120 lines
3.2 KiB
Go
120 lines
3.2 KiB
Go
package services
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"time"
|
|
|
|
"github.com/golang-jwt/jwt/v5"
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
"git.beifan.cn/trace-system/backend-go/config"
|
|
"git.beifan.cn/trace-system/backend-go/database"
|
|
"git.beifan.cn/trace-system/backend-go/models"
|
|
)
|
|
|
|
// AuthService 认证服务
|
|
type AuthService struct{}
|
|
|
|
// ValidateUser 验证用户身份
|
|
func (s *AuthService) ValidateUser(username string, password string) (*models.User, error) {
|
|
var user models.User
|
|
result := database.DB.Where("username = ?", username).First(&user)
|
|
if result.Error != nil {
|
|
return nil, errors.New("用户名或密码不正确")
|
|
}
|
|
|
|
err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
|
|
if err != nil {
|
|
return nil, errors.New("用户名或密码不正确")
|
|
}
|
|
|
|
return &user, nil
|
|
}
|
|
|
|
// GenerateToken 生成 JWT 令牌
|
|
func (s *AuthService) GenerateToken(user *models.User) (string, error) {
|
|
cfg := config.GetAppConfig()
|
|
claims := jwt.MapClaims{
|
|
"userId": user.ID,
|
|
"username": user.Username,
|
|
"role": user.Role,
|
|
"exp": time.Now().Add(time.Second * time.Duration(cfg.JWT.Expire)).Unix(),
|
|
"iat": time.Now().Unix(),
|
|
}
|
|
|
|
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
|
return token.SignedString([]byte(cfg.JWT.Secret))
|
|
}
|
|
|
|
// GetProfile 获取用户信息
|
|
func (s *AuthService) GetProfile(userId uint) (*models.UserDTO, error) {
|
|
var user models.User
|
|
result := database.DB.First(&user, userId)
|
|
if result.Error != nil {
|
|
return nil, fmt.Errorf("查询用户失败: %w", errors.New("用户不存在"))
|
|
}
|
|
|
|
return &models.UserDTO{
|
|
ID: user.ID,
|
|
Username: user.Username,
|
|
Name: user.Name,
|
|
Email: user.Email,
|
|
Role: user.Role,
|
|
CreatedAt: user.CreatedAt,
|
|
}, nil
|
|
}
|
|
|
|
// ChangePassword 修改密码
|
|
func (s *AuthService) ChangePassword(userId uint, currentPassword string, newPassword string) error {
|
|
var user models.User
|
|
result := database.DB.First(&user, userId)
|
|
if result.Error != nil {
|
|
return fmt.Errorf("查询用户失败: %w", errors.New("用户不存在"))
|
|
}
|
|
|
|
err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(currentPassword))
|
|
if err != nil {
|
|
return fmt.Errorf("密码验证失败: %w", errors.New("当前密码错误"))
|
|
}
|
|
|
|
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcrypt.DefaultCost)
|
|
if err != nil {
|
|
return fmt.Errorf("密码加密失败: %w", err)
|
|
}
|
|
|
|
user.Password = string(hashedPassword)
|
|
result = database.DB.Save(&user)
|
|
if result.Error != nil {
|
|
return fmt.Errorf("保存用户失败: %w", errors.New("密码修改失败"))
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// UpdateProfile 更新用户信息
|
|
func (s *AuthService) UpdateProfile(userId uint, name string, email string) (*models.UserDTO, error) {
|
|
var user models.User
|
|
result := database.DB.First(&user, userId)
|
|
if result.Error != nil {
|
|
return nil, fmt.Errorf("查询用户失败: %w", errors.New("用户不存在"))
|
|
}
|
|
|
|
user.Name = name
|
|
user.Email = email
|
|
|
|
result = database.DB.Save(&user)
|
|
if result.Error != nil {
|
|
return nil, fmt.Errorf("保存用户失败: %w", errors.New("个人信息更新失败"))
|
|
}
|
|
|
|
return &models.UserDTO{
|
|
ID: user.ID,
|
|
Username: user.Username,
|
|
Name: user.Name,
|
|
Email: user.Email,
|
|
Role: user.Role,
|
|
CreatedAt: user.CreatedAt,
|
|
}, nil
|
|
}
|