认证授权主要流程实现

scripts/sql/init.sql

@@ -1,3 +1,22 @@
+-- 清空数据表
+do
+$$
+    declare
+        r record;
+    begin
+        for r in (
+            select
+                tablename
+            from
+                pg_tables
+            where
+                schemaname = 'public'
+        ) loop
+            execute 'DROP TABLE IF EXISTS ' || quote_ident(r.tablename) || ' CASCADE';
+        end loop;
+    end
+$$;
+
 -- ====================
 -- region 管理员信息
 -- ====================
@@ -14,7 +33,7 @@ create table admin (
     email            varchar(255),
     status           int          not null default 1,
     last_login       timestamp,
-    last_login_addr  varchar(45),
+    last_login_host  varchar(45),
     last_login_agent varchar(255),
     created_at       timestamp             default current_timestamp,
     updated_at       timestamp             default current_timestamp,
@@ -33,7 +52,7 @@ comment on column admin.phone is '手机号码';
 comment on column admin.email is '邮箱';
 comment on column admin.status is '状态：1-正常，0-禁用';
 comment on column admin.last_login is '最后登录时间';
-comment on column admin.last_login_addr is '最后登录地址';
+comment on column admin.last_login_host is '最后登录地址';
 comment on column admin.last_login_agent is '最后登录代理';
 comment on column admin.created_at is '创建时间';
 comment on column admin.updated_at is '更新时间';
@@ -90,7 +109,7 @@ create table "user" (
     contact_qq       varchar(255),
     contact_wechat   varchar(255),
     last_login       timestamp,
-    last_login_addr  varchar(45),
+    last_login_host  varchar(45),
     last_login_agent varchar(255),
     created_at       timestamp               default current_timestamp,
     updated_at       timestamp               default current_timestamp,
@@ -103,26 +122,26 @@ create index user_status_index on "user" (status);
 
 -- user表字段注释
 comment on table "user" is '用户表';
-comment on column user.id is '用户ID';
-comment on column user.admin_id is '管理员ID';
-comment on column user.password is '用户密码';
-comment on column user.username is '用户名';
-comment on column user.phone is '手机号码';
-comment on column user.name is '真实姓名';
-comment on column user.avatar is '头像URL';
-comment on column user.status is '用户状态：1-正常，0-禁用';
-comment on column user.balance is '账户余额';
-comment on column user.id_type is '认证类型：0-未认证，1-个人认证，2-企业认证';
-comment on column user.id_no is '身份证号或营业执照号';
-comment on column user.id_token is '身份验证标识';
-comment on column user.contact_qq is 'QQ联系方式';
-comment on column user.contact_wechat is '微信联系方式';
-comment on column user.last_login is '最后登录时间';
-comment on column user.last_login_addr is '最后登录地址';
-comment on column user.last_login_agent is '最后登录代理';
-comment on column user.created_at is '创建时间';
-comment on column user.updated_at is '更新时间';
-comment on column user.deleted_at is '删除时间';
+comment on column "user".id is '用户ID';
+comment on column "user".admin_id is '管理员ID';
+comment on column "user".password is '用户密码';
+comment on column "user".username is '用户名';
+comment on column "user".phone is '手机号码';
+comment on column "user".name is '真实姓名';
+comment on column "user".avatar is '头像URL';
+comment on column "user".status is '用户状态：1-正常，0-禁用';
+comment on column "user".balance is '账户余额';
+comment on column "user".id_type is '认证类型：0-未认证，1-个人认证，2-企业认证';
+comment on column "user".id_no is '身份证号或营业执照号';
+comment on column "user".id_token is '身份验证标识';
+comment on column "user".contact_qq is 'QQ联系方式';
+comment on column "user".contact_wechat is '微信联系方式';
+comment on column "user".last_login is '最后登录时间';
+comment on column "user".last_login_host is '最后登录地址';
+comment on column "user".last_login_agent is '最后登录代理';
+comment on column "user".created_at is '创建时间';
+comment on column "user".updated_at is '更新时间';
+comment on column "user".deleted_at is '删除时间';
 
 -- user_role
 drop table if exists user_role cascade;
@@ -150,6 +169,51 @@ comment on column user_role.deleted_at is '删除时间';
 
