package pub import ( "context" "time" "perms-system-server/internal/middleware" "perms-system-server/internal/response" "perms-system-server/internal/svc" "perms-system-server/internal/types" "github.com/zeromicro/go-zero/core/logx" ) type AdminLoginLogic struct { logx.Logger ctx context.Context svcCtx *svc.ServiceContext } func NewAdminLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *AdminLoginLogic { return &AdminLoginLogic{ Logger: logx.WithContext(ctx), ctx: ctx, svcCtx: svcCtx, } } // AdminLogin 管理后台登录。仅限超级管理员通过 managementKey + 用户名密码登录管理后台,返回 JWT 令牌对。 // 当 cap.js 未启用时,需同时携带 captchaId/captchaCode 进行图片验证码校验。 func (l *AdminLoginLogic) AdminLogin(req *types.AdminLoginReq) (resp *types.LoginResp, err error) { cfg := l.svcCtx.Config.Capjs if cfg.Enable != 1 { if req.CaptchaId == "" || req.CaptchaCode == "" { return nil, response.ErrBadRequest("验证码不能为空") } if !VerifyCaptcha(req.CaptchaId, req.CaptchaCode) { return nil, response.ErrBadRequest("验证码错误或已过期") } } clientIP := middleware.GetClientIP(l.ctx) result, err := ValidateAdminLogin(l.ctx, l.svcCtx, req.Username, req.Password, req.ManagementKey, clientIP) if err != nil { if le, ok := err.(*LoginError); ok { switch le.Code { case 401: return nil, response.ErrUnauthorized(le.Message) case 429: return nil, response.NewCodeError(429, le.Message) case 503: return nil, response.NewCodeError(503, le.Message) } } return nil, err } ud := result.UserDetails return &types.LoginResp{ AccessToken: result.AccessToken, RefreshToken: result.RefreshToken, Expires: time.Now().Unix() + l.svcCtx.Config.Auth.AccessExpire, UserInfo: types.UserInfo{ UserId: ud.UserId, Username: ud.Username, Nickname: ud.Nickname, Avatar: ud.Avatar, Email: ud.Email, Phone: ud.Phone, IsSuperAdmin: ud.IsSuperAdminRaw, MustChangePassword: ud.MustChangePwdRaw, MemberType: ud.MemberType, Perms: ud.Perms, }, }, nil }