Merge pull request #19 from go-cinch/piupuer/dev

[feat]v1.1.1

README.md

@@ -48,12 +48,12 @@ Cinch是一套轻量级微服务脚手架, 基于[Kratos], 节省基础服务搭
 - `I18n` - 国际化支持, 简单切换多语言
 - `Minio` - 对象存储
 
-# 当前版本 <img src="https://img.shields.io/badge/Auth-v1.1.0-brightgreen" alt="Current version"/>
+# 当前版本 <img src="https://img.shields.io/badge/Auth-v1.1.1-brightgreen" alt="Current version"/>
 
 建议直接使用最后一个版本
 
 ```bash
-git clone -b v1.1.0 https://github.com/go-cinch/auth
+git clone -b v1.1.1 https://github.com/go-cinch/auth
 ```
 
 ## 在线演示

internal/biz/user.go

@@ -221,8 +221,8 @@ func (uc *UserUseCase) Info(ctx context.Context, code string) (rp *UserInfo) {
 	return
 }
 
-func (uc *UserUseCase) Login(ctx context.Context, item *Login) (rp *LoginToken, err error) {
-	rp = &LoginToken{}
+func (uc *UserUseCase) Login(ctx context.Context, item *Login) (rp LoginToken, err error) {
+	rp = LoginToken{}
 	status, err := uc.Status(ctx, item.Username, false)
 	if err != nil {
 		return

internal/data/action.go

@@ -53,7 +53,7 @@ func (ro actionRepo) Create(ctx context.Context, item *biz.Action) (err error) {
 func (ro actionRepo) GetDefault(ctx context.Context) (rp biz.Action) {
 	p := query.Use(ro.data.DB(ctx)).Action
 	db := p.WithContext(ctx)
-	m := db.GetByCol("word", "default")
+	m := db.GetByCol(p.Word.ColumnName().String(), "default")
 	copierx.Copy(&rp, m)
 	return
 }
@@ -76,7 +76,7 @@ func (ro actionRepo) Find(ctx context.Context, condition *biz.FindAction) (rp []
 	if condition.Resource != nil {
 		conditions = append(conditions, p.Resource.Like(strings.Join([]string{"%", *condition.Resource, "%"}, "")))
 	}
-	condition.Page.Primary = "id"
+	condition.Page.Primary = p.ID.ColumnName().String()
 	condition.Page.
 		WithContext(ctx).
 		Query(
@@ -123,7 +123,7 @@ func (ro actionRepo) Update(ctx context.Context, item *biz.UpdateAction) (err er
 	if item.Word != nil && *item.Word != m.Word {
 		ok := ro.WordExists(ctx, *item.Word)
 		if ok {
-			err = biz.ErrDuplicateField(ctx, "word", *item.Word)
+			err = biz.ErrDuplicateField(ctx, p.Word.ColumnName().String(), *item.Word)
 			return
 		}
 	}
@@ -154,7 +154,7 @@ func (ro actionRepo) CodeExists(ctx context.Context, code string) (err error) {
 	db := p.WithContext(ctx)
 	arr := strings.Split(code, ",")
 	for _, item := range arr {
-		m := db.GetByCol("code", item)
+		m := db.GetByCol(p.Code.ColumnName().String(), item)
 		if m.ID == constant.UI0 {
 			err = biz.ErrRecordNotFound(ctx)
 			log.
@@ -172,7 +172,7 @@ func (ro actionRepo) WordExists(ctx context.Context, word string) (ok bool) {
 	db := p.WithContext(ctx)
 	arr := strings.Split(word, ",")
 	for _, item := range arr {
-		m := db.GetByCol("word", item)
+		m := db.GetByCol(p.Word.ColumnName().String(), item)
 		if m.ID == constant.UI0 {
 			log.
 				WithContext(ctx).

