nixcn/cms-server
1
0
Fork 1
Code Pull Requests Activity

WIP: Restructing auth api and service
Some checks failed
Backend Check Build (NixCN CMS) TeamCity build failed
Details
Client CMS Check Build (NixCN CMS) TeamCity build finished
Details

Browse Source 
Signed-off-by: Asai Neko <sugar@sne.moe>
This commit is contained in:
Asai Neko
2026-01-28 18:19:24 +08:00
parent e3c0b60337
commit 89e7f1a41a
33 changed files with 773 additions and 1301 deletions
Download Patch File Download Diff File Expand all files Collapse all files

129
service/service_auth/exchange.go Normal file
View File

@@ -0,0 +1,129 @@
package service_auth
import (
"context"
"net/url"
"nixcn-cms/data"
"nixcn-cms/internal/authcode"
"nixcn-cms/internal/exception"
"nixcn-cms/service/shared"
"github.com/google/uuid"
)
type ExchangeData struct {
ClientId string `json:"client_id"`
RedirectUri string `json:"redirect_uri"`
State string `json:"state"`
}
type ExchangePayload struct {
Context context.Context
UserId uuid.UUID
Data *ExchangeData
}
type ExchangeResult struct {
Common shared.CommonResult
Data *struct {
RedirectUri string `json:"redirect_uri"`
}
}
func (self *AuthServiceImpl) Exchange(payload *ExchangePayload) (result *ExchangeResult) {
var err error
userData, err := new(data.User).
GetByUserId(payload.Context, &payload.UserId)
if err != nil {
exception := new(exception.Builder).
SetStatus(exception.StatusServer).
SetService(exception.ServiceAuth).
SetEndpoint(exception.EndpointAuthServiceExchange).
SetType(exception.TypeSpecific).
SetOriginal(exception.AuthExchangeGetUserIdFailed).
SetError(err).
Throw(payload.Context)
result = &ExchangeResult{
Common: shared.CommonResult{
HttpCode: 500,
Exception: exception,
},
Data: nil,
}
return
}
code, err := authcode.NewAuthCode(payload.Context, payload.Data.ClientId, userData.Email)
if err != nil {
exception := new(exception.Builder).
SetStatus(exception.StatusServer).
SetService(exception.ServiceAuth).
SetEndpoint(exception.EndpointAuthServiceExchange).
SetType(exception.TypeSpecific).
SetOriginal(exception.AuthExchangeCodeGenFailed).
SetError(err).
Throw(payload.Context)
result = &ExchangeResult{
Common: shared.CommonResult{
HttpCode: 500,
Exception: exception,
},
Data: nil,
}
return
}
url, err := url.Parse(payload.Data.RedirectUri)
if err != nil {
exception := new(exception.Builder).
SetStatus(exception.StatusUser).
SetService(exception.ServiceAuth).
SetEndpoint(exception.EndpointAuthServiceExchange).
SetType(exception.TypeSpecific).
SetOriginal(exception.AuthExchangeInvalidRedirectUri).
SetError(err).
Throw(payload.Context)
result = &ExchangeResult{
Common: shared.CommonResult{
HttpCode: 400,
Exception: exception,
},
Data: nil,
}
return
}
query := url.Query()
query.Set("code", code)
url.RawQuery = query.Encode()
exception := new(exception.Builder).
SetStatus(exception.StatusSuccess).
SetService(exception.ServiceAuth).
SetEndpoint(exception.EndpointAuthServiceExchange).
SetType(exception.TypeCommon).
SetOriginal(exception.CommonSuccess).
SetError(nil).
Throw(payload.Context)
resultData := struct {
RedirectUri string `json:"redirect_uri"`
}{url.String()}
result = &ExchangeResult{
Common: shared.CommonResult{
HttpCode: 200,
Exception: exception,
},
Data: &resultData,
}
return
}

