优化表结构，重构模型，重新实现基于白银网关的提取节点流程

web/auth/authorize.go

@@ -10,7 +10,6 @@ import (
 	"platform/pkg/env"
 	"platform/pkg/u"
 	"platform/web/core"
-	user2 "platform/web/domains/user"
 	g "platform/web/globals"
 	"platform/web/globals/orm"
 	m "platform/web/models"
@@ -162,7 +161,7 @@ func Token(c *fiber.Ctx) error {
 		AccessToken:  session.AccessToken,
 		RefreshToken: u.Z(session.RefreshToken),
 		ExpiresIn:    int(time.Time(session.AccessTokenExpires).Sub(now).Seconds()),
-		Scope:        u.Z(session.Scopes_),
+		Scope:        u.Z(session.Scopes),
 	})
 }
 
@@ -202,7 +201,7 @@ func authAuthorizationCode(ctx *fiber.Ctx, auth *AuthCtx, req *TokenReq, now tim
 
 	user, err := q.User.Where(
 		q.User.ID.Eq(codeCtx.UserID),
-		q.User.Status.Eq(int32(user2.StatusEnabled)),
+		q.User.Status.Eq(int(m.UserStatusEnabled)),
 	).First()
 	if err != nil {
 		return nil, err
@@ -211,18 +210,20 @@ func authAuthorizationCode(ctx *fiber.Ctx, auth *AuthCtx, req *TokenReq, now tim
 	// todo 检查 scope
 
 	// 生成会话
+	ip, _ := orm.ParseInet(ctx.Get(core.HeaderUserIP))
+	ua := ctx.Get(core.HeaderUserUA)
 	session := &m.Session{
-		IP:                 u.X(ctx.IP()),
-		UA:                 u.X(ctx.Get(fiber.HeaderUserAgent)),
+		IP:                 ip,
+		UA:                 u.X(ua),
 		UserID:             &user.ID,
 		ClientID:           &auth.Client.ID,
-		Scopes_:            u.P(strings.Join(codeCtx.Scopes, " ")),
+		Scopes:             u.P(strings.Join(codeCtx.Scopes, " ")),
 		AccessToken:        uuid.NewString(),
-		AccessTokenExpires: orm.LocalDateTime(now.Add(time.Duration(env.SessionAccessExpire) * time.Second)),
+		AccessTokenExpires: now.Add(time.Duration(env.SessionAccessExpire) * time.Second),
 	}
 	if codeCtx.Remember {
 		session.RefreshToken = u.P(uuid.NewString())
-		session.RefreshTokenExpires = u.P(orm.LocalDateTime(now.Add(time.Duration(env.SessionRefreshExpire) * time.Second)))
+		session.RefreshTokenExpires = u.P(now.Add(time.Duration(env.SessionRefreshExpire) * time.Second))
 	}
 
 	err = SaveSession(session)
@@ -237,12 +238,14 @@ func authClientCredential(ctx *fiber.Ctx, auth *AuthCtx, _ *TokenReq, now time.T
 	// todo 检查 scope
 
 	// 生成会话
+	ip, _ := orm.ParseInet(ctx.Get(core.HeaderUserIP))
+	ua := ctx.Get(core.HeaderUserUA)
 	session := &m.Session{
-		IP:                 u.X(ctx.IP()),
-		UA:                 u.X(ctx.Get(fiber.HeaderUserAgent)),
+		IP:                 ip,
+		UA:                 u.X(ua),
 		ClientID:           &auth.Client.ID,
 		AccessToken:        uuid.NewString(),
-		AccessTokenExpires: orm.LocalDateTime(now.Add(time.Duration(env.SessionAccessExpire) * time.Second)),
+		AccessTokenExpires: now.Add(time.Duration(env.SessionAccessExpire) * time.Second),
 	}
 