internal/data/hotspot.go

@@ -106,6 +106,9 @@ func (ro hotspotRepo) GetUserByUsername(ctx context.Context, username string) *b
 	if v, ok := m[utils.CamelCase(p.Wrong.ColumnName().String())]; ok {
 		m[utils.CamelCase(p.Wrong.ColumnName().String())], _ = strconv.ParseUint(v.(string), 10, 64)
 	}
+	if v, ok := m[utils.CamelCase(p.LockExpire.ColumnName().String())]; ok {
+		m[utils.CamelCase(p.LockExpire.ColumnName().String())], _ = strconv.ParseInt(v.(string), 10, 64)
+	}
 	var item biz.User
 	utils.Struct2StructByJson(&item, m)
 	span.SetAttributes(
@@ -604,6 +607,7 @@ func (ro hotspotRepo) refreshUser(ctx context.Context, pipe redis.Pipeliner) {
 			utils.CamelCase(p.Platform.ColumnName().String()), item.Platform,
 			utils.CamelCase(p.Wrong.ColumnName().String()), strconv.FormatUint(item.Wrong, 10),
 			utils.CamelCase(p.Locked.ColumnName().String()), item.Locked,
+			utils.CamelCase(p.LockExpire.ColumnName().String()), item.LockExpire,
 		)
 		pipe.Expire(ctx, idKey, ro.randomExpire())
 		codeKey := strings.Join([]string{
@@ -625,6 +629,7 @@ func (ro hotspotRepo) refreshUser(ctx context.Context, pipe redis.Pipeliner) {
 			utils.CamelCase(p.Platform.ColumnName().String()), item.Platform,
 			utils.CamelCase(p.Wrong.ColumnName().String()), strconv.FormatUint(item.Wrong, 10),
 			utils.CamelCase(p.Locked.ColumnName().String()), item.Locked,
+			utils.CamelCase(p.LockExpire.ColumnName().String()), item.LockExpire,
 		)
 		pipe.Expire(ctx, codeKey, ro.randomExpire())
 		usernameKey := strings.Join([]string{
@@ -646,6 +651,7 @@ func (ro hotspotRepo) refreshUser(ctx context.Context, pipe redis.Pipeliner) {
 			utils.CamelCase(p.Platform.ColumnName().String()), item.Platform,
 			utils.CamelCase(p.Wrong.ColumnName().String()), strconv.FormatUint(item.Wrong, 10),
 			utils.CamelCase(p.Locked.ColumnName().String()), item.Locked,
+			utils.CamelCase(p.LockExpire.ColumnName().String()), item.LockExpire,
 		)
 		pipe.Expire(ctx, usernameKey, ro.randomExpire())
 	}

internal/data/role.go

@@ -27,15 +27,15 @@ func NewRoleRepo(data *Data, action biz.ActionRepo) biz.RoleRepo {
 }
 
 func (ro roleRepo) Create(ctx context.Context, item *biz.Role) (err error) {
+	p := query.Use(ro.data.DB(ctx)).Role
+	db := p.WithContext(ctx)
 	ok := ro.WordExists(ctx, item.Word)
 	if ok {
-		err = biz.ErrDuplicateField(ctx, "word", item.Word)
+		err = biz.ErrDuplicateField(ctx, p.Word.ColumnName().String(), item.Word)
 		return
 	}
 	var m model.Role
 	copierx.Copy(&m, item)
-	p := query.Use(ro.data.DB(ctx)).Role
-	db := p.WithContext(ctx)
 	m.ID = ro.data.ID(ctx)
 	if m.Action != "" {
 		err = ro.action.CodeExists(ctx, m.Action)
@@ -59,7 +59,7 @@ func (ro roleRepo) Find(ctx context.Context, condition *biz.FindRole) (rp []biz.
 	if condition.Word != nil {
 		conditions = append(conditions, p.Word.Like(strings.Join([]string{"%", *condition.Word, "%"}, "")))
 	}
-	condition.Page.Primary = "id"
+	condition.Page.Primary = p.ID.ColumnName().String()
 	condition.Page.
 		WithContext(ctx).
 		Query(
@@ -92,7 +92,7 @@ func (ro roleRepo) Update(ctx context.Context, item *biz.UpdateRole) (err error)
 		err = biz.ErrDataNotChange(ctx)
 		return
 	}
-	if a, ok1 := change["action"]; ok1 {
+	if a, ok1 := change[p.Action.ColumnName().String()]; ok1 {
 		if v, ok2 := a.(string); ok2 {
 			err = ro.action.CodeExists(ctx, v)
 			if err != nil {
@@ -103,7 +103,7 @@ func (ro roleRepo) Update(ctx context.Context, item *biz.UpdateRole) (err error)
 	if item.Word != nil && *item.Word != m.Word {
 		ok := ro.WordExists(ctx, *item.Word)
 		if ok {
-			err = biz.ErrDuplicateField(ctx, "word", *item.Word)
+			err = biz.ErrDuplicateField(ctx, p.Word.ColumnName().String(), *item.Word)
 			return
 		}
 	}
@@ -127,7 +127,7 @@ func (ro roleRepo) WordExists(ctx context.Context, word string) (ok bool) {
 	db := p.WithContext(ctx)
 	arr := strings.Split(word, ",")
 	for _, item := range arr {
-		m := db.GetByCol("word", item)
+		m := db.GetByCol(p.Word.ColumnName().String(), item)
 		if m.ID == constant.UI0 {
 			log.
 				WithContext(ctx).

