heritage-api/handler/auth-handler.go

package handler

import (
	"net/http"
	"os"
	"strings"

	"github.com/gin-gonic/gin"
	"myschools.me/heritage/heritage-api/model"
	"myschools.me/heritage/heritage-api/service"
)

type AuthLoginRequest struct {
	UserName string `json:"userName"`
	Username string `json:"username"`
	Password string `json:"password"`
}

type AuthLoginResponse struct {
	Token string      `json:"token"`
	User  *model.User `json:"user"`
}

type AuthChangePasswordRequest struct {
	OldPassword string `json:"oldPassword"`
	NewPassword string `json:"newPassword"`
}

func AuthLogin(c *gin.Context) {
	var req AuthLoginRequest
	if err := c.ShouldBindJSON(&req); err != nil {
		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{
			"data": "参数错误",
		})
		return
	}
	if req.UserName == "" {
		req.UserName = req.Username
	}
	req.UserName = strings.TrimSpace(req.UserName)
	if req.UserName == "" || req.Password == "" {
		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{
			"data": "用户名或密码不能为空",
		})
		return
	}

	token, safeUser, err := service.AuthLogin(req.UserName, req.Password)
	if err != nil {
		if err == service.ErrInvalidCredentials {
			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
				"data": "用户名或密码错误",
			})
			return
		}
		c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{
			"data": "登录失败",
		})
		return
	}

	c.JSON(http.StatusOK, AuthLoginResponse{
		Token: token,
		User:  safeUser,
	})
}

func AuthLogout(c *gin.Context) {
	token := c.GetHeader("Authorization")
	if token == "" {
		token = c.Query("Authorization")
	}
	_ = service.AuthLogout(token)
	c.JSON(http.StatusOK, gin.H{
		"data": "ok",
	})
}

func AuthMe(c *gin.Context) {
	usr := currentUser(c)
	if usr == nil {
		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
			"data": "无效TOKEN, 请重新登录!",
		})
		return
	}
	c.JSON(http.StatusOK, gin.H{
		"user": usr,
	})
}

func AuthChangePassword(c *gin.Context) {
	usr := currentUser(c)
	if usr == nil {
		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
			"data": "无效TOKEN, 请重新登录!",
		})
		return
	}

	var req AuthChangePasswordRequest
	if err := c.ShouldBindJSON(&req); err != nil {
		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{
			"data": "参数错误",
		})
		return
	}
	req.OldPassword = strings.TrimSpace(req.OldPassword)
	req.NewPassword = strings.TrimSpace(req.NewPassword)
	err := service.AuthChangePassword(usr.ID, req.OldPassword, req.NewPassword)
	if err != nil {
		switch err {
		case service.ErrInvalidArgument:
			c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{
				"data": "密码不能为空",
			})
		case service.ErrNewPasswordShort:
			c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{
				"data": "新密码至少6位",
			})
		case service.ErrOldPasswordWrong:
			c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{
				"data": "旧密码错误",
			})
		case service.ErrUserNotFound:
			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
				"data": "无效用户, 请重新登录!",
			})
		default:
			c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{
				"data": authChangePasswordInternalError(err),
			})
		}
		return
	}

	c.JSON(http.StatusOK, gin.H{
		"data": "ok",
	})
}

func authChangePasswordInternalError(err error) string {
	if os.Getenv("DEBUG") == "true" && err != nil {
		return "修改失败: " + err.Error()
	}
	return "修改失败"
}