修复统计数据和密码登录逻辑

2025-07-01 18:23:15 +08:00
parent 822ba3d02a
commit f50d5bba6f
6 changed files with 69 additions and 29 deletions
--- a/web/services/auth.go
+++ b/web/services/auth.go
@@ -3,9 +3,13 @@ package services
 import (
 	"context"
 	"errors"
+	"golang.org/x/crypto/bcrypt"
+	"log/slog"
 	"platform/pkg/u"
 	auth2 "platform/web/auth"
+	"platform/web/core"
 	client2 "platform/web/domains/client"
+	user2 "platform/web/domains/user"
 	"platform/web/globals/orm"
 	m "platform/web/models"
 	q "platform/web/queries"
@@ -84,23 +88,35 @@ func (s *authService) OauthPassword(ctx context.Context, _ *m.Client, data *Gran
 				return err
 			}
 		case auth2.GrantPasswordEmail:
-			var err error
-			user, err = tx.User.Where(tx.User.Email.Eq(data.Username)).Take()
-			if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
-				return err
-			}
+			return core.NewServErr("邮箱登录暂不可用")
 		case auth2.GrantPasswordSecret:
 			var err error
 			user, err = tx.User.
-				Where(tx.User.Or(
-					tx.User.Phone.Eq(data.Username),
-					tx.User.Email.Eq(data.Username),
-					tx.User.Username.Eq(data.Username),
-				)).
+				Where(tx.User.Phone.Eq(data.Username)).
+				Or(tx.User.Email.Eq(data.Username)).
+				Or(tx.User.Username.Eq(data.Username)).
 				Take()
-			if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
-				return err
+			if err != nil {
+				slog.Debug("查找用户失败", "error", err)
+				return core.NewBizErr("用户不存在或密码错误")
 			}
+
+			// 账户状态
+			if user2.Status(user.Status) == user2.StatusDisabled {
+				slog.Debug("账户状态异常", "username", data.Username, "status", user.Status)
+				return core.NewBizErr("用户不存在或密码错误")
+			}
+
+			// 验证密码
+			if user.Password == nil || *user.Password == "" {
+				slog.Debug("用户未设置密码", "username", data.Username)
+				return core.NewBizErr("用户不存在或密码错误")
+			}
+			if bcrypt.CompareHashAndPassword([]byte(*user.Password), []byte(data.Password)) != nil {
+				slog.Debug("密码验证失败", "username", data.Username)
+				return core.NewBizErr("用户不存在或密码错误")
+			}
+
 		default:
 			return ErrOauthInvalidRequest
 		}
@@ -117,7 +133,7 @@ func (s *authService) OauthPassword(ctx context.Context, _ *m.Client, data *Gran
 		user.LastLogin = u.P(orm.LocalDateTime(time.Now()))
 		user.LastLoginHost = u.P(ip)
 		user.LastLoginAgent = u.P(agent)
-		if err := tx.User.Omit(q.User.AdminID).Save(user); err != nil {
+		if err := tx.User.Save(user); err != nil {
 			return err
 		}