internal/data/user.go

@@ -81,7 +81,7 @@ func (ro userRepo) Find(ctx context.Context, condition *biz.FindUser) (rp []biz.
 	if condition.Locked != nil {
 		conditions = append(conditions, p.Locked.Is(*condition.Locked))
 	}
-	condition.Page.Primary = "id"
+	condition.Page.Primary = p.ID.ColumnName().String()
 	condition.Page.
 		WithContext(ctx).
 		Query(
@@ -166,31 +166,31 @@ func (ro userRepo) Update(ctx context.Context, item *biz.UpdateUser) (err error)
 		return
 	}
 	// check lock or unlock
-	if locked, ok1 := change["locked"]; ok1 {
-		if v1, ok2 := locked.(uint64); ok2 {
+	if locked, ok1 := change[p.Locked.ColumnName().String()]; ok1 {
+		if v1, ok2 := locked.(bool); ok2 {
 			var lockExpire int64
-			if expire, ok3 := change["lock_expire"]; ok3 {
+			if expire, ok3 := change[p.LockExpire.ColumnName().String()]; ok3 {
 				if v2, ok4 := expire.(int64); ok4 {
 					lockExpire = v2
 				}
 			}
-			if m.Locked && v1 == constant.UI0 {
-				change["lock_expire"] = constant.I0
-			} else if !m.Locked && v1 == constant.UI1 {
-				change["lock_expire"] = lockExpire
+			if m.Locked && !v1 {
+				change[p.LockExpire.ColumnName().String()] = constant.I0
+			} else if !m.Locked && v1 {
+				change[p.LockExpire.ColumnName().String()] = lockExpire
 			}
 		}
 	}
-	if username, ok1 := change["username"]; ok1 {
+	if username, ok1 := change[p.Username.ColumnName().String()]; ok1 {
 		if v, ok2 := username.(string); ok2 {
 			_, err = ro.GetByUsername(ctx, v)
 			if err == nil {
-				err = biz.ErrDuplicateField(ctx, "username", v)
+				err = biz.ErrDuplicateField(ctx, p.Username.ColumnName().String(), v)
 				return
 			}
 		}
 	}
-	if roleId, ok1 := change["role_id"]; ok1 {
+	if roleId, ok1 := change[p.RoleID.ColumnName().String()]; ok1 {
 		if v, ok2 := roleId.(string); ok2 && v != "0" {
 			pRole := query.Use(ro.data.DB(ctx)).Role
 			dbRole := pRole.WithContext(ctx)
@@ -221,20 +221,22 @@ func (ro userRepo) Delete(ctx context.Context, ids ...uint64) (err error) {
 }
 
 func (ro userRepo) LastLogin(ctx context.Context, username string) (err error) {
-	fields := make(map[string]interface{})
-	fields["wrong"] = constant.I0
-	fields["last_login"] = carbon.Now()
-	fields["locked"] = constant.UI0
-	fields["lock_expire"] = constant.I0
 	p := query.Use(ro.data.DB(ctx)).User
 	db := p.WithContext(ctx)
+	fields := make(map[string]interface{})
+	fields[p.Wrong.ColumnName().String()] = constant.I0
+	fields[p.LastLogin.ColumnName().String()] = carbon.Now()
+	fields[p.Locked.ColumnName().String()] = constant.UI0
+	fields[p.LockExpire.ColumnName().String()] = constant.I0
 	_, err = db.
 		Where(p.Username.Eq(username)).
 		Updates(&fields)
 	return
 }
 
