重构错误处理逻辑，使用 fiber.Error 统一返回错误状态码；统一授权枚举值定义到 auth 包

web/services/auth.go

@@ -3,7 +3,7 @@ package services
 import (
 	"context"
 	"errors"
-	"platform/web/auth"
+	auth2 "platform/web/auth"
 	"platform/web/core"
 	client2 "platform/web/domains/client"
 	m "platform/web/models"
@@ -26,12 +26,12 @@ func (s *authService) OauthAuthorizationCode(ctx context.Context, client *m.Clie
 // OauthClientCredentials 验证客户端凭证
 func (s *authService) OauthClientCredentials(ctx context.Context, client *m.Client, scope ...string) (*TokenDetails, error) {
 
-	var clientType auth.PayloadType
+	var clientType auth2.PayloadType
 	switch client2.Spec(client.Spec) {
 	case client2.SpecNative, client2.SpecBrowser:
-		clientType = auth.PayloadPublicServer
+		clientType = auth2.PayloadPublicServer
 	case client2.SpecWeb, client2.SpecTrusted:
-		clientType = auth.PayloadSecuredServer
+		clientType = auth2.PayloadSecuredServer
 	}
 
 	var permissions = make(map[string]struct{}, len(scope))
@@ -40,9 +40,9 @@ func (s *authService) OauthClientCredentials(ctx context.Context, client *m.Clie
 	}
 
 	// 保存会话并返回令牌
-	authCtx := auth.Context{
+	authCtx := auth2.Context{
 		Permissions: permissions,
-		Payload: auth.Payload{
+		Payload: auth2.Payload{
 			Id:   client.ID,
 			Type: clientType,
 			Name: client.Name,
@@ -75,7 +75,7 @@ func (s *authService) OauthPassword(ctx context.Context, _ *m.Client, data *Gran
 	err := q.Q.Transaction(func(tx *q.Query) error {
 
 		switch data.LoginType {
-		case OauthGrantPasswordTypePhoneCode:
+		case auth2.GrantPasswordPhone:
 			// 验证验证码
 			err := Verifier.VerifySms(ctx, data.Username, data.Password)
 			if err != nil {
@@ -91,13 +91,13 @@ func (s *authService) OauthPassword(ctx context.Context, _ *m.Client, data *Gran
 			if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
 				return err
 			}
-		case OauthGrantPasswordTypeEmailCode:
+		case auth2.GrantPasswordEmail:
 			var err error
 			user, err = tx.User.Where(tx.User.Email.Eq(data.Username)).Take()
 			if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
 				return err
 			}
-		case OauthGrantPasswordTypePassword:
+		case auth2.GrantPasswordSecret:
 			var err error
 			user, err = tx.User.
 				Where(tx.User.Or(
@@ -136,10 +136,10 @@ func (s *authService) OauthPassword(ctx context.Context, _ *m.Client, data *Gran
 	}
 
 	// 保存到会话
-	authCtx := auth.Context{
-		Payload: auth.Payload{
+	authCtx := auth2.Context{
+		Payload: auth2.Payload{
 			Id:     user.ID,
-			Type:   auth.PayloadUser,
+			Type:   auth2.PayloadUser,
 			Name:   user.Name,
 			Avatar: user.Avatar,
 		},
@@ -167,29 +167,12 @@ type GrantRefreshData struct {
 }
 
 type GrantPasswordData struct {
-	LoginType OauthGrantLoginType `json:"login_type" form:"login_type"`
-	Username  string              `json:"username" form:"username"`
-	Password  string              `json:"password" form:"password"`
-	Remember  bool                `json:"remember" form:"remember"`
+	LoginType auth2.PasswordGrantType `json:"login_type" form:"login_type"`
+	Username  string                  `json:"username" form:"username"`
+	Password  string                  `json:"password" form:"password"`
+	Remember  bool                    `json:"remember" form:"remember"`
 }
 
-type OauthGrantType string
-
-const (
-	OauthGrantTypeAuthorizationCode = OauthGrantType("authorization_code")
-	OauthGrantTypeClientCredentials = OauthGrantType("client_credentials")
-	OauthGrantTypeRefreshToken      = OauthGrantType("refresh_token")
-	OauthGrantTypePassword          = OauthGrantType("password")
-)
-
-type OauthGrantLoginType string
-
-const (
-	OauthGrantPasswordTypePassword  = OauthGrantLoginType("password")
-	OauthGrantPasswordTypePhoneCode = OauthGrantLoginType("phone_code")
-	OauthGrantPasswordTypeEmailCode = OauthGrantLoginType("email_code")
-)
-
 type AuthServiceError string
 
 func (e AuthServiceError) Error() string {