重构代码结构与认证体系，集成异步任务消费者

2025-11-17 18:38:10 +08:00
parent a97c970166
commit a245229bc2
70 changed files with 2000 additions and 2334 deletions
--- a/web/auth/session.go
+++ b/web/auth/session.go
@@ -2,160 +2,36 @@ package auth

 import (
 	"context"
-	"encoding/json"
-	"errors"
 	"fmt"
-	"github.com/google/uuid"
-	"github.com/redis/go-redis/v9"
-	"platform/pkg/env"
 	g "platform/web/globals"
+	"platform/web/globals/orm"
+	m "platform/web/models"
+	q "platform/web/queries"
 	"time"
+
+	"gorm.io/gen/field"
 )

-type Session struct {
-	// 认证主体
-	Payload *Payload
-	// 令牌信息
-	TokenDetails *TokenDetails
+func FindSession(accessToken string, now time.Time) (*m.Session, error) {
+	return q.Session.
+		Preload(field.Associations).
+		Where(
+			q.Session.AccessToken.Eq(accessToken),
+			q.Session.AccessTokenExpires.Gt(orm.LocalDateTime(now)),
+		).First()
 }

-func FindSession(ctx context.Context, token string) (*Context, error) {
-
-	// 读取认证数据
-	authJSON, err := g.Redis.Get(ctx, accessKey(token)).Result()
-	if err != nil {
-		if errors.Is(err, redis.Nil) {
-			return nil, errors.New("invalid_token")
-		}
-		return nil, err
-	}
-
-	// 反序列化
-	auth := new(Context)
-	if err := json.Unmarshal([]byte(authJSON), auth); err != nil {
-		return nil, err
-	}
-
-	return auth, nil
+func FindSessionByRefresh(refreshToken string, now time.Time) (*m.Session, error) {
+	return q.Session.
+		Preload(field.Associations).
+		Where(
+			q.Session.RefreshToken.Eq(refreshToken),
+			q.Session.RefreshTokenExpires.Gt(orm.LocalDateTime(now)),
+		).First()
 }

-func CreateSession(ctx context.Context, authCtx *Context, remember bool) (*TokenDetails, error) {
-	var now = time.Now()
-
-	// 生成令牌组
-	accessToken := genToken()
-	refreshToken := genToken()
-
-	// 序列化认证数据
-	authData, err := json.Marshal(authCtx)
-	if err != nil {
-		return nil, err
-	}
-
-	// 序列化刷新令牌数据
-	refreshData, err := json.Marshal(RefreshData{
-		AuthContext: authCtx,
-		AccessToken: accessToken,
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	// 事务保存数据到 Redis
-	var accessExpire = time.Duration(env.SessionAccessExpire) * time.Second
-	var refreshExpire = time.Duration(env.SessionRefreshExpire) * time.Second
-
-	pipe := g.Redis.TxPipeline()
-	pipe.Set(ctx, accessKey(accessToken), authData, accessExpire)
-	if remember {
-		pipe.Set(ctx, refreshKey(refreshToken), refreshData, refreshExpire)
-	}
-	_, err = pipe.Exec(ctx)
-	if err != nil {
-		return nil, err
-	}
-
-	return &TokenDetails{
-		AccessToken:         accessToken,
-		AccessTokenExpires:  now.Add(accessExpire),
-		RefreshToken:        refreshToken,
-		RefreshTokenExpires: now.Add(refreshExpire),
-		Auth:                authCtx,
-	}, nil
-}
-
-func RefreshSession(ctx context.Context, refreshToken string, renew bool) (*TokenDetails, error) {
-	var now = time.Now()
-
-	rKey := refreshKey(refreshToken)
-	var tokenDetails *TokenDetails
-
-	// 刷新令牌
-	err := g.Redis.Watch(ctx, func(tx *redis.Tx) error {
-
-		// 先获取刷新令牌数据
-		refreshJson, err := tx.Get(ctx, rKey).Result()
-		if err != nil {
-			if errors.Is(err, redis.Nil) {
-				return ErrInvalidRefreshToken
-			}
-			return err
-		}
-
-		// 解析刷新令牌数据
-		refreshData := new(RefreshData)
-		if err := json.Unmarshal([]byte(refreshJson), refreshData); err != nil {
-			return err
-		}
-
-		// 生成新的令牌
-		newAccessToken := genToken()
-		newRefreshToken := genToken()
-
-		authData, err := json.Marshal(refreshData.AuthContext)
-		if err != nil {
-			return err
-		}
-		newRefreshData, err := json.Marshal(RefreshData{
-			AuthContext: refreshData.AuthContext,
-			AccessToken: newAccessToken,
-		})
-		if err != nil {
-			return err
-		}
-
-		pipeline := tx.Pipeline()
-
-		// 保存新的令牌
-		var accessExpire = time.Duration(env.SessionAccessExpire) * time.Second
-		var refreshExpire = time.Duration(env.SessionRefreshExpire) * time.Second
-
-		pipeline.Set(ctx, accessKey(newAccessToken), authData, accessExpire)
-		pipeline.Set(ctx, refreshKey(newRefreshToken), newRefreshData, refreshExpire)
-
-		// 删除旧的令牌
-		pipeline.Del(ctx, accessKey(refreshData.AccessToken))
-		pipeline.Del(ctx, refreshKey(refreshToken))
-
-		_, err = pipeline.Exec(ctx)
-		if err != nil {
-			return err
-		}
-
-		tokenDetails = &TokenDetails{
-			AccessToken:         newAccessToken,
-			RefreshToken:        newRefreshToken,
-			AccessTokenExpires:  now.Add(accessExpire),
-			RefreshTokenExpires: now.Add(refreshExpire),
-			Auth:                refreshData.AuthContext,
-		}
-		return nil
-	}, rKey)
-	if err != nil {
-		return nil, fmt.Errorf("刷新令牌失败: %w", err)
-	}
-
-	return tokenDetails, nil
+func SaveSession(session *m.Session) error {
+	return q.Session.Save(session)
 }

 func RemoveSession(ctx context.Context, accessToken string, refreshToken string) error {
@@ -163,11 +39,6 @@ func RemoveSession(ctx context.Context, accessToken string, refreshToken string)
 	return nil
 }

-// 生成一个新的令牌
-func genToken() string {
-	return uuid.NewString()
-}
-
 // 令牌键的格式为 "session:<token>"
 func accessKey(token string) string {
 	return fmt.Sprintf("session:%s", token)
@@ -177,32 +48,3 @@ func accessKey(token string) string {
 func refreshKey(token string) string {
 	return fmt.Sprintf("session:refresh:%s", token)
 }
-
-// TokenDetails 存储令牌详细信息
-type TokenDetails struct {
-	// 访问令牌
-	AccessToken string
-	// 刷新令牌
-	RefreshToken string
-	// 访问令牌过期时间
-	AccessTokenExpires time.Time
-	// 刷新令牌过期时间
-	RefreshTokenExpires time.Time
-	// 认证信息
-	Auth *Context
-}
-
-type RefreshData struct {
-	AuthContext *Context
-	AccessToken string
-}
-
-type SessionErr string
-
-func (e SessionErr) Error() string {
-	return string(e)
-}
-
-const (
-	ErrInvalidRefreshToken = SessionErr("无效的刷新令牌")
-)