 func (ro userRepo) WrongPwd(ctx context.Context, req *biz.LoginTime) (err error) {
+	p := query.Use(ro.data.DB(ctx)).User
+	db := p.WithContext(ctx)
 	oldItem, err := ro.GetByUsername(ctx, req.Username)
 	if err != nil {
 		return
@@ -251,20 +253,18 @@ func (ro userRepo) WrongPwd(ctx context.Context, req *biz.LoginTime) (err error)
 	if newWrong >= 5 {
 		change["locked"] = constant.UI1
 		if newWrong == 5 {
-			change["lock_expire"] = carbon.Now().AddDuration("5m").StdTime().Unix()
+			change[p.LockExpire.ColumnName().String()] = carbon.Now().AddDuration("5m").StdTime().Unix()
 		} else if newWrong == 10 {
-			change["lock_expire"] = carbon.Now().AddDuration("30m").StdTime().Unix()
+			change[p.LockExpire.ColumnName().String()] = carbon.Now().AddDuration("30m").StdTime().Unix()
 		} else if newWrong == 20 {
-			change["lock_expire"] = carbon.Now().AddDuration("24h").StdTime().Unix()
+			change[p.LockExpire.ColumnName().String()] = carbon.Now().AddDuration("24h").StdTime().Unix()
 		} else if newWrong >= 30 {
 			// forever lock
-			change["lock_expire"] = 0
+			change[p.LockExpire.ColumnName().String()] = 0
 		}
 	}
-	change["wrong"] = newWrong
+	change[p.Wrong.ColumnName().String()] = newWrong
 
-	p := query.Use(ro.data.DB(ctx)).User
-	db := p.WithContext(ctx)
 	_, err = db.
 		Where(p.ID.Eq(oldItem.Id)).
 		Where(p.Wrong.Eq(oldItem.Wrong)).
@@ -275,16 +275,16 @@ func (ro userRepo) WrongPwd(ctx context.Context, req *biz.LoginTime) (err error)
 func (ro userRepo) UpdatePassword(ctx context.Context, item *biz.User) (err error) {
 	p := query.Use(ro.data.DB(ctx)).User
 	db := p.WithContext(ctx)
-	m := db.GetByCol("username", item.Username)
+	m := db.GetByCol(p.Username.ColumnName().String(), item.Username)
 	if m.ID == constant.UI0 {
 		err = biz.ErrRecordNotFound(ctx)
 		return
 	}
 	fields := make(map[string]interface{})
-	fields["password"] = item.Password
-	fields["wrong"] = constant.I0
-	fields["locked"] = constant.UI0
-	fields["lock_expire"] = constant.I0
+	fields[p.Password.ColumnName().String()] = item.Password
+	fields[p.Wrong.ColumnName().String()] = constant.I0
+	fields[p.Locked.ColumnName().String()] = constant.UI0
+	fields[p.LockExpire.ColumnName().String()] = constant.I0
 	_, err = db.
 		Where(p.ID.Eq(m.ID)).
 		Updates(&fields)

