59 lines
1.4 KiB
Go
59 lines
1.4 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"strings"
|
|
|
|
"gateway/internal/svc"
|
|
"gateway/internal/types"
|
|
|
|
"github.com/zeromicro/go-zero/core/logx"
|
|
)
|
|
|
|
type LoginLogic struct {
|
|
logx.Logger
|
|
ctx context.Context
|
|
svcCtx *svc.ServiceContext
|
|
}
|
|
|
|
func NewLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *LoginLogic {
|
|
return &LoginLogic{
|
|
Logger: logx.WithContext(ctx),
|
|
ctx: ctx,
|
|
svcCtx: svcCtx,
|
|
}
|
|
}
|
|
|
|
func (l *LoginLogic) Login(req *types.LoginReq) (*types.AuthTokenData, error) {
|
|
if err := requireLoginDeps(l.svcCtx); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
tenant, err := resolveTenant(l.ctx, l.svcCtx, req.TenantSlug)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
email := normalizeLoginEmail(req.Email)
|
|
tok, err := l.svcCtx.Zitadel.VerifyPassword(l.ctx, email, req.Password)
|
|
if err != nil {
|
|
return nil, wrapZitadelErr(err)
|
|
}
|
|
|
|
identity, err := zitadelIdentityFromToken(l.ctx, l.svcCtx.Zitadel, tok)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
member, err := memberForLogin(l.ctx, l.svcCtx, tenant.TenantID, identity.Sub)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if identity.Email != "" && !strings.EqualFold(strings.TrimSpace(member.ZitadelEmail), identity.Email) {
|
|
// Prefer ZITADEL subject match; email mismatch is logged but does not block login.
|
|
logx.WithContext(l.ctx).Infof("login: zitadel email mismatch for uid=%s", member.UID)
|
|
}
|
|
|
|
return issueAuthToken(l.ctx, l.svcCtx, tenant.TenantID, member.UID)
|
|
}
|