184
service/service_auth/magic.go Normal file
View File

@@ -0,0 +1,184 @@
package service_auth
import (
"context"
"net/url"
"nixcn-cms/internal/authcode"
"nixcn-cms/internal/email"
"nixcn-cms/internal/exception"
"nixcn-cms/internal/turnstile"
"nixcn-cms/service/shared"
"github.com/spf13/viper"
)
type MagicData struct {
ClientId string `json:"client_id"`
RedirectUri string `json:"redirect_uri"`
State string `json:"state"`
Email string `json:"email"`
TurnstileToken string `json:"turnstile_token"`
ClientIP string `json:"client_ip"`
}
type MagicPayload struct {
Context context.Context
Data *MagicData
}
type MagicResult struct {
Common shared.CommonResult
Data any
}
func (self *AuthServiceImpl) Magic(payload *MagicPayload) (result *MagicResult) {
var err error
ok, err := turnstile.VerifyTurnstile(payload.Data.TurnstileToken, payload.Data.ClientIP)
if err != nil || !ok {
exception := new(exception.Builder).
SetStatus(exception.StatusUser).
SetService(exception.ServiceAuth).
SetEndpoint(exception.EndpointAuthServiceMagic).
SetType(exception.TypeSpecific).
SetOriginal(exception.AuthMagicTurnstileFailed).
SetError(err).
Throw(payload.Context)
result = &MagicResult{
Common: shared.CommonResult{
HttpCode: 403,
Exception: exception,
},
Data: nil,
}
return
}
code, err := authcode.NewAuthCode(payload.Context, payload.Data.ClientId, payload.Data.Email)
if err != nil {
exception := new(exception.Builder).
SetStatus(exception.StatusServer).
SetService(exception.ServiceAuth).
SetEndpoint(exception.EndpointAuthServiceMagic).
SetType(exception.TypeSpecific).
SetOriginal(exception.AuthMagicCodeGenFailed).
SetError(err).
Throw(payload.Context)
result = &MagicResult{
Common: shared.CommonResult{
HttpCode: 500,
Exception: exception,
},
Data: nil,
}
return
}
externalUrl := viper.GetString("server.external_url")
url, err := url.Parse(externalUrl)
if err != nil {
exception := new(exception.Builder).
SetStatus(exception.StatusServer).
SetService(exception.ServiceAuth).
SetEndpoint(exception.EndpointAuthServiceMagic).
SetType(exception.TypeSpecific).
SetOriginal(exception.AuthMagicInvalidExternalUrl).
SetError(err).
Throw(payload.Context)
result = &MagicResult{
Common: shared.CommonResult{
HttpCode: 500,
Exception: exception,
},
Data: nil,
}
return
}
url.Path = "/api/v1/auth/redirect"
query := url.Query()
query.Set("code", code)
query.Set("redirect_uri", payload.Data.RedirectUri)
query.Set("state", payload.Data.State)
query.Set("client_id", payload.Data.ClientId)
url.RawQuery = query.Encode()
debugMode := viper.GetBool("server.debug_mode")
if debugMode {
uriData := struct {
Uri string `json:"uri"`
}{url.String()}
exception := new(exception.Builder).
SetStatus(exception.StatusServer).
SetService(exception.ServiceAuth).
SetEndpoint(exception.EndpointAuthServiceMagic).
SetType(exception.TypeCommon).
SetOriginal(exception.CommonSuccess).
SetError(nil).
Throw(payload.Context)
result = &MagicResult{
Common: shared.CommonResult{
HttpCode: 200,
Exception: exception,
},
Data: uriData,
}
return
} else {
emailClient, err := new(email.Client).NewSMTPClient()
if err != nil {
exception := new(exception.Builder).
SetStatus(exception.StatusServer).
SetService(exception.ServiceAuth).
SetEndpoint(exception.EndpointAuthServiceMagic).
SetType(exception.TypeSpecific).
SetOriginal(exception.AuthMagicInvalidEmailConfig).
SetError(err).
Throw(payload.Context)
result = &MagicResult{
Common: shared.CommonResult{
HttpCode: 500,
Exception: exception,
},
Data: nil,
}
return
}
emailClient.Send(
"NixCN CMS <cms@yuri.nix.org.cn>",
payload.Data.Email,
"NixCN CMS Email Verify",
"<p>Click the link below to verify your email. This link will expire in 10 minutes.</p><a href="+url.String()+">"+url.String()+"</a>",
)
}
exception := new(exception.Builder).
SetStatus(exception.StatusServer).
SetService(exception.ServiceAuth).
SetEndpoint(exception.EndpointAuthServiceMagic).
SetType(exception.TypeCommon).
SetOriginal(exception.CommonSuccess).
SetError(nil).
Throw(payload.Context)
result = &MagicResult{
Common: shared.CommonResult{
HttpCode: 200,
Exception: exception,
},
Data: nil,
}
return
}

27
service/service_auth/redirect.go Normal file
View File

@@ -0,0 +1,27 @@
package service_auth
import (
"context"
"nixcn-cms/service/shared"
)
type RedirectData struct {
ClientId string `json:"client_id"`
RedirectUri string `json:"redirect_uri"`
State string `json:"state"`
Code string `json:"code"`
}
type RedirectPayload struct {
Context context.Context
Data *RedirectData
}
type RedirectResult struct {
Common shared.CommonResult
Data string
}
func (self *AuthServiceImpl) Redirect(payload *RedirectPayload) (result *RedirectResult) {
}

12
service/service_auth/service.go Normal file
View File

@@ -0,0 +1,12 @@
package service_auth
type AuthService interface {
Exchange(*ExchangePayload) *ExchangeResult
Magic(*MagicPayload) *MagicResult
}
type AuthServiceImpl struct{}
func NewAuthService() AuthService {
return &AuthServiceImpl{}
}