 	// 保存会话
@@ -255,6 +258,9 @@ func authClientCredential(ctx *fiber.Ctx, auth *AuthCtx, _ *TokenReq, now time.T
 }
 
 func authPassword(ctx *fiber.Ctx, auth *AuthCtx, req *TokenReq, now time.Time) (*m.Session, error) {
+	ip, _ := orm.ParseInet(ctx.Get(core.HeaderUserIP))
+	ua := ctx.Get(core.HeaderUserUA)
+
 	var user *m.User
 	err := q.Q.Transaction(func(tx *q.Query) (err error) {
 		switch req.LoginType {
@@ -267,7 +273,7 @@ func authPassword(ctx *fiber.Ctx, auth *AuthCtx, req *TokenReq, now time.Time) (
 				user = &m.User{
 					Phone:    req.Username,
 					Username: u.P(req.Username),
-					Status:   int32(user2.StatusEnabled),
+					Status:   m.UserStatusEnabled,
 				}
 			}
 		case GrantPasswordEmail:
@@ -285,15 +291,15 @@ func authPassword(ctx *fiber.Ctx, auth *AuthCtx, req *TokenReq, now time.Time) (
 		}
 
 		// 账户状态
-		if user2.Status(user.Status) == user2.StatusDisabled {
+		if user.Status == m.UserStatusDisabled {
 			slog.Debug("账户状态异常", "username", req.Username, "status", user.Status)
 			return core.NewBizErr("账号无法登录")
 		}
 
 		// 更新用户的登录时间
-		user.LastLogin = u.P(orm.LocalDateTime(time.Now()))
-		user.LastLoginHost = u.X(ctx.IP())
-		user.LastLoginAgent = u.X(ctx.Get(fiber.HeaderUserAgent))
+		user.LastLogin = u.P(time.Now())
+		user.LastLoginIP = ip
+		user.LastLoginUA = u.X(ua)
 		if err := tx.User.Save(user); err != nil {
 			return err
 		}
@@ -306,17 +312,17 @@ func authPassword(ctx *fiber.Ctx, auth *AuthCtx, req *TokenReq, now time.Time) (
 
 	// 生成会话
 	session := &m.Session{
-		IP:                 u.X(ctx.IP()),
-		UA:                 u.X(ctx.Get(fiber.HeaderUserAgent)),
+		IP:                 ip,
+		UA:                 u.X(ua),
 		UserID:             &user.ID,
 		ClientID:           &auth.Client.ID,
-		Scopes_:            u.X(req.Scope),
+		Scopes:             u.X(req.Scope),
 		AccessToken:        uuid.NewString(),
-		AccessTokenExpires: orm.LocalDateTime(now.Add(time.Duration(env.SessionAccessExpire) * time.Second)),
+		AccessTokenExpires: now.Add(time.Duration(env.SessionAccessExpire) * time.Second),
 	}
 	if req.Remember {
 		session.RefreshToken = u.P(uuid.NewString())
-		session.RefreshTokenExpires = u.P(orm.LocalDateTime(now.Add(time.Duration(env.SessionRefreshExpire) * time.Second)))
+		session.RefreshTokenExpires = u.P(now.Add(time.Duration(env.SessionRefreshExpire) * time.Second))
 	}
 
 	err = SaveSession(session)
@@ -340,10 +346,10 @@ func authRefreshToken(_ *fiber.Ctx, _ *AuthCtx, req *TokenReq, now time.Time) (*
 
 	// 生成令牌
 	session.AccessToken = uuid.NewString()
-	session.AccessTokenExpires = orm.LocalDateTime(now.Add(time.Duration(env.SessionAccessExpire) * time.Second))
+	session.AccessTokenExpires = now.Add(time.Duration(env.SessionAccessExpire) * time.Second)
 	if session.RefreshToken != nil {
 		session.RefreshToken = u.P(uuid.NewString())
-		session.RefreshTokenExpires = u.P(orm.LocalDateTime(now.Add(time.Duration(env.SessionRefreshExpire) * time.Second)))
+		session.RefreshTokenExpires = u.P(now.Add(time.Duration(env.SessionRefreshExpire) * time.Second))
 	}
 
 	// 保存令牌