internal/data/user_group.go

@@ -36,9 +36,9 @@ func NewUserGroupRepo(data *Data, action biz.ActionRepo, user biz.UserRepo) biz.
 func (ro userGroupRepo) Create(ctx context.Context, item *biz.UserGroup) (err error) {
 	p := query.Use(ro.data.DB(ctx)).UserGroup
 	db := p.WithContext(ctx)
-	m := db.GetByCol("word", item.Word)
+	m := db.GetByCol(p.Word.ColumnName().String(), item.Word)
 	if m.ID > constant.UI0 {
-		err = biz.ErrDuplicateField(ctx, "word", item.Word)
+		err = biz.ErrDuplicateField(ctx, p.Word.ColumnName().String(), item.Word)
 		return
 	}
 	copierx.Copy(&m, item)
@@ -80,7 +80,7 @@ func (ro userGroupRepo) Find(ctx context.Context, condition *biz.FindUserGroup)
 	if condition.Action != nil {
 		conditions = append(conditions, p.Action.Like(strings.Join([]string{"%", *condition.Action, "%"}, "")))
 	}
-	condition.Page.Primary = "id"
+	condition.Page.Primary = p.ID.ColumnName().String()
 	condition.Page.
 		WithContext(ctx).
 		Query(
@@ -118,7 +118,7 @@ func (ro userGroupRepo) Update(ctx context.Context, item *biz.UpdateUserGroup) (
 	if item.Word != nil && *item.Word != m.Word {
 		ok := ro.WordExists(ctx, *item.Word)
 		if ok {
-			err = biz.ErrDuplicateField(ctx, "word", *item.Word)
+			err = biz.ErrDuplicateField(ctx, p.Word.ColumnName().String(), *item.Word)
 			return
 		}
 	}
@@ -160,7 +160,7 @@ func (ro userGroupRepo) WordExists(ctx context.Context, word string) (ok bool) {
 	db := p.WithContext(ctx)
 	arr := strings.Split(word, ",")
 	for _, item := range arr {
-		m := db.GetByCol("word", item)
+		m := db.GetByCol(p.Word.ColumnName().String(), item)
 		if m.ID == constant.UI0 {
 			log.
 				WithContext(ctx).

internal/data/whitelist.go

@@ -49,7 +49,7 @@ func (ro whitelistRepo) Find(ctx context.Context, condition *biz.FindWhitelist)
 	if condition.Resource != nil {
 		conditions = append(conditions, p.Resource.Like(strings.Join([]string{"%", *condition.Resource, "%"}, "")))
 	}
-	condition.Page.Primary = "id"
+	condition.Page.Primary = p.ID.ColumnName().String()
 	condition.Page.
 		WithContext(ctx).
 		Query(

internal/service/auth.go

@@ -2,7 +2,6 @@ package service
 
 import (
 	"context"
-	"errors"
 	"strings"
 	"time"
 
@@ -53,11 +52,19 @@ func (s *AuthService) Login(ctx context.Context, req *auth.LoginRequest) (rp *au
 	r := &biz.Login{}
 	copierx.Copy(&r, req)
 	res, err := s.user.Login(ctx, r)
-	loginFailedErr := biz.ErrLoginFailed(ctx)
-	loginFailed := errors.Is(err, loginFailedErr)
-	notFound := errors.Is(err, biz.ErrRecordNotFound(ctx))
-	ctx, _ = context.WithTimeout(ctx, time.Second)
 	if err != nil {
+		loginFailedErr := biz.ErrLoginFailed(ctx)
+		loginFailed := err.Error() == loginFailedErr.Error()
+		notFound := err.Error() == biz.ErrRecordNotFound(ctx).Error()
+		invalidCaptcha := err.Error() == biz.ErrInvalidCaptcha(ctx).Error()
+		if invalidCaptcha {
+			return 
+		}
+		if notFound {
+			// avoid guess username
+			err = loginFailedErr
+			return
+		}
 		if loginFailed {
 			_ = s.task.Once(
 				worker.WithRunCtx(ctx),
@@ -78,11 +85,6 @@ func (s *AuthService) Login(ctx context.Context, req *auth.LoginRequest) (rp *au
 			s.flushCache(ctx)
 			return
 		}
-		if notFound {
-			// avoid guess username
-			err = loginFailedErr
-			return
-		}
 		return
 	}
 	copierx.Copy(&rp, res)
@@ -91,7 +93,7 @@ func (s *AuthService) Login(ctx context.Context, req *auth.LoginRequest) (rp *au
 		worker.WithRunUUID(strings.Join([]string{s.c.Task.Group.LoginLast, req.Username}, ".")),
 		worker.WithRunGroup(s.c.Task.Group.LoginLast),
 		worker.WithRunIn(time.Duration(10)*time.Second),
-		worker.WithRunTimeout(10),
+		worker.WithRunTimeout(3),
 		worker.WithRunReplace(true),
 		worker.WithRunPayload(utils.Struct2Json(biz.LoginTime{
 			Username: req.Username,