refactor: 使用session鉴权

2026-02-06 06:17:16 +08:00 · 2024-07-11 02:51:49 +08:00
parent 7907345521
commit c4e01b37b7
11 changed files with 171 additions and 117 deletions
--- a/app/http/controllers/user_controller.go
+++ b/app/http/controllers/user_controller.go
@@ -1,8 +1,11 @@
 package controllers

 import (
+	"fmt"
+
 	"github.com/goravel/framework/contracts/http"
 	"github.com/goravel/framework/facades"
+	"github.com/spf13/cast"

 	"github.com/TheTNB/panel/app/http/requests/user"
 	"github.com/TheTNB/panel/app/models"
@@ -20,16 +23,15 @@ func NewUserController() *UserController {

 // Login
 //
-//	@Summary		登录
-//	@Description	通过用户名和密码获取访问令牌
-//	@Tags			用户鉴权
-//	@Accept			json
-//	@Produce		json
-//	@Param			data	body		requests.Login	true	"request"
-//	@Success		200		{object}	SuccessResponse
-//	@Failure		403		{object}	ErrorResponse	"用户名或密码错误"
-//	@Failure		500		{object}	ErrorResponse	"系统内部错误
-//	@Router			/panel/user/login [post]
+//	@Summary	登录
+//	@Tags		用户鉴权
+//	@Accept		json
+//	@Produce	json
+//	@Param		data	body		requests.Login	true	"request"
+//	@Success	200		{object}	SuccessResponse
+//	@Failure	403		{object}	ErrorResponse	"用户名或密码错误"
+//	@Failure	500		{object}	ErrorResponse	"系统内部错误
+//	@Router		/panel/user/login [post]
 func (r *UserController) Login(ctx http.Context) http.Response {
 	var loginRequest requests.Login
 	sanitize := SanitizeRequest(ctx, &loginRequest)
@@ -60,32 +62,38 @@ func (r *UserController) Login(ctx http.Context) http.Response {
 		}
 	}

-	token, loginErr := facades.Auth(ctx).LoginUsingID(user.ID)
-	if loginErr != nil {
-		facades.Log().Request(ctx.Request()).Tags("面板", "用户").With(map[string]any{
-			"error": err.Error(),
-		}).Info("登录失败")
-		return ErrorSystem(ctx)
+	ctx.Request().Session().Put("user_id", user.ID)
+	return Success(ctx, nil)
+}
+
+// Logout
+//
+//	@Summary	登出
+//	@Tags		用户鉴权
+//	@Produce	json
+//	@Security	BearerToken
+//	@Success	200	{object}	SuccessResponse
+//	@Router		/panel/user/logout [post]
+func (r *UserController) Logout(ctx http.Context) http.Response {
+	if err := ctx.Request().Session().Invalidate(); err != nil {
+		return Error(ctx, http.StatusInternalServerError, fmt.Sprintf("登出失败: %s", err.Error()))
 	}

-	return Success(ctx, http.Json{
-		"access_token": token,
-	})
+	return Success(ctx, nil)
 }

 // Info
 //
-//	@Summary		用户信息
-//	@Description	获取当前登录用户信息
-//	@Tags			用户鉴权
-//	@Produce		json
-//	@Security		BearerToken
-//	@Success		200	{object}	SuccessResponse
-//	@Router			/panel/user/info [get]
+//	@Summary	用户信息
+//	@Tags		用户鉴权
+//	@Produce	json
+//	@Security	BearerToken
+//	@Success	200	{object}	SuccessResponse
+//	@Router		/panel/user/info [get]
 func (r *UserController) Info(ctx http.Context) http.Response {
+	userID := cast.ToUint(ctx.Value("user_id"))
 	var user models.User
-	err := facades.Auth(ctx).User(&user)
-	if err != nil {
+	if err := facades.Orm().Query().Where("id", userID).Get(&user); err != nil {
 		facades.Log().Request(ctx.Request()).Tags("面板", "用户").With(map[string]any{
 			"error": err.Error(),
 		}).Info("获取用户信息失败")