package controllers import ( "encoding/json" "io" "strings" "server/models" "server/pkg/jwtutil" "server/services" beego "github.com/beego/beego/v2/server/web" ) type platformLoginRequest struct { Account string `json:"account"` Password string `json:"password"` Code string `json:"code"` } type backendLoginRequest struct { TenantName string `json:"tenant_name"` Account string `json:"account"` Password string `json:"password"` Code string `json:"code"` } // PlatformAuthController 平台端认证控制器 type PlatformAuthController struct { beego.Controller } // LoginPlatform 平台端登录(不需要租户) func (c *PlatformAuthController) LoginPlatform() { var req platformLoginRequest // 支持前端以 JSON body 方式提交 body, err := io.ReadAll(c.Ctx.Request.Body) if err != nil { c.Data["json"] = map[string]interface{}{ "code": 400, "msg": "参数错误", } _ = c.ServeJSON() return } if err := json.Unmarshal(body, &req); err != nil { c.Data["json"] = map[string]interface{}{ "code": 400, "msg": "参数错误", } _ = c.ServeJSON() return } if req.Account == "" || req.Password == "" { c.Data["json"] = map[string]interface{}{ "code": 400, "msg": "用户名或密码不能为空", } _ = c.ServeJSON() return } cfg, _ := models.GetPlatformLoginVerify() if cfg.OpenVerifyEnabled == 1 { if cfg.VerifyType == "sms" || cfg.VerifyType == "email" { if strings.TrimSpace(req.Code) == "" { c.Data["json"] = map[string]interface{}{"code": 400, "msg": "请输入验证码"} _ = c.ServeJSON() return } if err := services.VerifyPlatformLoginCode(req.Account, cfg.VerifyType, req.Code); err != nil { c.Data["json"] = map[string]interface{}{"code": 400, "msg": err.Error()} _ = c.ServeJSON() return } } } // 控制器只做 HTTP 解析与响应编排,业务逻辑放 services 层 token, loginUser, err := services.PlatformAdminLogin(req.Account, req.Password) if err != nil { c.Data["json"] = map[string]interface{}{ "code": 401, "msg": err.Error(), } _ = c.ServeJSON() return } c.Data["json"] = map[string]interface{}{ "code": 200, "msg": "登录成功", "data": map[string]interface{}{ "token": token, "user": map[string]interface{}{ "id": loginUser.ID, "account": loginUser.Account, "name": loginUser.Name, "rid": loginUser.Rid, "avatar": loginUser.Avatar, "role_name": loginUser.RoleName, }, }, } _ = c.ServeJSON() } // LoginBackend backend 登录(需要租户) func (c *PlatformAuthController) LoginBackend() { var req backendLoginRequest body, err := io.ReadAll(c.Ctx.Request.Body) if err != nil { c.Data["json"] = map[string]interface{}{"code": 400, "msg": "参数错误"} _ = c.ServeJSON() return } if err := json.Unmarshal(body, &req); err != nil { c.Data["json"] = map[string]interface{}{"code": 400, "msg": "参数错误"} _ = c.ServeJSON() return } if req.TenantName == "" || req.Account == "" || req.Password == "" { c.Data["json"] = map[string]interface{}{"code": 400, "msg": "租户名称、用户名或密码不能为空"} _ = c.ServeJSON() return } cfg, _ := models.GetPlatformLoginVerify() if cfg.OpenVerifyEnabled == 1 { if cfg.VerifyType == "sms" || cfg.VerifyType == "email" { if strings.TrimSpace(req.Code) == "" { c.Data["json"] = map[string]interface{}{"code": 400, "msg": "请输入验证码"} _ = c.ServeJSON() return } if err := services.VerifyBackendLoginCode(req.TenantName, req.Account, cfg.VerifyType, req.Code); err != nil { c.Data["json"] = map[string]interface{}{"code": 400, "msg": err.Error()} _ = c.ServeJSON() return } } } token, loginUser, err := services.BackendLogin(req.TenantName, req.Account, req.Password) if err != nil { c.Data["json"] = map[string]interface{}{"code": 401, "msg": err.Error()} _ = c.ServeJSON() return } c.Data["json"] = map[string]interface{}{ "code": 200, "msg": "登录成功", "data": map[string]interface{}{ "token": token, "user": map[string]interface{}{ "id": loginUser.ID, "account": loginUser.Account, "name": loginUser.Name, "tid": loginUser.Tid, "rid": loginUser.Rid, "avatar": loginUser.Avatar, "role_name": loginUser.RoleName, }, }, } _ = c.ServeJSON() } // GetCurrentUser 当前登录平台用户信息(含角色名称),需 Bearer Token func (c *PlatformAuthController) GetCurrentUser() { authHeader := c.Ctx.Request.Header.Get("Authorization") if authHeader == "" { c.Data["json"] = map[string]interface{}{"code": 401, "msg": "未登录"} _ = c.ServeJSON() return } authParts := strings.SplitN(authHeader, " ", 2) if len(authParts) != 2 || authParts[0] != "Bearer" { c.Data["json"] = map[string]interface{}{"code": 401, "msg": "认证信息格式错误"} _ = c.ServeJSON() return } claims, err := jwtutil.ParseToken(authParts[1]) if err != nil { c.Data["json"] = map[string]interface{}{"code": 