 -- endregion
 
+-- ====================
+-- region 客户端信息
+-- ====================
+
+drop table if exists client cascade;
+create table client (
+    id            serial primary key,
+    client_id     varchar(255) not null unique,
+    client_secret varchar(255) not null,
+    redirect_uri  varchar(255),
+    grant_code    bool         not null default false,
+    grant_client  bool         not null default false,
+    grant_refresh bool         not null default false,
+    spec          int          not null,
+    name          varchar(255) not null,
+    version       int          not null,
+    status        int          not null default 1,
+    created_at    timestamp             default current_timestamp,
+    updated_at    timestamp             default current_timestamp,
+    deleted_at    timestamp
+);
+
+create index client_client_id_index on client (client_id);
+create index client_name_index on client (name);
+create index client_status_index on client (status);
+
+-- client表字段注释
+comment on table client is '客户端表';
+comment on column client.id is '客户端ID';
+comment on column client.client_id is 'OAuth2客户端标识符';
+comment on column client.client_secret is 'OAuth2客户端密钥';
+comment on column client.redirect_uri is 'OAuth2 重定向URI';
+comment on column client.grant_code is '允许授权码授予';
+comment on column client.grant_client is '允许客户端凭证授予';
+comment on column client.grant_refresh is '允许刷新令牌授予';
+comment on column client.spec is '安全规范：0-web，1-native，2-browser';
+comment on column client.name is '名称';
+comment on column client.version is '版本';
+comment on column client.status is '状态：1-正常，0-禁用';
+comment on column client.created_at is '创建时间';
+comment on column client.updated_at is '更新时间';
+comment on column client.deleted_at is '删除时间';
+
+-- endregion
+
 -- ====================
 -- region 权限信息
 -- ====================
@@ -168,6 +232,7 @@ create table permission (
     deleted_at  timestamp
 );
 create index permission_parent_id_index on permission (parent_id);
+create index permission_name_index on permission (name);
 
 -- permission表字段注释
 comment on table permission is '权限表';
@@ -283,6 +348,32 @@ comment on column admin_role_permission_link.created_at is '创建时间';
 comment on column admin_role_permission_link.updated_at is '更新时间';
 comment on column admin_role_permission_link.deleted_at is '删除时间';
 
+-- client_permission_link
+drop table if exists client_permission_link cascade;
+create table client_permission_link (
+    id            serial primary key,
+    client_id     int not null references client (id)
+        on update cascade
+        on delete cascade,
+    permission_id int not null references permission (id)
+        on update cascade
+        on delete cascade,
+    created_at    timestamp default current_timestamp,
+    updated_at    timestamp default current_timestamp,
+    deleted_at    timestamp
+);
+create index client_permission_link_client_id_index on client_permission_link (client_id);
+create index client_permission_link_permission_id_index on client_permission_link (permission_id);
+
+-- client_permission_link表字段注释
+comment on table client_permission_link is '客户端权限关联表';
+comment on column client_permission_link.id is '关联ID';
+comment on column client_permission_link.client_id is '客户端ID';
+comment on column client_permission_link.permission_id is '权限ID';
+comment on column client_permission_link.created_at is '创建时间';
+comment on column client_permission_link.updated_at is '更新时间';
+comment on column client_permission_link.deleted_at is '删除时间';
+
 -- endregion
 
 -- ====================
@@ -324,19 +415,19 @@ create table whitelist (
     user_id    int         not null references "user" (id)
         on update cascade
         on delete cascade,
-    address    varchar(45) not null,
+    host       varchar(45) not null,
     created_at timestamp default current_timestamp,
     updated_at timestamp default current_timestamp,
     deleted_at timestamp
 );
 create index whitelist_user_id_index on whitelist (user_id);
-create index whitelist_address_index on whitelist (address);
+create index whitelist_host_index on whitelist (host);
 
 -- whitelist表字段注释
 comment on table whitelist is '白名单表';
 comment on column whitelist.id is '白名单ID';
 comment on column whitelist.user_id is '用户ID';
-comment on column whitelist.address is 'IP地址';
+comment on column whitelist.host is 'IP地址';
 comment on column whitelist.created_at is '创建时间';
 comment on column whitelist.updated_at is '更新时间';
 comment on column whitelist.deleted_at is '删除时间';
@@ -351,7 +442,7 @@ create table channel (
     node_id    int          references node (id)  --
                                 on update cascade --
                                 on delete set null,
-    user_addr  varchar(255) not null,
+    user_host  varchar(255) not null,
     node_port  int,
     auth_ip    bool         not null default false,
     auth_pass  bool         not null default false,
@@ -365,7 +456,7 @@ create table channel (
 );
 create index channel_user_id_index on channel (user_id);
 create index channel_node_id_index on channel (node_id);
-create index channel_user_addr_index on channel (user_addr);
+create index channel_user_host_index on channel (user_host);
 create index channel_node_port_index on channel (node_port);
 create index channel_expiration_index on channel (expiration);
 
@@ -374,7 +465,7 @@ comment on table channel is '通道表';
 comment on column channel.id is '通道ID';
 comment on column channel.user_id is '用户ID';
 comment on column channel.node_id is '节点ID';
-comment on column channel.user_addr is '用户地址';
+comment on column channel.user_host is '用户地址';
 comment on column channel.node_port is '节点端口';
 comment on column channel.auth_ip is 'IP认证';
 comment on column channel.auth_pass is '密码认证';