mirror of https://github.com/veypi/OneAuth.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
106 lines
2.4 KiB
Go
106 lines
2.4 KiB
Go
package models
|
|
|
|
import (
|
|
"github.com/veypi/OneAuth/oalib"
|
|
"github.com/veypi/utils"
|
|
"github.com/veypi/utils/jwt"
|
|
"gorm.io/gorm"
|
|
"strconv"
|
|
"strings"
|
|
)
|
|
|
|
// User db user model
|
|
type User struct {
|
|
BaseModel
|
|
Username string `gorm:"type:varchar(100);unique;not null"`
|
|
Nickname string `gorm:"type:varchar(100)"`
|
|
Phone string `gorm:"type:varchar(20);unique;default:null"`
|
|
Email string `gorm:"type:varchar(50);unique;default:null"`
|
|
CheckCode string `gorm:"type:varchar(64);not null" json:"-"`
|
|
RealCode string `gorm:"type:varchar(32);not null" json:"-"`
|
|
Position string
|
|
// disabled 禁用
|
|
Status string
|
|
|
|
Icon string
|
|
Roles []*Role `gorm:"many2many:UserRoles;"`
|
|
Apps []*AppUser `gorm:""`
|
|
Auths []*Auth `gorm:"foreignkey:UserID;references:ID"`
|
|
Used uint `gorm:"default:0"`
|
|
Space uint `gorm:"default:300"`
|
|
}
|
|
|
|
func (u *User) String() string {
|
|
return u.Username + ":" + u.Nickname
|
|
}
|
|
|
|
func (u *User) LoadAuths(tx *gorm.DB) error {
|
|
return tx.Where("ID = ?", u.ID).Preload("Auths").Preload("Roles.Auths").First(u).Error
|
|
}
|
|
|
|
func (u *User) GetAuths() []*Auth {
|
|
list := make([]*Auth, 0, 10)
|
|
for _, r := range u.Roles {
|
|
for _, a := range r.Auths {
|
|
list = append(list, a)
|
|
}
|
|
}
|
|
for _, a := range u.Auths {
|
|
list = append(list, a)
|
|
}
|
|
return list
|
|
}
|
|
|
|
func (u *User) GetAuth(uuid, ResourceID string, ResourceUUID ...string) oalib.AuthLevel {
|
|
var res = oalib.AuthNone
|
|
ruid := ""
|
|
if len(ResourceUUID) > 0 {
|
|
ruid = ResourceUUID[0]
|
|
}
|
|
for _, a := range u.GetAuths() {
|
|
if a.RID == ResourceID && a.AppUUID == uuid {
|
|
if a.RUID != "" {
|
|
if a.RUID == ruid {
|
|
if a.Level.Upper(res) {
|
|
res = a.Level
|
|
}
|
|
} else {
|
|
continue
|
|
}
|
|
} else if a.Level.Upper(res) {
|
|
res = a.Level
|
|
}
|
|
}
|
|
}
|
|
return res
|
|
}
|
|
|
|
func (u *User) UpdatePass(ps string) (err error) {
|
|
u.RealCode = utils.RandSeq(32)
|
|
u.CheckCode, err = utils.AesEncrypt(u.RealCode, []byte(ps))
|
|
return err
|
|
}
|
|
|
|
func (u *User) CheckLogin(ps string) (bool, error) {
|
|
temp, err := utils.AesDecrypt(u.CheckCode, []byte(ps))
|
|
return temp == u.RealCode, err
|
|
}
|
|
|
|
func (u *User) GetToken(uuid string, key []byte) (string, error) {
|
|
payload := &oalib.PayLoad{
|
|
ID: u.ID,
|
|
Auth: []*oalib.SimpleAuth{},
|
|
}
|
|
for _, a := range u.GetAuths() {
|
|
if uuid == a.AppUUID {
|
|
ruid := strings.ReplaceAll(a.RUID, "$id", strconv.Itoa(int(u.ID)))
|
|
payload.Auth = append(payload.Auth, &oalib.SimpleAuth{
|
|
RID: a.RID,
|
|
RUID: ruid,
|
|
Level: a.Level,
|
|
})
|
|
}
|
|
}
|
|
return jwt.GetToken(payload, key)
|
|
}
|