401, "msg": "无效的token"} _ = c.ServeJSON() return } if claims.UserType != "platform" { c.Data["json"] = map[string]interface{}{"code": 403, "msg": "无权访问"} _ = c.ServeJSON() return } loginUser, err := services.PlatformGetCurrentUser(uint64(claims.UserID)) if err != nil { c.Data["json"] = map[string]interface{}{"code": 401, "msg": err.Error()} _ = c.ServeJSON() return } c.Data["json"] = map[string]interface{}{ "code": 200, "msg": "success", "data": map[string]interface{}{ "id": loginUser.ID, "account": loginUser.Account, "name": loginUser.Name, "rid": loginUser.Rid, "avatar": loginUser.Avatar, "role_name": loginUser.RoleName, }, } _ = c.ServeJSON() } // SendLoginCode 发送登录验证码(占位实现) func (c *PlatformAuthController) SendLoginCode() { var req struct { Account string `json:"account"` TenantName string `json:"tenant_name"` Channel string `json:"channel"` } body, _ := io.ReadAll(c.Ctx.Request.Body) if err := json.Unmarshal(body, &req); err != nil { c.Data["json"] = map[string]interface{}{"code": 400, "msg": "参数错误"} _ = c.ServeJSON() return } cfg, _ := models.GetPlatformLoginVerify() if cfg.OpenVerifyEnabled != 1 { c.Data["json"] = map[string]interface{}{"code": 400, "msg": "当前未开启验证"} _ = c.ServeJSON() return } channel := strings.TrimSpace(req.Channel) if channel == "" { channel = cfg.VerifyType } if channel != "sms" && channel != "email" { c.Data["json"] = map[string]interface{}{"code": 400, "msg": "仅支持短信/邮箱验证码"} _ = c.ServeJSON() return } path := strings.ToLower(c.Ctx.Request.URL.Path) var sendErr error if strings.HasPrefix(path, "/backend/") { sendErr = services.SendBackendLoginCode(req.TenantName, req.Account, channel) } else { sendErr = services.SendPlatformLoginCode(req.Account, channel) } if sendErr != nil { c.Data["json"] = map[string]interface{}{"code": 400, "msg": sendErr.Error()} _ = c.ServeJSON() return } c.Data["json"] = map[string]interface{}{"code": 200, "msg": "验证码已发送"} _ = c.ServeJSON() } // LoginBySms 手机号验证码登录(占位实现) func (c *PlatformAuthController) LoginBySms() { c.Data["json"] = map[string]interface{}{ "code": 501, "msg": "手机号验证码登录暂未实现", } _ = c.ServeJSON() } // Logout 平台退出登录(占位实现,当前为无状态直接返回成功) func (c *PlatformAuthController) Logout() { c.Data["json"] = map[string]interface{}{ "code": 200, "msg": "退出成功", } _ = c.ServeJSON() } // GetGeetest3Infos 获取极验3.0配置(占位实现) func (c *PlatformAuthController) GetGeetest3Infos() { cfg, _ := models.GetPlatformLoginVerify() if cfg.Geetest3ID == nil || cfg.Geetest3Key == nil { c.Data["json"] = map[string]interface{}{"code": 404, "msg": "未配置极验3参数"} _ = c.ServeJSON() return } c.Data["json"] = map[string]interface{}{ "code": 200, "msg": "success", "data": map[string]interface{}{ "captcha_id": *cfg.Geetest3ID, "captcha_key": *cfg.Geetest3Key, }, } _ = c.ServeJSON() } // GetGeetest4Infos 获取极验4.0配置(占位实现) func (c *PlatformAuthController) GetGeetest4Infos() { cfg, _ := models.GetPlatformLoginVerify() if cfg.Geetest4ID == nil || cfg.Geetest4Key == nil { c.Data["json"] = map[string]interface{}{"code": 404, "msg": "未配置极验4参数"} _ = c.ServeJSON() return } c.Data["json"] = map[string]interface{}{ "code": 200, "msg": "success", "data": map[string]interface{}{ "captcha_id": *cfg.Geetest4ID, "captcha_key": *cfg.Geetest4Key, }, } _ = c.ServeJSON() } // GetOpenVerify 判断是否开启登录验证(占位实现) func (c *PlatformAuthController) GetOpenVerify() { cfg, _ := models.GetPlatformLoginVerify() openVerify := "0" if cfg.OpenVerifyEnabled == 1 { openVerify = "1" } c.Data["json"] = map[string]interface{}{ "code": 200, "msg": "ok", "data": []map[string]string{ { "label": "openVerify", "value": openVerify, }, { "label": "verifyType", "value": cfg.VerifyType, }, }, } _ = c.ServeJSON() } // Register 注册(占位实现) func (c *PlatformAuthController) Register() { c.Data["json"] = map[string]interface{}{ "code": 501, "msg": "注册暂未实现", } _ = c.ServeJSON() } // SendRegisterCode 发送注册验证码(占位实现) func (c *PlatformAuthController) SendRegisterCode() { c.Data["json"] = map[string]interface{}{ "code": 501, "msg": "发送注册验证码暂未实现", } _ = c.ServeJSON() } // ResetPassword 忘记密码重置(占位实现) func (c *PlatformAuthController) ResetPassword() { c.Data["json"] = map[string]interface{}{ "code": 501, "msg": "重置密码暂未实现", } _ = c.ServeJSON() } // SendResetCode 发送找回密码验证码(占位实现) func (c *PlatformAuthController) SendResetCode() { c.Data["json"] = map[string]interface{}{ "code": 501, "msg": "发送找回密码验证码暂未实现", } _ = c.ServeJSON() }