc.TokenServiceClient
+}
+
+func NewAuthMiddleware(param AuthMiddlewareParam) *AuthMiddleware {
+	return &AuthMiddleware{
+		tokenSec:    param.TokenSec,
+		tokenClient: param.TokenClient,
+	}
+}
+
+// Handle 處理 Auth Middleware
+func (m *AuthMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		// 解析 Header
+		header := types.GetMemberHeader{}
+		if err := httpx.ParseHeaders(r, &header); err != nil {
+			m.writeErrorResponse(w, r, http.StatusBadRequest, "Failed to parse headers", int64(ers.InvalidFormat().FullCode()))
+			return
+		}
+
+		// 驗證 Token
+		claim, err := token.ParseClaims(header.Token, m.tokenSec, true)
+		if err != nil {
+			// 是否需要紀錄錯誤，是不是只要紀錄除了驗證失敗或過期之外的真錯誤
+			m.writeErrorResponse(w, r, http.StatusForbidden, err.Error(), int64(ers.Forbidden().FullCode()))
+			return
+		}
+
+		// 驗證 Token 是否在黑名單中
+		if _, err := m.tokenClient.ValidationToken(r.Context(), &permissionRpc.ValidationTokenReq{Token: header.Token}); err != nil {
+			m.writeErrorResponse(w, r, http.StatusForbidden, err.Error(), int64(ers.Forbidden().FullCode()))
+			return
+		}
+
+		// 設置 context 並傳遞給下一個處理器
+		ctx := SetContext(r, claim)
+		next(w, r.WithContext(ctx))
+	}
+}
+
+func SetContext(r *http.Request, claim token.DataClaims) context.Context {
+	ctx := context.WithValue(r.Context(), domain.RoleCode, claim.Role())
+	ctx = context.WithValue(ctx, domain.UidCode, claim.UID())
+	ctx = context.WithValue(ctx, domain.DeviceIDCode, claim.DeviceID())
+	ctx = context.WithValue(ctx, domain.ScopeCode, claim.Get(domain.ScopeCode.ToString()))
+
+	return ctx
+}
+
+// writeErrorResponse 用於處理錯誤回應
+func (m *AuthMiddleware) writeErrorResponse(w http.ResponseWriter, r *http.Request, statusCode int, message string, code int64) {
+	httpx.WriteJsonCtx(r.Context(), w, statusCode, types.BaseResponse{
+		Status: types.Status{
+			Code:    code,
+			Message: message,
+		},
+	})
+}

internal/payload/token.go

@@ -0,0 +1,22 @@
+package payload
+
+import (
+	"app-cloudep-portal-api-gateway/internal/domain"
+	"context"
+)
+
+func UID(ctx context.Context) string {
+	return ctx.Value(domain.UidCode).(string)
+}
+
+func Scope(ctx context.Context) string {
+	return ctx.Value(domain.ScopeCode).(string)
+}
+
+func Role(ctx context.Context) string {
+	return ctx.Value(domain.RoleCode).(string)
+}
+
+func DeviceID(ctx context.Context) string {
+	return ctx.Value(domain.DeviceIDCode).(string)
+}

internal/svc/service_context.go

@@ -0,0 +1,47 @@
+package svc
+
+import (
+	"app-cloudep-portal-api-gateway/internal/config"
+	"app-cloudep-portal-api-gateway/internal/middleware"
+
+	ers "code.30cm.net/digimon/library-go/errors"
+	"code.30cm.net/digimon/library-go/errors/code"
+	"github.com/zeromicro/go-zero/core/stores/redis"
+	"github.com/zeromicro/go-zero/zrpc"
+
+	accountRpc "code.30cm.net/digimon/proto-all/pkg/member"
+	notificationRpc "code.30cm.net/digimon/proto-all/pkg/notification"
+	permissionRpc "code.30cm.net/digimon/proto-all/pkg/permission"
+)
+
+type ServiceContext struct {
+	Config config.Config
+
+	AuthMiddleware  *middleware.AuthMiddleware
+	AccountRpc      accountRpc.AccountClient
+	TokenRpc        permissionRpc.TokenServiceClient
+	NotificationRpc notificationRpc.SenderServiceClient
+	Redis           redis.Redis
+}
+
+func NewServiceContext(c config.Config) *ServiceContext {
+	ers.Scope = code.CloudEPPortalGW
+
+	newRedis, err := redis.NewRedis(c.RedisCluster, redis.Cluster())
+	if err != nil {
+		panic(err)
+	}
+
+	tc := permissionRpc.NewTokenServiceClient(zrpc.MustNewClient(c.PermissionRpc).Conn())
+	return &ServiceContext{
+		Config: c,
+		AuthMiddleware: middleware.NewAuthMiddleware(middleware.AuthMiddlewareParam{
+			TokenSec:    c.Token.Secret,
+			TokenClient: tc,
+		}),
+		AccountRpc:      accountRpc.NewAccountClient(zrpc.MustNewClient(c.AccountRpc).Conn()),
+		TokenRpc:        tc,
+		NotificationRpc: notificationRpc.NewSenderServiceClient(zrpc.MustNewClient(c.NotificationRpc).Conn()),
+		Redis:           *newRedis,
+	}
+}

internal/types/types.go

@@ -0,0 +1,110 @@
+// Code generated by goctl. DO NOT EDIT.
+package types
+
+type Status struct {
+	Code    int64       `json:"code"`            // 狀態碼
+	Message string      `json:"message"`         // 訊息
+	Data    interface{} `json:"data,omitempty"`  // 可選的數據，當有返回時才出現
+	Error   interface{} `json:"error,omitempty"` // 可選的錯誤信息
+}
+
+type BaseResponse struct {
+	Status Status `json:"status"` // 狀態
+}
+
+type MemberLoginHeader struct {
+	DeviceID  string `header:"device_id"`
+	IpAddress string `header:"ip_address"`
+	Brewser   string `header:"brewser"`
+}
+
+type CreateAccountRequest struct {
+	Account     string `json:"account" validate:"required, account"`             // 帳號名稱
+	Token       string `json:"token"`                                            // 密碼或平台token，密碼請 sha256 轉碼
+	TokenCheck  string `json:"token_check"`                                      // 密碼或平台token，密碼請 sha256 轉碼
+	Platform    string `json:"platform" validate:"oneof=digimon google twitter"` // 平台名稱 digimon, google, twitter
+	AccountType int64  `json:"account_type" validate:"oneof=1 2 3"`              // 帳號類型 1 手機 2 信箱 3 自定義帳號
+	MemberLoginHeader
+}
+
+type CreateAccountItem struct {
+	UID          string `json:"uid"`           // 使用者UID
+	AccessToken  string `json:"access_token"`  // 訪問令牌 預設 5 分鐘過期
+	RefreshToken string `json:"refresh_token"` // 刷新令牌 (預設一天過期，只能用一次)，當呼叫更新token api 時，會自動把舊的失效，變成新的 refresh_token ，前端要記得過其實協助刷新，刷新不過表示全失效了（重新登入）
+	TokenType    string `json:"token_type"`    // Bearer
+}
+
+type CreateAccountResp struct {
+	Status Status            `json:"status"` // 狀態
+	Data   CreateAccountItem `json:"data"`
+}
+
+type LoginResp struct {
+	Status Status    `json:"status"` // 狀態
+	Data   LoginItem `json:"data"`
+}
+
+type LoginItem struct {
+	UID          string `json:"uid"`           //  Account
+	AccessToken  string `json:"access_token"`  // 訪問令牌 預設 5 分鐘過期
+	RefreshToken string `json:"refresh_token"` // 刷新令牌 (預設一天過期，只能用一次)，當呼叫更新token api 時，會自動把舊的失效，變成新的 refresh_token ，前端要記得過其實協助刷新，刷新不過表示全失效了（重新登入）
+	TokenType    string `json:"token_type"`    // Bearer
+}
+
+type LoginReq struct {
+	Account     string `json:"account" validate:"required, account"`             // 帳號名稱
+	Token       string `json:"token"`                                            // 密碼或平台token，密碼請 sha256 轉碼
+	Platform    string `json:"platform" validate:"oneof=digimon google twitter"` // 平台名稱 digimon, google, twitter
+	AccountType int64  `json:"account_type" validate:"oneof=1 2 3"`              // 帳號類型 1 手機 2 信箱 3 自定義帳號
+	MemberLoginHeader
+}
+
+type ForgetPasswordCodeReq struct {
+	Account     string `json:"account" validate:"required, account"` // 帳號名稱
+	AccountType int32  `json:"account_type" validate:"oneof=1 2 3"`  // 帳號類型 1 手機 2 信箱 3 自定義帳號
+}
+
+type CheckoutVerifyReq struct {
+	Account    string `form:"account"m:"account" validate:"required, account"` // 帳號名稱
+	VerifyCode string `form:"verify_code" validate:"required,len=6"`           // 驗證碼，長度為6
+}
+
+type UpdatePasswordReq struct {
+	Account    string `json:"account" validate:"required, account"`  // 帳號名稱
+	VerifyCode string `json:"verify_code" validate:"required,len=6"` // 驗證碼，長度為6
+	Token      string `json:"token" validate:"required"`             // 密碼或平台token，密碼請 sha256 轉碼
+	TokenCheck string `json:"token_check" validate:"required"`       // 密碼或平台token，密碼請 sha256 轉碼
+}
+
+type UpdateTokenReq struct {
+	UID   string `json:"uid" validate:"required"`   // uid
+	Token string `json:"token" validate:"required"` // refresh token
+	MemberLoginHeader
+}
+
+type Header struct {
+	Uid   string `header:"uid"`
+	Token string `header:"token"`
+}
+
+type GetMemberHeader struct {
+	Token string `header:"token"`
+}
+
+type UserInfoResp struct {
+	Status Status   `json:"status"` // 狀態
+	Data   UserInfo `json:"data"`
+}
+
+type UserInfo struct {
+	UID        string  `json:"uid"`
+	VerifyType string  `json:"verify_type"`
+	AlarmType  string  `json:"alarm_type"`
+	Status     string  `json:"status"`
+	Language   string  `json:"language"`
+	Currency   string  `json:"currency"`
+	Avatar     string  `json:"avatar"`
+	CreateTime string  `json:"curreate_time"`
+	UpdateTime string  `json:"update_time"`
+	NickName   *string `json:"nick_name,omitempty"`
+}